Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2022-1199
Vulnerability from cvelistv5
Published
2022-08-29 00:00
Modified
2024-08-02 23:55
Severity ?
EPSS score ?
Summary
A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T23:55:24.300Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2022/04/02/5", }, { tags: [ "x_transferred", ], url: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", }, { tags: [ "x_transferred", ], url: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", }, { tags: [ "x_transferred", ], url: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/CVE-2022-1199", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20221228-0006/", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Kernel", vendor: "n/a", versions: [ { status: "affected", version: "Fixed in kernel v5.18-rc4", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-416", description: "CWE-416 - Use After Free, CWE-476 - NULL Pointer Dereference.", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2022-12-28T00:00:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { url: "https://www.openwall.com/lists/oss-security/2022/04/02/5", }, { url: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", }, { url: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", }, { url: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", }, { url: "https://access.redhat.com/security/cve/CVE-2022-1199", }, { url: "https://security.netapp.com/advisory/ntap-20221228-0006/", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2022-1199", datePublished: "2022-08-29T00:00:00", dateReserved: "2022-03-31T00:00:00", dateUpdated: "2024-08-02T23:55:24.300Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { nvd: "{\"cve\":{\"id\":\"CVE-2022-1199\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2022-08-29T15:15:10.527\",\"lastModified\":\"2024-11-21T06:40:14.437\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.\"},{\"lang\":\"es\",\"value\":\"Se ha encontrado un fallo en el kernel de Linux. Este fallo permite a un atacante bloquear el kernel de Linux al simular la radioafición desde el espacio de usuario, resultando en una vulnerabilidad null-ptr-deref y una vulnerabilidad de uso de memoria previamente liberada\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"},{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.17.14\",\"matchCriteriaId\":\"3D3A8707-E93D-4072-839F-EB77EEC3695E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"0384FA0A-DE99-48D7-84E3-46ED0C3B5E03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6AD94161-84BB-42E6-9882-4FC0C42E9FC1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AB06DDF-3C2B-416D-B448-E990D8FF67A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:5.18:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"EAE6C6C5-4D21-4C04-897C-70CBBB3D7B91\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6770B6C3-732E-4E22-BF1C-2D2FD610061C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9C8C20-42EB-4AB5-BD97-212DEB070C43\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7FFF7106-ED78-49BA-9EC5-B889E3685D53\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E63D8B0F-006E-4801-BF9D-1C001BBFB4F9\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"56409CEC-5A1E-4450-AA42-641E459CC2AF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B06F4839-D16A-4A61-9BB5-55B13F41E47F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0B4AD8A-F172-4558-AEC6-FF424BA2D912\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8497A4C9-8474-4A62-8331-3FE862ED4098\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CDDF61B7-EC5C-467C-B710-B89F502CD04F\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/security/cve/CVE-2022-1199\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2070694\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221228-0006/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/04/02/5\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/security/cve/CVE-2022-1199\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2070694\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20221228-0006/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2022/04/02/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}", }, }
gsd-2022-1199
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.
Aliases
Aliases
{ GSD: { alias: "CVE-2022-1199", description: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", id: "GSD-2022-1199", references: [ "https://www.suse.com/security/cve/CVE-2022-1199.html", "https://security.archlinux.org/CVE-2022-1199", "https://www.debian.org/security/2022/dsa-5127", "https://www.debian.org/security/2022/dsa-5173", "https://ubuntu.com/security/CVE-2022-1199", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2022-1199", ], details: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", id: "GSD-2022-1199", modified: "2023-12-13T01:19:28.239034Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2022-1199", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Kernel", version: { version_data: [ { version_value: "Fixed in kernel v5.18-rc4", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-416 - Use After Free, CWE-476 - NULL Pointer Dereference.", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { name: "https://www.openwall.com/lists/oss-security/2022/04/02/5", refsource: "MISC", url: "https://www.openwall.com/lists/oss-security/2022/04/02/5", }, { name: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", }, { name: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", }, { name: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", refsource: "MISC", url: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", }, { name: "https://access.redhat.com/security/cve/CVE-2022-1199", refsource: "MISC", url: "https://access.redhat.com/security/cve/CVE-2022-1199", }, { name: "https://security.netapp.com/advisory/ntap-20221228-0006/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20221228-0006/", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.18:rc3:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "5.17.14", vulnerable: true, }, { cpe23Uri: "cpe:2.3:o:linux:linux_kernel:5.18:-:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2022-1199", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "CWE-476", }, { lang: "en", value: "CWE-416", }, ], }, ], }, references: { reference_data: [ { name: "https://www.openwall.com/lists/oss-security/2022/04/02/5", refsource: "MISC", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2022/04/02/5", }, { name: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", refsource: "MISC", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { name: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", }, { name: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", refsource: "MISC", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", }, { name: "https://access.redhat.com/security/cve/CVE-2022-1199", refsource: "MISC", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2022-1199", }, { name: "https://security.netapp.com/advisory/ntap-20221228-0006/", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221228-0006/", }, ], }, }, impact: { baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, }, }, lastModifiedDate: "2023-02-02T17:12Z", publishedDate: "2022-08-29T15:15Z", }, }, }
fkie_cve-2022-1199
Vulnerability from fkie_nvd
Published
2022-08-29 15:15
Modified
2024-11-21 06:40
Severity ?
Summary
A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | 5.18 | |
| linux | linux_kernel | 5.18 | |
| linux | linux_kernel | 5.18 | |
| linux | linux_kernel | 5.18 | |
| redhat | enterprise_linux | 6.0 | |
| netapp | active_iq_unified_manager | - | |
| netapp | h300s_firmware | - | |
| netapp | h300s | - | |
| netapp | h500s_firmware | - | |
| netapp | h500s | - | |
| netapp | h700s_firmware | - | |
| netapp | h700s | - | |
| netapp | h410s_firmware | - | |
| netapp | h410s | - | |
| netapp | h410c_firmware | - | |
| netapp | h410c | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", matchCriteriaId: "3D3A8707-E93D-4072-839F-EB77EEC3695E", versionEndIncluding: "5.17.14", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.18:-:*:*:*:*:*:*", matchCriteriaId: "0384FA0A-DE99-48D7-84E3-46ED0C3B5E03", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.18:rc1:*:*:*:*:*:*", matchCriteriaId: "6AD94161-84BB-42E6-9882-4FC0C42E9FC1", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.18:rc2:*:*:*:*:*:*", matchCriteriaId: "7AB06DDF-3C2B-416D-B448-E990D8FF67A9", vulnerable: true, }, { criteria: "cpe:2.3:o:linux:linux_kernel:5.18:rc3:*:*:*:*:*:*", matchCriteriaId: "EAE6C6C5-4D21-4C04-897C-70CBBB3D7B91", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*", matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*", matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*", matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*", matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*", matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*", matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", }, { lang: "es", value: "Se ha encontrado un fallo en el kernel de Linux. Este fallo permite a un atacante bloquear el kernel de Linux al simular la radioafición desde el espacio de usuario, resultando en una vulnerabilidad null-ptr-deref y una vulnerabilidad de uso de memoria previamente liberada", }, ], id: "CVE-2022-1199", lastModified: "2024-11-21T06:40:14.437", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-08-29T15:15:10.527", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2022-1199", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221228-0006/", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2022/04/02/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/CVE-2022-1199", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20221228-0006/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.openwall.com/lists/oss-security/2022/04/02/5", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "secalert@redhat.com", type: "Primary", }, { description: [ { lang: "en", value: "CWE-416", }, { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Secondary", }, ], }
icsa-23-166-12
Vulnerability from csaf_cisa
Published
2023-06-13 00:00
Modified
2023-06-13 00:00
Summary
Siemens SINAMICS Medium Voltage Products
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Summary
Several SINAMICS MV (medium voltage) products are affected by multiple vulnerabilities in the integrated SCALANCE S615 device, as documented in SSA-419740 (
https://cert-portal.siemens.com/productcert/html/ssa-419740.html).
Siemens recommends to update the firmware of the integrated SCALANCE S615 device to the latest version. Siemens recommends specific countermeasures for products where the firmware update is not, or not yet applied.
Additional considerations regarding the specific impact of the vulnerabilities to SINAMICS MV products can be found in the chapter "Additional Information".
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimizing network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locating control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, using more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities. These vulnerabilities are exploitable remotely. These vulnerabilities have low attack complexity.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "summary", text: "Several SINAMICS MV (medium voltage) products are affected by multiple vulnerabilities in the integrated SCALANCE S615 device, as documented in SSA-419740 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-419740.html).\nSiemens recommends to update the firmware of the integrated SCALANCE S615 device to the latest version. Siemens recommends specific countermeasures for products where the firmware update is not, or not yet applied.\n\nAdditional considerations regarding the specific impact of the vulnerabilities to SINAMICS MV products can be found in the chapter \"Additional Information\".", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimizing network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locating control system networks and remote devices behind firewalls and isolating them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, using more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities. These vulnerabilities are exploitable remotely. These vulnerabilities have low attack complexity.", title: "Exploitability", }, ], publisher: { category: "other", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-942865.json", }, { category: "self", summary: "ICS Advisory ICSA-23-166-12 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-166-12.json", }, { category: "self", summary: "SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-942865.html", }, { category: "self", summary: "SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-942865.pdf", }, { category: "self", summary: "SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-942865.txt", }, { category: "self", summary: "ICS Advisory ICSA-23-166-12 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-12", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SINAMICS Medium Voltage Products", tracking: { current_release_date: "2023-06-13T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1", }, }, id: "ICSA-23-166-12", initial_release_date: "2023-06-13T00:00:00.000000Z", revision_history: [ { date: "2023-06-13T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "vers:all/*", product: { name: "SINAMICS GL150", product_id: "1", }, }, ], category: "product_name", name: "SINAMICS GL150", }, { branches: [ { category: "product_version_range", name: "vers:all/*", product: { name: "SINAMICS PERFECT HARMONY GH180 6SR5", product_id: "2", }, }, ], category: "product_name", name: "SINAMICS PERFECT HARMONY GH180 6SR5", }, { branches: [ { category: "product_version_range", name: "vers:all/*", product: { name: "SINAMICS SL150", product_id: "3", }, }, ], category: "product_name", name: "SINAMICS SL150", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2018-25032", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2018-25032", }, { cve: "CVE-2021-42374", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that internally supports LZMA compression.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42374", }, { cve: "CVE-2021-42378", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42378", }, { cve: "CVE-2021-42379", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42379", }, { cve: "CVE-2021-42380", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42380", }, { cve: "CVE-2021-42381", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42381", }, { cve: "CVE-2021-42382", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42382", }, { cve: "CVE-2021-42383", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42383", }, { cve: "CVE-2021-42384", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42384", }, { cve: "CVE-2021-42385", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42385", }, { cve: "CVE-2021-42386", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42386", }, { cve: "CVE-2022-0547", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-0547", }, { cve: "CVE-2022-1199", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-1199", }, { cve: "CVE-2022-1292", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-1292", }, { cve: "CVE-2022-1343", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-1343", }, { cve: "CVE-2022-1473", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-1473", }, { cve: "CVE-2022-23308", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-23308", }, { cve: "CVE-2022-32205", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "A malicious server can serve excessive amounts of \"Set-Cookie:\" headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on \"foo.example.com\" can set cookies that also would match for \"bar.example.com\", making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-32205", }, { cve: "CVE-2022-32206", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-32206", }, { cve: "CVE-2022-32207", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-32207", }, { cve: "CVE-2022-32208", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-32208", }, { cve: "CVE-2022-35252", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, notes: [ { category: "summary", text: "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-35252", }, { cve: "CVE-2022-36946", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-36946", }, ], }
ICSA-23-166-12
Vulnerability from csaf_cisa
Published
2023-06-13 00:00
Modified
2023-06-13 00:00
Summary
Siemens SINAMICS Medium Voltage Products
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Summary
Several SINAMICS MV (medium voltage) products are affected by multiple vulnerabilities in the integrated SCALANCE S615 device, as documented in SSA-419740 (
https://cert-portal.siemens.com/productcert/html/ssa-419740.html).
Siemens recommends to update the firmware of the integrated SCALANCE S615 device to the latest version. Siemens recommends specific countermeasures for products where the firmware update is not, or not yet applied.
Additional considerations regarding the specific impact of the vulnerabilities to SINAMICS MV products can be found in the chapter "Additional Information".
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter "License Terms"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter "Terms of Use"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.
Critical infrastructure sectors
Multiple
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimizing network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
Recommended Practices
Locating control system networks and remote devices behind firewalls and isolating them from business networks.
Recommended Practices
When remote access is required, using more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Exploitability
No known public exploits specifically target these vulnerabilities. These vulnerabilities are exploitable remotely. These vulnerabilities have low attack complexity.
{ document: { acknowledgments: [ { organization: "Siemens ProductCERT", summary: "reporting these vulnerabilities to CISA.", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "summary", text: "Several SINAMICS MV (medium voltage) products are affected by multiple vulnerabilities in the integrated SCALANCE S615 device, as documented in SSA-419740 (\nhttps://cert-portal.siemens.com/productcert/html/ssa-419740.html).\nSiemens recommends to update the firmware of the integrated SCALANCE S615 device to the latest version. Siemens recommends specific countermeasures for products where the firmware update is not, or not yet applied.\n\nAdditional considerations regarding the specific impact of the vulnerabilities to SINAMICS MV products can be found in the chapter \"Additional Information\".", title: "Summary", }, { category: "general", text: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", title: "General Recommendations", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, { category: "legal_disclaimer", text: "Siemens Security Advisories are subject to the terms and conditions contained in Siemens' underlying license terms or other applicable agreements previously agreed to with Siemens (hereinafter \"License Terms\"). To the extent applicable to information, software or documentation made available in or through a Siemens Security Advisory, the Terms of Use of Siemens' Global Website (https://www.siemens.com/terms_of_use, hereinafter \"Terms of Use\"), in particular Sections 8-10 of the Terms of Use, shall apply additionally. In case of conflicts, the License Terms shall prevail over the Terms of Use.", title: "Terms of Use", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "other", text: "This CISA CSAF advisory was converted from Siemens ProductCERT's CSAF advisory.", title: "Advisory Conversion Disclaimer", }, { category: "other", text: "Multiple", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", title: "Recommended Practices", }, { category: "general", text: "Minimizing network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.", title: "Recommended Practices", }, { category: "general", text: "Locating control system networks and remote devices behind firewalls and isolating them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, using more secure methods, such as Virtual Private Networks (VPNs). Recognize VPNs may have vulnerabilities, should be updated to the most recent version available, and are only as secure as the connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "other", text: "No known public exploits specifically target these vulnerabilities. These vulnerabilities are exploitable remotely. These vulnerabilities have low attack complexity.", title: "Exploitability", }, ], publisher: { category: "other", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "self", summary: "SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-942865.json", }, { category: "self", summary: "ICS Advisory ICSA-23-166-12 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-166-12.json", }, { category: "self", summary: "SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products - HTML Version", url: "https://cert-portal.siemens.com/productcert/html/ssa-942865.html", }, { category: "self", summary: "SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-942865.pdf", }, { category: "self", summary: "SSA-942865: Multiple Vulnerabilities in the Integrated SCALANCE S615 of SINAMICS Medium Voltage Products - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-942865.txt", }, { category: "self", summary: "ICS Advisory ICSA-23-166-12 - Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-12", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/topics/industrial-control-systems", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B", }, ], title: "Siemens SINAMICS Medium Voltage Products", tracking: { current_release_date: "2023-06-13T00:00:00.000000Z", generator: { engine: { name: "CISA CSAF Generator", version: "1", }, }, id: "ICSA-23-166-12", initial_release_date: "2023-06-13T00:00:00.000000Z", revision_history: [ { date: "2023-06-13T00:00:00.000000Z", legacy_version: "1.0", number: "1", summary: "Publication Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "vers:all/*", product: { name: "SINAMICS GL150", product_id: "1", }, }, ], category: "product_name", name: "SINAMICS GL150", }, { branches: [ { category: "product_version_range", name: "vers:all/*", product: { name: "SINAMICS PERFECT HARMONY GH180 6SR5", product_id: "2", }, }, ], category: "product_name", name: "SINAMICS PERFECT HARMONY GH180 6SR5", }, { branches: [ { category: "product_version_range", name: "vers:all/*", product: { name: "SINAMICS SL150", product_id: "3", }, }, ], category: "product_name", name: "SINAMICS SL150", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2018-25032", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2018-25032", }, { cve: "CVE-2021-42374", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that internally supports LZMA compression.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42374", }, { cve: "CVE-2021-42378", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42378", }, { cve: "CVE-2021-42379", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42379", }, { cve: "CVE-2021-42380", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42380", }, { cve: "CVE-2021-42381", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42381", }, { cve: "CVE-2021-42382", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42382", }, { cve: "CVE-2021-42383", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42383", }, { cve: "CVE-2021-42384", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42384", }, { cve: "CVE-2021-42385", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42385", }, { cve: "CVE-2021-42386", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2021-42386", }, { cve: "CVE-2022-0547", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-0547", }, { cve: "CVE-2022-1199", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-1199", }, { cve: "CVE-2022-1292", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-1292", }, { cve: "CVE-2022-1343", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Under certain circumstances, the command line OCSP verify function reports successful verification when the verification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-1343", }, { cve: "CVE-2022-1473", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-1473", }, { cve: "CVE-2022-23308", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-23308", }, { cve: "CVE-2022-32205", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "A malicious server can serve excessive amounts of \"Set-Cookie:\" headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on \"foo.example.com\" can set cookies that also would match for \"bar.example.com\", making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-32205", }, { cve: "CVE-2022-32206", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-32206", }, { cve: "CVE-2022-32207", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-32207", }, { cve: "CVE-2022-32208", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-32208", }, { cve: "CVE-2022-35252", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, notes: [ { category: "summary", text: "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-35252", }, { cve: "CVE-2022-36946", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "Summary", }, ], product_status: { known_affected: [ "1", "2", "3", ], }, remediations: [ { category: "mitigation", details: "Restrict physical access to the affected drives, also to their Ethernet Port included on the front of the control door", product_ids: [ "1", "2", "3", ], }, { category: "mitigation", details: "Disconnect any direct network connection to the integrated SCALANCE S615 device", product_ids: [ "1", "2", "3", ], }, { category: "vendor_fix", details: "Update the firmware of the integrated SCALANCE S615 device to V7.2 or later version", product_ids: [ "1", "2", "3", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "1", "2", "3", ], }, ], title: "CVE-2022-36946", }, ], }
ICSA-23-075-01
Vulnerability from csaf_cisa
Published
2023-03-31 17:50
Modified
2023-03-31 17:50
Summary
Siemens SCALANCE, RUGGEDCOM Third-Party
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to inject code or cause a denial-of-service condition.
Critical infrastructure sectors
Multiple Sectors
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
Do not click web links or open attachments in unsolicited email messages.
Recommended Practices
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Recommended Practices
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Recommended Practices
No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
{ document: { acknowledgments: [ { organization: "Siemens", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an attacker to inject code or cause a denial-of-service condition.", title: "Risk evaluation", }, { category: "other", text: "Multiple Sectors", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", title: "Recommended Practices", }, { category: "general", text: "Do not click web links or open attachments in unsolicited email messages.", title: "Recommended Practices", }, { category: "general", text: "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", title: "Recommended Practices", }, { category: "general", text: "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", title: "Recommended Practices", }, { category: "general", text: "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.", title: "Recommended Practices", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "external", summary: "SSA-419740: Multiple\tThird-Party Component Vulnerabilities in RUGGEDCOM and SCALANCE Products before V7.2 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-419740.json", }, { category: "self", summary: "ICS Advisory ICSA-23-075-01 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-075-01.json", }, { category: "self", summary: "ICS Advisory ICSA-23-075-01 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-075-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/Recommended-Practices", }, { category: "external", summary: "Recommended Practices", url: "https://cisa.gov/ics", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ncas/tips/ST04-014", }, { category: "external", summary: "SSA-419740: Multiple\tThird-Party Component Vulnerabilities in RUGGEDCOM and SCALANCE Products before V7.2 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-419740.pdf", }, { category: "external", summary: "SSA-419740: Multiple\tThird-Party Component Vulnerabilities in RUGGEDCOM and SCALANCE Products before V7.2 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-419740.txt", }, ], title: "Siemens SCALANCE, RUGGEDCOM Third-Party", tracking: { current_release_date: "2023-03-31T17:50:48.679470Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-23-075-01", initial_release_date: "2023-03-31T17:50:48.679470Z", revision_history: [ { date: "2023-03-31T17:50:48.679470Z", legacy_version: "1", number: "1", summary: "CSAF Creation Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", product_id: "CSAFPID-0001", product_identification_helper: { model_numbers: [ "6GK6108-4AM00-2BA2", ], }, }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", product_id: "CSAFPID-0002", product_identification_helper: { model_numbers: [ "6GK6108-4AM00-2DA2", ], }, }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", product_id: "CSAFPID-0003", product_identification_helper: { model_numbers: [ "6GK5804-0AP00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2)", product_id: "CSAFPID-0004", product_identification_helper: { model_numbers: [ "6GK5812-1AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)", product_id: "CSAFPID-0005", product_identification_helper: { model_numbers: [ "6GK5812-1BA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2)", product_id: "CSAFPID-0006", product_identification_helper: { model_numbers: [ "6GK5816-1AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2)", product_id: "CSAFPID-0007", product_identification_helper: { model_numbers: [ "6GK5816-1BA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", product_id: "CSAFPID-0008", product_identification_helper: { model_numbers: [ "6GK5826-2AB00-2AB2", ], }, }, }, ], category: "product_name", name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", product_id: "CSAFPID-0009", product_identification_helper: { model_numbers: [ "6GK5874-2AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", product_id: "CSAFPID-00010", product_identification_helper: { model_numbers: [ "6GK5874-3AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2)", product_id: "CSAFPID-00011", product_identification_helper: { model_numbers: [ "6GK5876-3AA02-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", product_id: "CSAFPID-00012", product_identification_helper: { model_numbers: [ "6GK5876-3AA02-2EA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", product_id: "CSAFPID-00013", product_identification_helper: { model_numbers: [ "6GK5876-4AA10-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", product_id: "CSAFPID-00014", product_identification_helper: { model_numbers: [ "6GK5876-4AA00-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", product_id: "CSAFPID-00015", product_identification_helper: { model_numbers: [ "6GK5876-4AA00-2DA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", product_id: "CSAFPID-00016", product_identification_helper: { model_numbers: [ "6GK5853-2EA00-2DA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", product_id: "CSAFPID-00017", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3DA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", product_id: "CSAFPID-00018", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3AA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE S615 (6GK5615-0AA00-2AA2)", product_id: "CSAFPID-00019", product_identification_helper: { model_numbers: [ "6GK5615-0AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE S615 (6GK5615-0AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE S615 EEC (6GK5615-0AA01-2AA2)", product_id: "CSAFPID-00020", product_identification_helper: { model_numbers: [ "6GK5615-0AA01-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE S615 EEC (6GK5615-0AA01-2AA2)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2018-25032", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-25032", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2018-25032", }, { cve: "CVE-2019-1125", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "summary", text: "An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1125", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2019-1125", }, { cve: "CVE-2021-4034", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4034", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-4034", }, { cve: "CVE-2021-4149", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4149", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-4149", }, { cve: "CVE-2021-26401", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26401", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-26401", }, { cve: "CVE-2021-42373", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42373", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42373", }, { cve: "CVE-2021-42374", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that internally supports LZMA compression.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42374", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42374", }, { cve: "CVE-2021-42375", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42375", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42375", }, { cve: "CVE-2021-42376", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \\x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42376", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42376", }, { cve: "CVE-2021-42377", cwe: { id: "CWE-763", name: "Release of Invalid Pointer or Reference", }, notes: [ { category: "summary", text: "An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42377", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42377", }, { cve: "CVE-2021-42378", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42378", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42378", }, { cve: "CVE-2021-42379", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42379", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42379", }, { cve: "CVE-2021-42380", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42380", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42380", }, { cve: "CVE-2021-42381", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42381", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42381", }, { cve: "CVE-2021-42382", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42382", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42382", }, { cve: "CVE-2021-42383", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42383", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42383", }, { cve: "CVE-2021-42384", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42384", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42384", }, { cve: "CVE-2021-42385", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42385", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42385", }, { cve: "CVE-2021-42386", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42386", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42386", }, { cve: "CVE-2022-0001", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0001", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-0001", }, { cve: "CVE-2022-0002", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0002", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-0002", }, { cve: "CVE-2022-0494", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "summary", text: "A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0494", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-0494", }, { cve: "CVE-2022-0547", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0547", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-0547", }, { cve: "CVE-2022-1011", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1011", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1011", }, { cve: "CVE-2022-1016", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1016", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1016", }, { cve: "CVE-2022-1198", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1198", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1198", }, { cve: "CVE-2022-1199", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1199", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1199", }, { cve: "CVE-2022-1292", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1292", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1292", }, { cve: "CVE-2022-1304", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1304", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1304", }, { cve: "CVE-2022-1343", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Under certain circumstances, the command line OCSP verify function reports successful verification when the varification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1343", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1343", }, { cve: "CVE-2022-1353", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "summary", text: "A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1353", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1353", }, { cve: "CVE-2022-1473", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1473", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1473", }, { cve: "CVE-2022-1516", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1516", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1516", }, { cve: "CVE-2022-1652", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1652", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1652", }, { cve: "CVE-2022-1729", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1729", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1729", }, { cve: "CVE-2022-1734", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1734", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1734", }, { cve: "CVE-2022-1974", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1974", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1974", }, { cve: "CVE-2022-1975", cwe: { id: "CWE-248", name: "Uncaught Exception", }, notes: [ { category: "summary", text: "There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1975", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1975", }, { cve: "CVE-2022-2380", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2380", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-2380", }, { cve: "CVE-2022-2588", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2588", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-2588", }, { cve: "CVE-2022-2639", cwe: { id: "CWE-191", name: "Integer Underflow (Wrap or Wraparound)", }, notes: [ { category: "summary", text: "An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2639", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-2639", }, { cve: "CVE-2022-20158", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182815710References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20158", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-20158", }, { cve: "CVE-2022-23036", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23036", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23036", }, { cve: "CVE-2022-23037", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23037", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23037", }, { cve: "CVE-2022-23038", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23038", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23038", }, { cve: "CVE-2022-23039", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23039", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23039", }, { cve: "CVE-2022-23040", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23040", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23040", }, { cve: "CVE-2022-23041", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23041", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23041", }, { cve: "CVE-2022-23042", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23042", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23042", }, { cve: "CVE-2022-23308", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23308", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23308", }, { cve: "CVE-2022-26490", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26490", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-26490", }, { cve: "CVE-2022-28356", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28356", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-28356", }, { cve: "CVE-2022-28390", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28390", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-28390", }, { cve: "CVE-2022-30065", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30065", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-30065", }, { cve: "CVE-2022-30594", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30594", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-30594", }, { cve: "CVE-2022-32205", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "A malicious server can serve excessive amounts of \"Set-Cookie:\" headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on \"foo.example.com\" can set cookies that also would match for \"bar.example.com\", making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32205", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32205", }, { cve: "CVE-2022-32206", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32206", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32206", }, { cve: "CVE-2022-32207", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32207", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32207", }, { cve: "CVE-2022-32208", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32208", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32208", }, { cve: "CVE-2022-32296", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32296", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32296", }, { cve: "CVE-2022-32981", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32981", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32981", }, { cve: "CVE-2022-33981", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33981", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-33981", }, { cve: "CVE-2022-35252", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, notes: [ { category: "summary", text: "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35252", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-35252", }, { cve: "CVE-2022-36879", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36879", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-36879", }, { cve: "CVE-2022-36946", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36946", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-36946", }, ], }
icsa-23-075-01
Vulnerability from csaf_cisa
Published
2023-03-31 17:50
Modified
2023-03-31 17:50
Summary
Siemens SCALANCE, RUGGEDCOM Third-Party
Notes
CISA Disclaimer
This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Risk evaluation
Successful exploitation of these vulnerabilities could allow an attacker to inject code or cause a denial-of-service condition.
Critical infrastructure sectors
Multiple Sectors
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
Recommended Practices
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
Recommended Practices
Do not click web links or open attachments in unsolicited email messages.
Recommended Practices
Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
Recommended Practices
Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
Recommended Practices
No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
{ document: { acknowledgments: [ { organization: "Siemens", summary: "reporting these vulnerabilities to CISA", }, ], category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Disclosure is not limited", tlp: { label: "WHITE", url: "https://us-cert.cisa.gov/tlp/", }, }, lang: "en-US", notes: [ { category: "general", text: "This CSAF advisory was extracted from unstructured data and may contain inaccuracies. If you notice any errors, please reach out to the designated contact at CISA CSAF: central@cisa.dhs.gov", title: "CISA Disclaimer", }, { category: "legal_disclaimer", text: "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", title: "Legal Notice", }, { category: "summary", text: "Successful exploitation of these vulnerabilities could allow an attacker to inject code or cause a denial-of-service condition.", title: "Risk evaluation", }, { category: "other", text: "Multiple Sectors", title: "Critical infrastructure sectors", }, { category: "other", text: "Worldwide", title: "Countries/areas deployed", }, { category: "other", text: "Germany", title: "Company headquarters location", }, { category: "general", text: "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:", title: "Recommended Practices", }, { category: "general", text: "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.", title: "Recommended Practices", }, { category: "general", text: "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", title: "Recommended Practices", }, { category: "general", text: "When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.", title: "Recommended Practices", }, { category: "general", text: "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", title: "Recommended Practices", }, { category: "general", text: "CISA also provides a section for control systems security recommended practices on the ICS webpage at cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", title: "Recommended Practices", }, { category: "general", text: "Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", title: "Recommended Practices", }, { category: "general", text: "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", title: "Recommended Practices", }, { category: "general", text: "CISA also recommends users take the following measures to protect themselves from social engineering attacks:", title: "Recommended Practices", }, { category: "general", text: "Do not click web links or open attachments in unsolicited email messages.", title: "Recommended Practices", }, { category: "general", text: "Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.", title: "Recommended Practices", }, { category: "general", text: "Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.", title: "Recommended Practices", }, { category: "general", text: "No known public exploits specifically target these vulnerabilities. These vulnerabilities are not exploitable remotely.", title: "Recommended Practices", }, { category: "general", text: "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", title: "Additional Resources", }, ], publisher: { category: "coordinator", contact_details: "Email: CISAservicedesk@cisa.dhs.gov;\n Toll Free: 1-888-282-0870", name: "CISA", namespace: "https://www.cisa.gov/", }, references: [ { category: "external", summary: "SSA-419740: Multiple\tThird-Party Component Vulnerabilities in RUGGEDCOM and SCALANCE Products before V7.2 - CSAF Version", url: "https://cert-portal.siemens.com/productcert/csaf/ssa-419740.json", }, { category: "self", summary: "ICS Advisory ICSA-23-075-01 JSON", url: "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2023/icsa-23-075-01.json", }, { category: "self", summary: "ICS Advisory ICSA-23-075-01 Web Version", url: "https://www.cisa.gov/news-events/ics-advisories/icsa-23-075-01", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01", }, { category: "external", summary: "Recommended Practices", url: "https://us-cert.cisa.gov/ics/Recommended-Practices", }, { category: "external", summary: "Recommended Practices", url: "https://cisa.gov/ics", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/sites/default/files/publications/emailscams0905.pdf", }, { category: "external", summary: "Recommended Practices", url: "https://www.cisa.gov/uscert/ncas/tips/ST04-014", }, { category: "external", summary: "SSA-419740: Multiple\tThird-Party Component Vulnerabilities in RUGGEDCOM and SCALANCE Products before V7.2 - PDF Version", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-419740.pdf", }, { category: "external", summary: "SSA-419740: Multiple\tThird-Party Component Vulnerabilities in RUGGEDCOM and SCALANCE Products before V7.2 - TXT Version", url: "https://cert-portal.siemens.com/productcert/txt/ssa-419740.txt", }, ], title: "Siemens SCALANCE, RUGGEDCOM Third-Party", tracking: { current_release_date: "2023-03-31T17:50:48.679470Z", generator: { engine: { name: "CISA CSAF Generator", version: "1.0.0", }, }, id: "ICSA-23-075-01", initial_release_date: "2023-03-31T17:50:48.679470Z", revision_history: [ { date: "2023-03-31T17:50:48.679470Z", legacy_version: "1", number: "1", summary: "CSAF Creation Date", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", product_id: "CSAFPID-0001", product_identification_helper: { model_numbers: [ "6GK6108-4AM00-2BA2", ], }, }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", product_id: "CSAFPID-0002", product_identification_helper: { model_numbers: [ "6GK6108-4AM00-2DA2", ], }, }, }, ], category: "product_name", name: "RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", product_id: "CSAFPID-0003", product_identification_helper: { model_numbers: [ "6GK5804-0AP00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M804PB (6GK5804-0AP00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2)", product_id: "CSAFPID-0004", product_identification_helper: { model_numbers: [ "6GK5812-1AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (Annex A) (6GK5812-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)", product_id: "CSAFPID-0005", product_identification_helper: { model_numbers: [ "6GK5812-1BA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M812-1 ADSL-Router (Annex B) (6GK5812-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2)", product_id: "CSAFPID-0006", product_identification_helper: { model_numbers: [ "6GK5816-1AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (Annex A) (6GK5816-1AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2)", product_id: "CSAFPID-0007", product_identification_helper: { model_numbers: [ "6GK5816-1BA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M816-1 ADSL-Router (Annex B) (6GK5816-1BA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", product_id: "CSAFPID-0008", product_identification_helper: { model_numbers: [ "6GK5826-2AB00-2AB2", ], }, }, }, ], category: "product_name", name: "SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", product_id: "CSAFPID-0009", product_identification_helper: { model_numbers: [ "6GK5874-2AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-2 (6GK5874-2AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", product_id: "CSAFPID-00010", product_identification_helper: { model_numbers: [ "6GK5874-3AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M874-3 (6GK5874-3AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2)", product_id: "CSAFPID-00011", product_identification_helper: { model_numbers: [ "6GK5876-3AA02-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-3 (EVDO) (6GK5876-3AA02-2BA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", product_id: "CSAFPID-00012", product_identification_helper: { model_numbers: [ "6GK5876-3AA02-2EA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", product_id: "CSAFPID-00013", product_identification_helper: { model_numbers: [ "6GK5876-4AA10-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (6GK5876-4AA10-2BA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", product_id: "CSAFPID-00014", product_identification_helper: { model_numbers: [ "6GK5876-4AA00-2BA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", product_id: "CSAFPID-00015", product_identification_helper: { model_numbers: [ "6GK5876-4AA00-2DA2", ], }, }, }, ], category: "product_name", name: "SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", product_id: "CSAFPID-00016", product_identification_helper: { model_numbers: [ "6GK5853-2EA00-2DA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", product_id: "CSAFPID-00017", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3DA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", product_id: "CSAFPID-00018", product_identification_helper: { model_numbers: [ "6GK5856-2EA00-3AA1", ], }, }, }, ], category: "product_name", name: "SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE S615 (6GK5615-0AA00-2AA2)", product_id: "CSAFPID-00019", product_identification_helper: { model_numbers: [ "6GK5615-0AA00-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE S615 (6GK5615-0AA00-2AA2)", }, { branches: [ { category: "product_version_range", name: "< V7.2", product: { name: "SCALANCE S615 EEC (6GK5615-0AA01-2AA2)", product_id: "CSAFPID-00020", product_identification_helper: { model_numbers: [ "6GK5615-0AA01-2AA2", ], }, }, }, ], category: "product_name", name: "SCALANCE S615 EEC (6GK5615-0AA01-2AA2)", }, ], category: "vendor", name: "Siemens", }, ], }, vulnerabilities: [ { cve: "CVE-2018-25032", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-25032", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2018-25032", }, { cve: "CVE-2019-1125", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "summary", text: "An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-1125", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2019-1125", }, { cve: "CVE-2021-4034", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4034", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-4034", }, { cve: "CVE-2021-4149", cwe: { id: "CWE-667", name: "Improper Locking", }, notes: [ { category: "summary", text: "A vulnerability was found in btrfs_alloc_tree_b in fs/btrfs/extent-tree.c in the Linux kernel due to an improper lock operation in btrfs. In this flaw, a user with a local privilege may cause a denial of service (DOS) due to a deadlock problem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-4149", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-4149", }, { cve: "CVE-2021-26401", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "LFENCE/JMP (mitigation V2-2) may not sufficiently mitigate CVE-2017-5715 on some AMD CPUs.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-26401", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-26401", }, { cve: "CVE-2021-42373", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42373", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42373", }, { cve: "CVE-2021-42374", cwe: { id: "CWE-125", name: "Out-of-bounds Read", }, notes: [ { category: "summary", text: "An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that internally supports LZMA compression.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42374", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42374", }, { cve: "CVE-2021-42375", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42375", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42375", }, { cve: "CVE-2021-42376", cwe: { id: "CWE-476", name: "NULL Pointer Dereference", }, notes: [ { category: "summary", text: "A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \\x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42376", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42376", }, { cve: "CVE-2021-42377", cwe: { id: "CWE-763", name: "Release of Invalid Pointer or Reference", }, notes: [ { category: "summary", text: "An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered command input.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42377", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42377", }, { cve: "CVE-2021-42378", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42378", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42378", }, { cve: "CVE-2021-42379", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42379", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42379", }, { cve: "CVE-2021-42380", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42380", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42380", }, { cve: "CVE-2021-42381", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42381", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42381", }, { cve: "CVE-2021-42382", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42382", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42382", }, { cve: "CVE-2021-42383", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42383", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42383", }, { cve: "CVE-2021-42384", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42384", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42384", }, { cve: "CVE-2021-42385", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42385", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42385", }, { cve: "CVE-2021-42386", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in awk leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42386", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.6, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2021-42386", }, { cve: "CVE-2022-0001", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Non-transparent sharing of branch predictor selectors between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0001", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-0001", }, { cve: "CVE-2022-0002", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Non-transparent sharing of branch predictor within a context in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0002", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-0002", }, { cve: "CVE-2022-0494", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "summary", text: "A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0494", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-0494", }, { cve: "CVE-2022-0547", cwe: { id: "CWE-287", name: "Improper Authentication", }, notes: [ { category: "summary", text: "OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-0547", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-0547", }, { cve: "CVE-2022-1011", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1011", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1011", }, { cve: "CVE-2022-1016", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1016", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1016", }, { cve: "CVE-2022-1198", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1198", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1198", }, { cve: "CVE-2022-1199", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1199", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1199", }, { cve: "CVE-2022-1292", cwe: { id: "CWE-78", name: "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", }, notes: [ { category: "summary", text: "The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1292", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1292", }, { cve: "CVE-2022-1304", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1304", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1304", }, { cve: "CVE-2022-1343", cwe: { id: "CWE-295", name: "Improper Certificate Validation", }, notes: [ { category: "summary", text: "Under certain circumstances, the command line OCSP verify function reports successful verification when the varification in fact failed. In this case the incorrect successful response will also be accompanied by error messages showing the failure and contradicting the apparently successful result.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1343", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1343", }, { cve: "CVE-2022-1353", cwe: { id: "CWE-200", name: "Exposure of Sensitive Information to an Unauthorized Actor", }, notes: [ { category: "summary", text: "A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1353", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.1, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1353", }, { cve: "CVE-2022-1473", cwe: { id: "CWE-404", name: "Improper Resource Shutdown or Release", }, notes: [ { category: "summary", text: "The used OpenSSL version improperly reuses memory when decoding certificates or keys. This can lead to a process termination and Denial of Service for long lived processes.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1473", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1473", }, { cve: "CVE-2022-1516", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A NULL pointer dereference flaw was found in the Linux kernel’s X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1516", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1516", }, { cve: "CVE-2022-1652", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1652", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1652", }, { cve: "CVE-2022-1729", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1729", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1729", }, { cve: "CVE-2022-1734", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1734", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1734", }, { cve: "CVE-2022-1974", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free flaw was found in the Linux kernel's NFC core functionality due to a race condition between kobject creation and delete. This vulnerability allows a local attacker with CAP_NET_ADMIN privilege to leak kernel information.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1974", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1974", }, { cve: "CVE-2022-1975", cwe: { id: "CWE-248", name: "Uncaught Exception", }, notes: [ { category: "summary", text: "There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1975", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-1975", }, { cve: "CVE-2022-2380", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2380", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-2380", }, { cve: "CVE-2022-2588", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a route filter before freeing it in some situations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2588", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-2588", }, { cve: "CVE-2022-2639", cwe: { id: "CWE-191", name: "Integer Underflow (Wrap or Wraparound)", }, notes: [ { category: "summary", text: "An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reserve_sfa_size() function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write access. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2639", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-2639", }, { cve: "CVE-2022-20158", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-182815710References: Upstream kernel", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20158", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.7, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-20158", }, { cve: "CVE-2022-23036", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23036", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23036", }, { cve: "CVE-2022-23037", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23037", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23037", }, { cve: "CVE-2022-23038", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23038", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23038", }, { cve: "CVE-2022-23039", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23039", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23039", }, { cve: "CVE-2022-23040", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23040", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23040", }, { cve: "CVE-2022-23041", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23041", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23041", }, { cve: "CVE-2022-23042", cwe: { id: "CWE-362", name: "Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", }, notes: [ { category: "summary", text: "Linux PV device frontends vulnerable to attacks by backends [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23042", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23042", }, { cve: "CVE-2022-23308", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "valid.c in libxml2 before 2.9.13 has a use-after-free of ID and IDREF attributes.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23308", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-23308", }, { cve: "CVE-2022-26490", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-26490", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-26490", }, { cve: "CVE-2022-28356", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28356", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-28356", }, { cve: "CVE-2022-28390", cwe: { id: "CWE-415", name: "Double Free", }, notes: [ { category: "summary", text: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-28390", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-28390", }, { cve: "CVE-2022-30065", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30065", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-30065", }, { cve: "CVE-2022-30594", cwe: { id: "CWE-863", name: "Incorrect Authorization", }, notes: [ { category: "summary", text: "The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30594", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-30594", }, { cve: "CVE-2022-32205", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "A malicious server can serve excessive amounts of \"Set-Cookie:\" headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on \"foo.example.com\" can set cookies that also would match for \"bar.example.com\", making it it possible for a \"sister server\" to effectively cause a denial of service for a sibling site on the same second level domain using this method.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32205", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 4.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32205", }, { cve: "CVE-2022-32206", cwe: { id: "CWE-770", name: "Allocation of Resources Without Limits or Throttling", }, notes: [ { category: "summary", text: "curl < 7.84.0 supports \"chained\" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable \"links\" in this \"decompression chain\" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a \"malloc bomb\", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32206", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 6.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32206", }, { cve: "CVE-2022-32207", cwe: { id: "CWE-276", name: "Incorrect Default Permissions", }, notes: [ { category: "summary", text: "When curl < 7.84.0 saves cookies, alt-svc and hsts data to local files, it makes the operation atomic by finalizing the operation with a rename from a temporary name to the final target file name.In that rename operation, it might accidentally *widen* the permissions for the target file, leaving the updated file accessible to more users than intended.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32207", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 9.8, baseSeverity: "CRITICAL", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32207", }, { cve: "CVE-2022-32208", cwe: { id: "CWE-787", name: "Out-of-bounds Write", }, notes: [ { category: "summary", text: "When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32208", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.9, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32208", }, { cve: "CVE-2022-32296", cwe: { id: "CWE-203", name: "Observable Discrepancy", }, notes: [ { category: "summary", text: "The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 (\"Double-Hash Port Selection Algorithm\") of RFC 6056.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32296", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32296", }, { cve: "CVE-2022-32981", cwe: { id: "CWE-120", name: "Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-32981", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-32981", }, { cve: "CVE-2022-33981", cwe: { id: "CWE-416", name: "Use After Free", }, notes: [ { category: "summary", text: "drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-33981", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 3.3, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-33981", }, { cve: "CVE-2022-35252", cwe: { id: "CWE-1286", name: "Improper Validation of Syntactic Correctness of Input", }, notes: [ { category: "summary", text: "When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a\"sister site\" to deny service to all siblings.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-35252", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-35252", }, { cve: "CVE-2022-36879", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36879", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-36879", }, { cve: "CVE-2022-36946", cwe: { id: "CWE-20", name: "Improper Input Validation", }, notes: [ { category: "summary", text: "nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.", title: "Summary", }, ], product_status: { known_affected: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, references: [ { category: "external", summary: "web.nvd.nist.gov", url: "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-36946", }, { category: "external", summary: "www.first.org", url: "https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", }, ], remediations: [ { category: "vendor_fix", details: "Update to V7.2 or later version", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], url: "https://support.industry.siemens.com/cs/document/109817007/", }, { category: "mitigation", details: "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", product_ids: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C", version: "3.1", }, products: [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004", "CSAFPID-0005", "CSAFPID-0006", "CSAFPID-0007", "CSAFPID-0008", "CSAFPID-0009", "CSAFPID-00010", "CSAFPID-00011", "CSAFPID-00012", "CSAFPID-00013", "CSAFPID-00014", "CSAFPID-00015", "CSAFPID-00016", "CSAFPID-00017", "CSAFPID-00018", "CSAFPID-00019", "CSAFPID-00020", ], }, ], title: "CVE-2022-36946", }, ], }
ghsa-rc6f-9g56-mr6q
Vulnerability from github
Published
2022-08-29 20:06
Modified
2022-09-07 00:01
Severity ?
Details
A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.
{ affected: [], aliases: [ "CVE-2022-1199", ], database_specific: { cwe_ids: [ "CWE-476", ], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2022-08-29T15:15:00Z", severity: "HIGH", }, details: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", id: "GHSA-rc6f-9g56-mr6q", modified: "2022-09-07T00:01:53Z", published: "2022-08-29T20:06:50Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-1199", }, { type: "WEB", url: "https://github.com/torvalds/linux/commit/4e0f718daf97d47cf7dec122da1be970f145c809", }, { type: "WEB", url: "https://github.com/torvalds/linux/commit/71171ac8eb34ce7fe6b3267dce27c313ab3cb3ac", }, { type: "WEB", url: "https://github.com/torvalds/linux/commit/7ec02f5ac8a5be5a3f20611731243dc5e1d9ba10", }, { type: "WEB", url: "https://access.redhat.com/security/cve/CVE-2022-1199", }, { type: "WEB", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { type: "WEB", url: "https://security.netapp.com/advisory/ntap-20221228-0006", }, { type: "WEB", url: "https://www.openwall.com/lists/oss-security/2022/04/02/5", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", type: "CVSS_V3", }, ], }
suse-su-2022:1163-1
Vulnerability from csaf_suse
Published
2022-04-12 12:59
Modified
2022-04-12 12:59
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space. (bnc#1196823)
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)
- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198028)
- CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)
- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).
- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a local attacker with a user privilege to execute a denial of service. (bsc#1198029)
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel. (bnc#1198032)
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel. (bnc#1198031)
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#1197331)
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation. (bnc#1197702)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c. (bsc#1196761)
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file. (bnc#1197366)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
- CVE-2022-27223: Fixed an out-of-array access in /usb/gadget/udc/udc-xilinx.c. (bsc#1197245)
- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956)
- CVE-2021-45402: Fixed a pointer leak in check_alu_op() of kernel/bpf/verifier.c. (bsc#1196130).
- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers. (bsc#1196488)
The following non-security bugs were fixed:
- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).
- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: topology: Allow TLV control to be either read or write (git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018).
- block: update io_ticks when io hang (bsc#1197817).
- block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
- bpf: Remove config check to enable bpf support for branch records (git-fixes bsc#1177028).
- btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1194649).
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs (bsc#1194649).
- btrfs: check error value from btrfs_update_inode in tree log (bsc#1194649).
- btrfs: check if a log root exists before locking the log_mutex on unlink (bsc#1194649).
- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
- btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1194649).
- btrfs: do not log new dentries when logging that a new name exists (bsc#1194649).
- btrfs: eliminate some false positives when checking if inode was logged (bsc#1194649).
- btrfs: fix race leading to unnecessary transaction commit when logging inode (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor inodes (bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction commit (bsc#1194649).
- btrfs: fix race that results in logging old extents during a fast fsync (bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
- btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1194649).
- btrfs: Remove unnecessary check from join_running_log_trans (bsc#1194649).
- btrfs: remove unnecessary directory inode item update when deleting dir entry (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing log (bsc#1194649).
- btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#1194649).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).
- cifs: do not skip link targets when an I/O fails (bsc#1194625).
- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).
- crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).
- driver core: dd: fix return value of __setup handler (git-fixes).
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).
- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).
- drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).
- drm/doc: overview before functions for drm_writeback.c (git-fixes).
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- drm/i915/gem: add missing boundary check in vm_access (git-fixes).
- drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).
- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling (git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).
- Drop HID multitouch fix patch (bsc#1197243),
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- ecryptfs: Fix typo in message (bsc#1197811).
- EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1178134).
- ext2: correct max file size computing (bsc#1197820).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).
- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).
- gpio: ts4900: Do not set DAT and OE together (git-fixes).
- gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes).
- HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
- iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
- iio: inkern: apply consumer scale when no channel scale is available (git-fixes).
- iio: inkern: make a best effort on offset calculation (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- iwlwifi: do not advertise TWT support (git-fixes).
- kernel-binary.spec: Do not use the default certificate path (bsc#1194943).
- KVM: SVM: Do not flush cache if hardware enforces cache coherency across encryption domains (bsc#1178134).
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- mac80211: refuse aggregations sessions before authorized (git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: bttv: fix WARNING regression on tunerless devices (git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: hantro: Fix overfill bottom register field name (git-fixes).
- media: Revert 'media: em28xx: add missing em28xx_close_extension' (git-fixes).
- media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- memory: emif: Add check for setup_interrupts (git-fixes).
- memory: emif: check the pointer temp in get_device_details() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
- mm_zone: add function to check if managed dma zone exists (bsc#1197501).
- mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).
- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (git-fixes).
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx() (git-fixes).
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).
- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018).
- net: watchdog: hold device global xmit lock during tx disable (git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- net/smc: Reset conn->lgr when link group registration fails (git-fixes).
- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- NFC: port100: fix use-after-free in port100_send_complete (git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
- NFS: Do not skip directory entries when doing uncached readdir (git-fixes).
- NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
- nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).
- NFSv4.1: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
- NFSv4/pNFS: Fix another issue with a list iterator pointing to the head (git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).
- pinctrl: mediatek: paris: Fix 'argument' argument type for mtk_pinconf_get() (git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
- pinctrl: samsung: drop pin banks references on error paths (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).
- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
- powerpc/perf: Expose Performance Monitor Counter SPR's as part of extended regs (bsc#1198077 ltc#197299).
- powerpc/perf: Include PMCs as part of per-cpu cpuhw_events struct (bsc#1198077 ltc#197299).
- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- printk: Add panic_in_progress helper (bsc#1197894).
- printk: disable optimistic spin during panic (bsc#1197894).
- pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).
- Revert 'build initrd without systemd' (bsc#1197300).
- Revert 'Input: clear BTN_RIGHT/MIDDLE on buttonpads' (bsc#1197243).
- Revert 'module, async: async_synchronize_full() on module init iff async is used' (bsc#1197888).
- Revert 'Revert 'build initrd without systemd' (bsc#1197300)'
- Revert 'usb: dwc3: gadget: Use list_replace_init() before traversing lists' (git-fixes).
- s390/bpf: Perform r1 range checking before accessing jit->seen_reg (git-fixes).
- s390/gmap: do not unconditionally call pte_unmap_unlock() in __gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/hypfs: include z/VM guests with access control group set (bsc#1195640 LTC#196352).
- s390/kexec_file: fix error handling when applying relocations (git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- s390/mm: fix VMA and page table handling code in storage key handling functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
- s390/module: fix loading modules with a lot of relocations (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling follow_pte() (git-fixes).
- s390/tape: fix timer initialization in tape_std_assign() (bsc#1197677 LTC#197378).
- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
- serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
- serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time (bsc#1180153).
- team: protect features update by RCU to avoid deadlock (git-fixes).
- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).
- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m -> VIRTIO_PCI=y
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (git-fixes).
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- usb: bdc: remove duplicated error message (git-fixes).
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- usb: bdc: use devm_platform_ioremap_resource() to simplify code (git-fixes).
- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).
- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).
- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).
- usb: dwc3: gadget: Use list_replace_init() before traversing lists (git-fixes).
- usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe (git-fixes).
- usb: dwc3: qcom: add IRQ check (git-fixes).
- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (git-fixes).
- usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).
- usb: host: xen-hcd: add missing unlock in error path (git-fixes).
- usb: hub: Fix locking issues with address0_mutex (git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature (bsc#1178134).
- x86/mm/pat: Do not flush cache if hardware enforces cache coherency across encryption domnains (bsc#1178134).
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#1178134).
- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
- xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396).
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Patchnames
SUSE-2022-1163,SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1163,openSUSE-SLE-15.3-2022-1163
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space. (bnc#1196823)\n- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)\n- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198028)\n- CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)\n- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).\n- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a local attacker with a user privilege to execute a denial of service. (bsc#1198029)\n- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033)\n- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel. (bnc#1198032)\n- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel. (bnc#1198031)\n- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#1197331)\n- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation. (bnc#1197702)\n- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c. (bsc#1196761)\n- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)\n- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file. (bnc#1197366)\n- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)\n- CVE-2022-27223: Fixed an out-of-array access in /usb/gadget/udc/udc-xilinx.c. (bsc#1197245)\n- CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956)\n- CVE-2021-45402: Fixed a pointer leak in check_alu_op() of kernel/bpf/verifier.c. (bsc#1196130).\n- CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers. (bsc#1196488)\n\n\nThe following non-security bugs were fixed:\n\n- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).\n- ACPI: APEI: fix return value of __setup handlers (git-fixes).\n- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).\n- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).\n- ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).\n- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).\n- ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).\n- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).\n- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).\n- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).\n- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).\n- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).\n- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).\n- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).\n- ALSA: spi: Add check for clk_enable() (git-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).\n- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).\n- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).\n- ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).\n- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).\n- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).\n- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).\n- ASoC: fsi: Add check for clk_enable (git-fixes).\n- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).\n- ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).\n- ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).\n- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).\n- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).\n- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).\n- ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).\n- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).\n- ASoC: SOF: topology: remove redundant code (git-fixes).\n- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).\n- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).\n- ASoC: topology: Allow TLV control to be either read or write (git-fixes).\n- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).\n- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).\n- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).\n- ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes).\n- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018).\n- block: update io_ticks when io hang (bsc#1197817).\n- block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).\n- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).\n- bpf: Remove config check to enable bpf support for branch records (git-fixes bsc#1177028).\n- btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1194649).\n- btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1194649).\n- btrfs: avoid unnecessary logging of xattrs during fast fsyncs (bsc#1194649).\n- btrfs: check error value from btrfs_update_inode in tree log (bsc#1194649).\n- btrfs: check if a log root exists before locking the log_mutex on unlink (bsc#1194649).\n- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).\n- btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1194649).\n- btrfs: do not log new dentries when logging that a new name exists (bsc#1194649).\n- btrfs: eliminate some false positives when checking if inode was logged (bsc#1194649).\n- btrfs: fix race leading to unnecessary transaction commit when logging inode (bsc#1194649).\n- btrfs: fix race that causes unnecessary logging of ancestor inodes (bsc#1194649).\n- btrfs: fix race that makes inode logging fallback to transaction commit (bsc#1194649).\n- btrfs: fix race that results in logging old extents during a fast fsync (bsc#1194649).\n- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).\n- btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1194649).\n- btrfs: Remove unnecessary check from join_running_log_trans (bsc#1194649).\n- btrfs: remove unnecessary directory inode item update when deleting dir entry (bsc#1194649).\n- btrfs: remove unnecessary list head initialization when syncing log (bsc#1194649).\n- btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#1194649).\n- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).\n- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).\n- can: mcba_usb: properly check endpoint type (git-fixes).\n- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).\n- cifs: do not skip link targets when an I/O fails (bsc#1194625).\n- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).\n- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: bcm2835: Remove unused variable (git-fixes).\n- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).\n- clk: Initialize orphan req_rate (git-fixes).\n- clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: nxp: Remove unused variable (git-fixes).\n- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).\n- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).\n- clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).\n- clk: uniphier: Fix fixed-rate initialization (git-fixes).\n- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).\n- clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).\n- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)\n- crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).\n- crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).\n- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).\n- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).\n- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).\n- crypto: qat - do not cast parameter in bit operations (git-fixes).\n- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).\n- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).\n- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).\n- crypto: vmx - add missing dependencies (git-fixes).\n- dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).\n- driver core: dd: fix return value of __setup handler (git-fixes).\n- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).\n- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).\n- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).\n- drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).\n- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).\n- drm/doc: overview before functions for drm_writeback.c (git-fixes).\n- drm/i915: Fix dbuf slice config lookup (git-fixes).\n- drm/i915/gem: add missing boundary check in vm_access (git-fixes).\n- drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).\n- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).\n- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).\n- drm/msm/dpu: add DSPP blocks teardown (git-fixes).\n- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).\n- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).\n- drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes).\n- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).\n- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling (git-fixes).\n- drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).\n- Drop HID multitouch fix patch (bsc#1197243),\n- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).\n- ecryptfs: Fix typo in message (bsc#1197811).\n- EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1178134).\n- ext2: correct max file size computing (bsc#1197820).\n- firmware: google: Properly state IOMEM dependency (git-fixes).\n- firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).\n- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).\n- gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes).\n- gpio: ts4900: Do not set DAT and OE together (git-fixes).\n- gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes).\n- HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).\n- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).\n- hwmon: (pmbus) Add Vin unit off handling (git-fixes).\n- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).\n- hwrng: atmel - disable trng on failure path (git-fixes).\n- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).\n- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).\n- iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).\n- iio: adc: Add check for devm_request_threaded_irq (git-fixes).\n- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).\n- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).\n- iio: inkern: apply consumer scale when no channel scale is available (git-fixes).\n- iio: inkern: make a best effort on offset calculation (git-fixes).\n- Input: aiptek - properly check endpoint type (git-fixes).\n- iwlwifi: do not advertise TWT support (git-fixes).\n- kernel-binary.spec: Do not use the default certificate path (bsc#1194943).\n- KVM: SVM: Do not flush cache if hardware enforces cache coherency across encryption domains (bsc#1178134).\n- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).\n- mac80211: fix potential double free on mesh join (git-fixes).\n- mac80211: refuse aggregations sessions before authorized (git-fixes).\n- media: aspeed: Correct value for h-total-pixels (git-fixes).\n- media: bttv: fix WARNING regression on tunerless devices (git-fixes).\n- media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).\n- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).\n- media: em28xx: initialize refcount before kref_get (git-fixes).\n- media: hantro: Fix overfill bottom register field name (git-fixes).\n- media: Revert 'media: em28xx: add missing em28xx_close_extension' (git-fixes).\n- media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).\n- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).\n- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).\n- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)\n- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)\n- memory: emif: Add check for setup_interrupts (git-fixes).\n- memory: emif: check the pointer temp in get_device_details() (git-fixes).\n- misc: alcor_pci: Fix an error handling path (git-fixes).\n- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).\n- mm_zone: add function to check if managed dma zone exists (bsc#1197501).\n- mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).\n- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).\n- mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes).\n- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (git-fixes).\n- net: enetc: initialize the RFS and RSS memories (git-fixes).\n- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx() (git-fixes).\n- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).\n- net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes).\n- net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).\n- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).\n- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018).\n- net: watchdog: hold device global xmit lock during tx disable (git-fixes).\n- net/smc: Fix loop in smc_listen (git-fixes).\n- net/smc: fix using of uninitialized completions (git-fixes).\n- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).\n- net/smc: Make sure the link_id is unique (git-fixes).\n- net/smc: Reset conn->lgr when link group registration fails (git-fixes).\n- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).\n- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).\n- NFC: port100: fix use-after-free in port100_send_complete (git-fixes).\n- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).\n- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).\n- NFS: Do not skip directory entries when doing uncached readdir (git-fixes).\n- NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).\n- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).\n- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).\n- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).\n- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).\n- nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).\n- NFSv4.1: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).\n- NFSv4/pNFS: Fix another issue with a list iterator pointing to the head (git-fixes).\n- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).\n- pinctrl: mediatek: paris: Fix 'argument' argument type for mtk_pinconf_get() (git-fixes).\n- pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).\n- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).\n- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).\n- pinctrl: samsung: drop pin banks references on error paths (git-fixes).\n- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).\n- PM: hibernate: fix __setup handler error handling (git-fixes).\n- PM: suspend: fix return value of __setup handler (git-fixes).\n- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).\n- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).\n- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).\n- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).\n- powerpc/perf: Expose Performance Monitor Counter SPR's as part of extended regs (bsc#1198077 ltc#197299).\n- powerpc/perf: Include PMCs as part of per-cpu cpuhw_events struct (bsc#1198077 ltc#197299).\n- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).\n- powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).\n- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).\n- powerpc/xive: fix return value of __setup handler (bsc#1065729).\n- printk: Add panic_in_progress helper (bsc#1197894).\n- printk: disable optimistic spin during panic (bsc#1197894).\n- pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).\n- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).\n- remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).\n- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).\n- Revert 'build initrd without systemd' (bsc#1197300).\n- Revert 'Input: clear BTN_RIGHT/MIDDLE on buttonpads' (bsc#1197243).\n- Revert 'module, async: async_synchronize_full() on module init iff async is used' (bsc#1197888).\n- Revert 'Revert 'build initrd without systemd' (bsc#1197300)'\n- Revert 'usb: dwc3: gadget: Use list_replace_init() before traversing lists' (git-fixes).\n- s390/bpf: Perform r1 range checking before accessing jit->seen_reg (git-fixes).\n- s390/gmap: do not unconditionally call pte_unmap_unlock() in __gmap_zap() (git-fixes).\n- s390/gmap: validate VMA in __gmap_zap() (git-fixes).\n- s390/hypfs: include z/VM guests with access control group set (bsc#1195640 LTC#196352).\n- s390/kexec_file: fix error handling when applying relocations (git-fixes).\n- s390/kexec: fix memory leak of ipl report buffer (git-fixes).\n- s390/kexec: fix return code handling (git-fixes).\n- s390/mm: fix VMA and page table handling code in storage key handling functions (git-fixes).\n- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).\n- s390/module: fix loading modules with a lot of relocations (git-fixes).\n- s390/pci_mmio: fully validate the VMA before calling follow_pte() (git-fixes).\n- s390/tape: fix timer initialization in tape_std_assign() (bsc#1197677 LTC#197378).\n- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).\n- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).\n- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).\n- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).\n- scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Fix typos in comments (bsc#1197675).\n- scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).\n- scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).\n- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).\n- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).\n- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).\n- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).\n- scsi: lpfc: Use fc_block_rport() (bsc#1197675).\n- scsi: lpfc: Use kcalloc() (bsc#1197675).\n- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).\n- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).\n- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).\n- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).\n- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).\n- scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).\n- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).\n- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).\n- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).\n- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).\n- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).\n- scsi: qla2xxx: Fix typos in comments (bsc#1197661).\n- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).\n- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).\n- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).\n- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).\n- scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).\n- serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).\n- serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).\n- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).\n- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).\n- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).\n- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).\n- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).\n- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).\n- staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes).\n- staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).\n- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).\n- tcp: change source port randomizarion at connect() time (bsc#1180153).\n- team: protect features update by RCU to avoid deadlock (git-fixes).\n- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).\n- thermal: int340x: Increase bitmap size (git-fixes).\n- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).\n- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m -> VIRTIO_PCI=y\n- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).\n- usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (git-fixes).\n- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).\n- usb: bdc: remove duplicated error message (git-fixes).\n- usb: bdc: Use devm_clk_get_optional() (git-fixes).\n- usb: bdc: use devm_platform_ioremap_resource() to simplify code (git-fixes).\n- usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes).\n- usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes).\n- usb: dwc2: gadget: Fix kill_all_requests race (git-fixes).\n- usb: dwc3: gadget: Use list_replace_init() before traversing lists (git-fixes).\n- usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe (git-fixes).\n- usb: dwc3: qcom: add IRQ check (git-fixes).\n- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).\n- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (git-fixes).\n- usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).\n- usb: host: xen-hcd: add missing unlock in error path (git-fixes).\n- usb: hub: Fix locking issues with address0_mutex (git-fixes).\n- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).\n- VFS: filename_create(): fix incorrect intent (bsc#1197534).\n- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).\n- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).\n- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).\n- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).\n- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).\n- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).\n- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).\n- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).\n- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).\n- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).\n- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).\n- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).\n- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).\n- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature (bsc#1178134).\n- x86/mm/pat: Do not flush cache if hardware enforces cache coherency across encryption domnains (bsc#1178134).\n- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#1178134).\n- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).\n- xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396).\n- xhci: fix garbage USBSTS being logged in some cases (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-1163,SUSE-SLE-Module-Public-Cloud-15-SP3-2022-1163,openSUSE-SLE-15.3-2022-1163", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1163-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:1163-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20221163-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:1163-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010687.html", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1156395", url: "https://bugzilla.suse.com/1156395", }, { category: "self", summary: "SUSE Bug 1175667", url: "https://bugzilla.suse.com/1175667", }, { category: "self", summary: "SUSE Bug 1177028", url: "https://bugzilla.suse.com/1177028", }, { category: "self", summary: "SUSE Bug 1178134", url: "https://bugzilla.suse.com/1178134", }, { category: "self", summary: "SUSE Bug 1179639", url: "https://bugzilla.suse.com/1179639", }, { category: "self", summary: "SUSE Bug 1180153", url: "https://bugzilla.suse.com/1180153", }, { category: "self", summary: "SUSE Bug 1189562", url: "https://bugzilla.suse.com/1189562", }, { category: "self", summary: "SUSE Bug 1194589", url: "https://bugzilla.suse.com/1194589", }, { category: "self", summary: "SUSE Bug 1194625", url: "https://bugzilla.suse.com/1194625", }, { category: "self", summary: "SUSE Bug 1194649", url: "https://bugzilla.suse.com/1194649", }, { category: "self", summary: "SUSE Bug 1194943", url: "https://bugzilla.suse.com/1194943", }, { category: "self", summary: "SUSE Bug 1195051", url: "https://bugzilla.suse.com/1195051", }, { category: "self", summary: "SUSE Bug 1195353", url: "https://bugzilla.suse.com/1195353", }, { category: "self", summary: "SUSE Bug 1195640", url: "https://bugzilla.suse.com/1195640", }, { category: "self", summary: "SUSE Bug 1195926", url: "https://bugzilla.suse.com/1195926", }, { category: "self", summary: "SUSE Bug 1196018", url: "https://bugzilla.suse.com/1196018", }, { category: "self", summary: "SUSE Bug 1196130", url: "https://bugzilla.suse.com/1196130", }, { category: "self", summary: "SUSE Bug 1196196", url: "https://bugzilla.suse.com/1196196", }, { category: "self", summary: "SUSE Bug 1196478", url: "https://bugzilla.suse.com/1196478", }, { category: "self", summary: "SUSE Bug 1196488", url: "https://bugzilla.suse.com/1196488", }, { category: "self", summary: "SUSE Bug 1196761", url: "https://bugzilla.suse.com/1196761", }, { category: "self", summary: "SUSE Bug 1196823", url: "https://bugzilla.suse.com/1196823", }, { category: "self", summary: "SUSE Bug 1196956", url: "https://bugzilla.suse.com/1196956", }, { category: "self", summary: "SUSE Bug 1197227", url: "https://bugzilla.suse.com/1197227", }, { category: "self", summary: "SUSE Bug 1197243", url: "https://bugzilla.suse.com/1197243", }, { category: "self", summary: "SUSE Bug 1197245", url: "https://bugzilla.suse.com/1197245", }, { category: "self", summary: "SUSE Bug 1197300", url: "https://bugzilla.suse.com/1197300", }, { category: "self", summary: "SUSE Bug 1197302", url: "https://bugzilla.suse.com/1197302", }, { category: "self", summary: "SUSE Bug 1197331", url: "https://bugzilla.suse.com/1197331", }, { category: "self", summary: "SUSE Bug 1197343", url: "https://bugzilla.suse.com/1197343", }, { category: "self", summary: "SUSE Bug 1197366", url: "https://bugzilla.suse.com/1197366", }, { category: "self", summary: "SUSE Bug 1197389", url: "https://bugzilla.suse.com/1197389", }, { category: "self", summary: "SUSE Bug 1197460", url: "https://bugzilla.suse.com/1197460", }, { category: "self", summary: "SUSE Bug 1197462", url: "https://bugzilla.suse.com/1197462", }, { category: "self", summary: "SUSE Bug 1197501", url: "https://bugzilla.suse.com/1197501", }, { category: "self", summary: "SUSE Bug 1197534", url: "https://bugzilla.suse.com/1197534", }, { category: "self", summary: "SUSE Bug 1197661", url: "https://bugzilla.suse.com/1197661", }, { category: "self", summary: "SUSE Bug 1197675", url: "https://bugzilla.suse.com/1197675", }, { category: "self", summary: "SUSE Bug 1197677", url: "https://bugzilla.suse.com/1197677", }, { category: "self", summary: "SUSE Bug 1197702", url: "https://bugzilla.suse.com/1197702", }, { category: "self", summary: "SUSE Bug 1197811", url: "https://bugzilla.suse.com/1197811", }, { category: "self", summary: "SUSE Bug 1197812", url: "https://bugzilla.suse.com/1197812", }, { category: "self", summary: "SUSE Bug 1197815", url: "https://bugzilla.suse.com/1197815", }, { category: "self", summary: "SUSE Bug 1197817", url: "https://bugzilla.suse.com/1197817", }, { category: "self", summary: "SUSE Bug 1197819", url: "https://bugzilla.suse.com/1197819", }, { category: "self", summary: "SUSE Bug 1197820", url: "https://bugzilla.suse.com/1197820", }, { category: "self", summary: "SUSE Bug 1197888", url: "https://bugzilla.suse.com/1197888", }, { category: "self", summary: "SUSE Bug 1197889", url: "https://bugzilla.suse.com/1197889", }, { category: "self", summary: "SUSE Bug 1197894", url: "https://bugzilla.suse.com/1197894", }, { category: "self", summary: "SUSE Bug 1198027", url: "https://bugzilla.suse.com/1198027", }, { category: "self", summary: "SUSE Bug 1198028", url: "https://bugzilla.suse.com/1198028", }, { category: "self", summary: "SUSE Bug 1198029", url: "https://bugzilla.suse.com/1198029", }, { category: "self", summary: "SUSE Bug 1198030", url: "https://bugzilla.suse.com/1198030", }, { category: "self", summary: "SUSE Bug 1198031", url: "https://bugzilla.suse.com/1198031", }, { category: "self", summary: "SUSE Bug 1198032", url: "https://bugzilla.suse.com/1198032", }, { category: "self", summary: "SUSE Bug 1198033", url: "https://bugzilla.suse.com/1198033", }, { category: "self", summary: "SUSE Bug 1198077", url: "https://bugzilla.suse.com/1198077", }, { category: "self", summary: "SUSE CVE CVE-2021-39698 page", url: "https://www.suse.com/security/cve/CVE-2021-39698/", }, { category: "self", summary: "SUSE CVE CVE-2021-45402 page", url: "https://www.suse.com/security/cve/CVE-2021-45402/", }, { category: "self", summary: "SUSE CVE CVE-2021-45868 page", url: "https://www.suse.com/security/cve/CVE-2021-45868/", }, { category: "self", summary: "SUSE CVE CVE-2022-0850 page", url: "https://www.suse.com/security/cve/CVE-2022-0850/", }, { category: "self", summary: "SUSE CVE CVE-2022-0854 page", url: "https://www.suse.com/security/cve/CVE-2022-0854/", }, { category: "self", summary: "SUSE CVE CVE-2022-1011 page", url: "https://www.suse.com/security/cve/CVE-2022-1011/", }, { category: "self", summary: "SUSE CVE CVE-2022-1016 page", url: "https://www.suse.com/security/cve/CVE-2022-1016/", }, { category: "self", summary: "SUSE CVE CVE-2022-1048 page", url: "https://www.suse.com/security/cve/CVE-2022-1048/", }, { category: "self", summary: "SUSE CVE CVE-2022-1055 page", url: "https://www.suse.com/security/cve/CVE-2022-1055/", }, { category: "self", summary: "SUSE CVE CVE-2022-1195 page", url: "https://www.suse.com/security/cve/CVE-2022-1195/", }, { category: "self", summary: "SUSE CVE CVE-2022-1198 page", url: "https://www.suse.com/security/cve/CVE-2022-1198/", }, { category: "self", summary: "SUSE CVE CVE-2022-1199 page", url: "https://www.suse.com/security/cve/CVE-2022-1199/", }, { category: "self", summary: "SUSE CVE CVE-2022-1205 page", url: "https://www.suse.com/security/cve/CVE-2022-1205/", }, { category: "self", summary: "SUSE CVE CVE-2022-23036 page", url: "https://www.suse.com/security/cve/CVE-2022-23036/", }, { category: "self", summary: "SUSE CVE CVE-2022-23037 page", url: "https://www.suse.com/security/cve/CVE-2022-23037/", }, { category: "self", summary: "SUSE CVE CVE-2022-23038 page", url: "https://www.suse.com/security/cve/CVE-2022-23038/", }, { category: "self", summary: "SUSE CVE CVE-2022-23039 page", url: "https://www.suse.com/security/cve/CVE-2022-23039/", }, { category: "self", summary: "SUSE CVE CVE-2022-23040 page", url: "https://www.suse.com/security/cve/CVE-2022-23040/", }, { category: "self", summary: "SUSE CVE CVE-2022-23041 page", url: "https://www.suse.com/security/cve/CVE-2022-23041/", }, { category: "self", summary: "SUSE CVE CVE-2022-23042 page", url: "https://www.suse.com/security/cve/CVE-2022-23042/", }, { category: "self", summary: "SUSE CVE CVE-2022-27223 page", url: "https://www.suse.com/security/cve/CVE-2022-27223/", }, { category: "self", summary: "SUSE CVE CVE-2022-27666 page", url: "https://www.suse.com/security/cve/CVE-2022-27666/", }, { category: "self", summary: "SUSE CVE CVE-2022-28388 page", url: "https://www.suse.com/security/cve/CVE-2022-28388/", }, { category: "self", summary: "SUSE CVE CVE-2022-28389 page", url: "https://www.suse.com/security/cve/CVE-2022-28389/", }, { category: "self", summary: "SUSE CVE CVE-2022-28390 page", url: "https://www.suse.com/security/cve/CVE-2022-28390/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2022-04-12T12:59:54Z", generator: { date: "2022-04-12T12:59:54Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:1163-1", initial_release_date: "2022-04-12T12:59:54Z", revision_history: [ { date: "2022-04-12T12:59:54Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-azure-5.3.18-150300.38.53.1.noarch", product: { name: "kernel-devel-azure-5.3.18-150300.38.53.1.noarch", product_id: "kernel-devel-azure-5.3.18-150300.38.53.1.noarch", }, }, { category: "product_version", name: "kernel-source-azure-5.3.18-150300.38.53.1.noarch", product: { name: "kernel-source-azure-5.3.18-150300.38.53.1.noarch", product_id: "kernel-source-azure-5.3.18-150300.38.53.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", product: { name: "cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", product_id: "cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", product: { name: "dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", product_id: "dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", product: { name: "gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", product_id: "gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-5.3.18-150300.38.53.1.x86_64", product: { name: "kernel-azure-5.3.18-150300.38.53.1.x86_64", product_id: "kernel-azure-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", product: { name: "kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", product_id: "kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", product: { name: "kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", product_id: "kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", product: { name: "kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", product_id: "kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", product: { name: "kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", product_id: "kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", product: { name: "kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", product_id: "kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", product: { name: "kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", product_id: "kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", product: { name: "ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", product_id: "ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", product: { name: "reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", product_id: "reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product: { name: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-public-cloud:15:sp3", }, }, }, { category: "product_name", name: "openSUSE Leap 15.3", product: { name: "openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-azure-5.3.18-150300.38.53.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.3.18-150300.38.53.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-5.3.18-150300.38.53.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", }, product_reference: "kernel-devel-azure-5.3.18-150300.38.53.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-5.3.18-150300.38.53.1.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", }, product_reference: "kernel-source-azure-5.3.18-150300.38.53.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.3.18-150300.38.53.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP3", product_id: "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-devel-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-extra-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-azure-optional-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-azure-5.3.18-150300.38.53.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", }, product_reference: "kernel-devel-azure-5.3.18-150300.38.53.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-azure-5.3.18-150300.38.53.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", }, product_reference: "kernel-source-azure-5.3.18-150300.38.53.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-azure-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", }, product_reference: "reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, ], }, vulnerabilities: [ { cve: "CVE-2021-39698", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-39698", }, ], notes: [ { category: "general", text: "In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-185125206References: Upstream kernel", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-39698", url: "https://www.suse.com/security/cve/CVE-2021-39698", }, { category: "external", summary: "SUSE Bug 1196956 for CVE-2021-39698", url: "https://bugzilla.suse.com/1196956", }, { category: "external", summary: "SUSE Bug 1196959 for CVE-2021-39698", url: "https://bugzilla.suse.com/1196959", }, { category: "external", summary: "SUSE Bug 1209225 for CVE-2021-39698", url: "https://bugzilla.suse.com/1209225", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2021-39698", }, { cve: "CVE-2021-45402", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-45402", }, ], notes: [ { category: "general", text: "The check_alu_op() function in kernel/bpf/verifier.c in the Linux kernel through v5.16-rc5 did not properly update bounds while handling the mov32 instruction, which allows local users to obtain potentially sensitive address information, aka a \"pointer leak.\"", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-45402", url: "https://www.suse.com/security/cve/CVE-2021-45402", }, { category: "external", summary: "SUSE Bug 1196130 for CVE-2021-45402", url: "https://bugzilla.suse.com/1196130", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 6.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2021-45402", }, { cve: "CVE-2021-45868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-45868", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-45868", url: "https://www.suse.com/security/cve/CVE-2021-45868", }, { category: "external", summary: "SUSE Bug 1197366 for CVE-2021-45868", url: "https://bugzilla.suse.com/1197366", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2021-45868", }, { cve: "CVE-2022-0850", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0850", }, ], notes: [ { category: "general", text: "A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0850", url: "https://www.suse.com/security/cve/CVE-2022-0850", }, { category: "external", summary: "SUSE Bug 1196761 for CVE-2022-0850", url: "https://bugzilla.suse.com/1196761", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-0850", }, { cve: "CVE-2022-0854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0854", }, ], notes: [ { category: "general", text: "A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0854", url: "https://www.suse.com/security/cve/CVE-2022-0854", }, { category: "external", summary: "SUSE Bug 1196823 for CVE-2022-0854", url: "https://bugzilla.suse.com/1196823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-0854", }, { cve: "CVE-2022-1011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1011", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1011", url: "https://www.suse.com/security/cve/CVE-2022-1011", }, { category: "external", summary: "SUSE Bug 1197343 for CVE-2022-1011", url: "https://bugzilla.suse.com/1197343", }, { category: "external", summary: "SUSE Bug 1197344 for CVE-2022-1011", url: "https://bugzilla.suse.com/1197344", }, { category: "external", summary: "SUSE Bug 1198687 for CVE-2022-1011", url: "https://bugzilla.suse.com/1198687", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-1011", url: "https://bugzilla.suse.com/1204132", }, { category: "external", summary: "SUSE Bug 1212322 for CVE-2022-1011", url: "https://bugzilla.suse.com/1212322", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-1011", }, { cve: "CVE-2022-1016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1016", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1016", url: "https://www.suse.com/security/cve/CVE-2022-1016", }, { category: "external", summary: "SUSE Bug 1197335 for CVE-2022-1016", url: "https://bugzilla.suse.com/1197335", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-1016", }, { cve: "CVE-2022-1048", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1048", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1048", url: "https://www.suse.com/security/cve/CVE-2022-1048", }, { category: "external", summary: "SUSE Bug 1197331 for CVE-2022-1048", url: "https://bugzilla.suse.com/1197331", }, { category: "external", summary: "SUSE Bug 1197597 for CVE-2022-1048", url: "https://bugzilla.suse.com/1197597", }, { category: "external", summary: "SUSE Bug 1200041 for CVE-2022-1048", url: "https://bugzilla.suse.com/1200041", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-1048", url: "https://bugzilla.suse.com/1204132", }, { category: "external", summary: "SUSE Bug 1212325 for CVE-2022-1048", url: "https://bugzilla.suse.com/1212325", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-1048", }, { cve: "CVE-2022-1055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1055", }, ], notes: [ { category: "general", text: "A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1055", url: "https://www.suse.com/security/cve/CVE-2022-1055", }, { category: "external", summary: "SUSE Bug 1197702 for CVE-2022-1055", url: "https://bugzilla.suse.com/1197702", }, { category: "external", summary: "SUSE Bug 1197705 for CVE-2022-1055", url: "https://bugzilla.suse.com/1197705", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-1055", }, { cve: "CVE-2022-1195", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1195", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1195", url: "https://www.suse.com/security/cve/CVE-2022-1195", }, { category: "external", summary: "SUSE Bug 1198029 for CVE-2022-1195", url: "https://bugzilla.suse.com/1198029", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-1195", }, { cve: "CVE-2022-1198", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1198", }, ], notes: [ { category: "general", text: "A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1198", url: "https://www.suse.com/security/cve/CVE-2022-1198", }, { category: "external", summary: "SUSE Bug 1198030 for CVE-2022-1198", url: "https://bugzilla.suse.com/1198030", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-1198", }, { cve: "CVE-2022-1199", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1199", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1199", url: "https://www.suse.com/security/cve/CVE-2022-1199", }, { category: "external", summary: "SUSE Bug 1198028 for CVE-2022-1199", url: "https://bugzilla.suse.com/1198028", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-1199", }, { cve: "CVE-2022-1205", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1205", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1205", url: "https://www.suse.com/security/cve/CVE-2022-1205", }, { category: "external", summary: "SUSE Bug 1198027 for CVE-2022-1205", url: "https://bugzilla.suse.com/1198027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-1205", }, { cve: "CVE-2022-23036", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23036", }, ], notes: [ { category: "general", text: "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-23036", url: "https://www.suse.com/security/cve/CVE-2022-23036", }, { category: "external", summary: "SUSE Bug 1196488 for CVE-2022-23036", url: "https://bugzilla.suse.com/1196488", }, { category: "external", summary: "SUSE Bug 1199099 for CVE-2022-23036", url: "https://bugzilla.suse.com/1199099", }, { category: "external", summary: "SUSE Bug 1199141 for CVE-2022-23036", url: "https://bugzilla.suse.com/1199141", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-23036", url: "https://bugzilla.suse.com/1204132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-23036", }, { cve: "CVE-2022-23037", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23037", }, ], notes: [ { category: "general", text: "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-23037", url: "https://www.suse.com/security/cve/CVE-2022-23037", }, { category: "external", summary: "SUSE Bug 1199099 for CVE-2022-23037", url: "https://bugzilla.suse.com/1199099", }, { category: "external", summary: "SUSE Bug 1199141 for CVE-2022-23037", url: "https://bugzilla.suse.com/1199141", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-23037", url: "https://bugzilla.suse.com/1204132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-23037", }, { cve: "CVE-2022-23038", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23038", }, ], notes: [ { category: "general", text: "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-23038", url: "https://www.suse.com/security/cve/CVE-2022-23038", }, { category: "external", summary: "SUSE Bug 1199099 for CVE-2022-23038", url: "https://bugzilla.suse.com/1199099", }, { category: "external", summary: "SUSE Bug 1199141 for CVE-2022-23038", url: "https://bugzilla.suse.com/1199141", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-23038", url: "https://bugzilla.suse.com/1204132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-23038", }, { cve: "CVE-2022-23039", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23039", }, ], notes: [ { category: "general", text: "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-23039", url: "https://www.suse.com/security/cve/CVE-2022-23039", }, { category: "external", summary: "SUSE Bug 1199099 for CVE-2022-23039", url: "https://bugzilla.suse.com/1199099", }, { category: "external", summary: "SUSE Bug 1199141 for CVE-2022-23039", url: "https://bugzilla.suse.com/1199141", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-23039", url: "https://bugzilla.suse.com/1204132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-23039", }, { cve: "CVE-2022-23040", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23040", }, ], notes: [ { category: "general", text: "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-23040", url: "https://www.suse.com/security/cve/CVE-2022-23040", }, { category: "external", summary: "SUSE Bug 1199099 for CVE-2022-23040", url: "https://bugzilla.suse.com/1199099", }, { category: "external", summary: "SUSE Bug 1199141 for CVE-2022-23040", url: "https://bugzilla.suse.com/1199141", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-23040", url: "https://bugzilla.suse.com/1204132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-23040", }, { cve: "CVE-2022-23041", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23041", }, ], notes: [ { category: "general", text: "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-23041", url: "https://www.suse.com/security/cve/CVE-2022-23041", }, { category: "external", summary: "SUSE Bug 1199099 for CVE-2022-23041", url: "https://bugzilla.suse.com/1199099", }, { category: "external", summary: "SUSE Bug 1199141 for CVE-2022-23041", url: "https://bugzilla.suse.com/1199141", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-23041", url: "https://bugzilla.suse.com/1204132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-23041", }, { cve: "CVE-2022-23042", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-23042", }, ], notes: [ { category: "general", text: "Linux PV device frontends vulnerable to attacks by backends T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Several Linux PV device frontends are using the grant table interfaces for removing access rights of the backends in ways being subject to race conditions, resulting in potential data leaks, data corruption by malicious backends, and denial of service triggered by malicious backends: blkfront, netfront, scsifront and the gntalloc driver are testing whether a grant reference is still in use. If this is not the case, they assume that a following removal of the granted access will always succeed, which is not true in case the backend has mapped the granted page between those two operations. As a result the backend can keep access to the memory page of the guest no matter how the page will be used after the frontend I/O has finished. The xenbus driver has a similar problem, as it doesn't check the success of removing the granted access of a shared ring buffer. blkfront: CVE-2022-23036 netfront: CVE-2022-23037 scsifront: CVE-2022-23038 gntalloc: CVE-2022-23039 xenbus: CVE-2022-23040 blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, and pvcalls are using a functionality to delay freeing a grant reference until it is no longer in use, but the freeing of the related data page is not synchronized with dropping the granted access. As a result the backend can keep access to the memory page even after it has been freed and then re-used for a different purpose. CVE-2022-23041 netfront will fail a BUG_ON() assertion if it fails to revoke access in the rx path. This will result in a Denial of Service (DoS) situation of the guest which can be triggered by the backend. CVE-2022-23042", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-23042", url: "https://www.suse.com/security/cve/CVE-2022-23042", }, { category: "external", summary: "SUSE Bug 1199099 for CVE-2022-23042", url: "https://bugzilla.suse.com/1199099", }, { category: "external", summary: "SUSE Bug 1199141 for CVE-2022-23042", url: "https://bugzilla.suse.com/1199141", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-23042", url: "https://bugzilla.suse.com/1204132", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.5, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-23042", }, { cve: "CVE-2022-27223", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-27223", }, ], notes: [ { category: "general", text: "In drivers/usb/gadget/udc/udc-xilinx.c in the Linux kernel before 5.16.12, the endpoint index is not validated and might be manipulated by the host for out-of-array access.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-27223", url: "https://www.suse.com/security/cve/CVE-2022-27223", }, { category: "external", summary: "SUSE Bug 1197245 for CVE-2022-27223", url: "https://bugzilla.suse.com/1197245", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-27223", }, { cve: "CVE-2022-27666", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-27666", }, ], notes: [ { category: "general", text: "A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-27666", url: "https://www.suse.com/security/cve/CVE-2022-27666", }, { category: "external", summary: "SUSE Bug 1197131 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197131", }, { category: "external", summary: "SUSE Bug 1197133 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197133", }, { category: "external", summary: "SUSE Bug 1197462 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197462", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "important", }, ], title: "CVE-2022-27666", }, { cve: "CVE-2022-28388", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28388", }, ], notes: [ { category: "general", text: "usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28388", url: "https://www.suse.com/security/cve/CVE-2022-28388", }, { category: "external", summary: "SUSE Bug 1198032 for CVE-2022-28388", url: "https://bugzilla.suse.com/1198032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-28388", }, { cve: "CVE-2022-28389", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28389", }, ], notes: [ { category: "general", text: "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28389", url: "https://www.suse.com/security/cve/CVE-2022-28389", }, { category: "external", summary: "SUSE Bug 1198033 for CVE-2022-28389", url: "https://bugzilla.suse.com/1198033", }, { category: "external", summary: "SUSE Bug 1201657 for CVE-2022-28389", url: "https://bugzilla.suse.com/1201657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-28389", }, { cve: "CVE-2022-28390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28390", }, ], notes: [ { category: "general", text: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28390", url: "https://www.suse.com/security/cve/CVE-2022-28390", }, { category: "external", summary: "SUSE Bug 1198031 for CVE-2022-28390", url: "https://bugzilla.suse.com/1198031", }, { category: "external", summary: "SUSE Bug 1201517 for CVE-2022-28390", url: "https://bugzilla.suse.com/1201517", }, { category: "external", summary: "SUSE Bug 1207969 for CVE-2022-28390", url: "https://bugzilla.suse.com/1207969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "SUSE Linux Enterprise Module for Public Cloud 15 SP3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-extra-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-livepatch-devel-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-azure-optional-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kernel-devel-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-source-azure-5.3.18-150300.38.53.1.noarch", "openSUSE Leap 15.3:kernel-syms-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-azure-5.3.18-150300.38.53.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-azure-5.3.18-150300.38.53.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-12T12:59:54Z", details: "moderate", }, ], title: "CVE-2022-28390", }, ], }
suse-su-2022:1183-1
Vulnerability from csaf_suse
Published
2022-04-13 14:58
Modified
2022-04-13 14:58
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 kernel was updated.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space. (bnc#1196823)
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel. (bnc#1198031)
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel. (bnc#1198032)
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation. (bnc#1197702)
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#1197331)
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file. (bnc#1197366)
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c. (bsc#1196761)
- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198028)
- CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)
- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).
- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a local attacker with a user privilege to execute a denial of service. (bsc#1198029)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
The following non-security bugs were fixed:
- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
- ACPI: docs: enumeration: Update UART serial bus resource documentation (git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).
- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: topology: Allow TLV control to be either read or write (git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018).
- block: update io_ticks when io hang (bsc#1197817).
- block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
- bpf: Remove config check to enable bpf support for branch records (git-fixes bsc#1177028).
- btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1194649).
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs (bsc#1194649).
- btrfs: check error value from btrfs_update_inode in tree log (bsc#1194649).
- btrfs: check if a log root exists before locking the log_mutex on unlink (bsc#1194649).
- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
- btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1194649).
- btrfs: do not log new dentries when logging that a new name exists (bsc#1194649).
- btrfs: eliminate some false positives when checking if inode was logged (bsc#1194649).
- btrfs: fix race leading to unnecessary transaction commit when logging inode (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor inodes (bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction commit (bsc#1194649).
- btrfs: fix race that results in logging old extents during a fast fsync (bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
- btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1194649).
- btrfs: Remove unnecessary check from join_running_log_trans (bsc#1194649).
- btrfs: remove unnecessary directory inode item update when deleting dir entry (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing log (bsc#1194649).
- btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#1194649).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).
- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes).
- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).
- crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).
- driver core: dd: fix return value of __setup handler (git-fixes).
- drm: add a locked version of drm_is_current_master (bsc#1197914).
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- drm: drm_file struct kABI compatibility workaround (bsc#1197914).
- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).
- drm: serialize drm_file.master with a new spinlock (bsc#1197914).
- drm: use the lookup lock in drm_is_current_master (bsc#1197914).
- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).
- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).
- drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).
- drm/doc: overview before functions for drm_writeback.c (git-fixes).
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- drm/i915/gem: add missing boundary check in vm_access (git-fixes).
- drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).
- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling (git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- ecryptfs: Fix typo in message (bsc#1197811).
- ext2: correct max file size computing (bsc#1197820).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).
- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
- HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
- iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
- iio: inkern: apply consumer scale when no channel scale is available (git-fixes).
- iio: inkern: make a best effort on offset calculation (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- iwlwifi: do not advertise TWT support (git-fixes).
- KVM: SVM: Do not flush cache if hardware enforces cache coherency across encryption domains (bsc#1178134).
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- mac80211: refuse aggregations sessions before authorized (git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: bttv: fix WARNING regression on tunerless devices (git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: hantro: Fix overfill bottom register field name (git-fixes).
- media: Revert 'media: em28xx: add missing em28xx_close_extension' (git-fixes).
- media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- memory: emif: Add check for setup_interrupts (git-fixes).
- memory: emif: check the pointer temp in get_device_details() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
- mm_zone: add function to check if managed dma zone exists (bsc#1197501).
- mm: add vma_lookup(), update find_vma_intersection() comments (git-fixes).
- mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (git-fixes).
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx() (git-fixes).
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).
- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018).
- net: watchdog: hold device global xmit lock during tx disable (git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- net/smc: Reset conn->lgr when link group registration fails (git-fixes).
- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
- NFS: Do not skip directory entries when doing uncached readdir (git-fixes).
- NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
- NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).
- NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
- NFS: Fix another issue with a list iterator pointing to the head (git-fixes).
- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).
- pinctrl: mediatek: paris: Fix 'argument' argument type for mtk_pinconf_get() (git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
- pinctrl: samsung: drop pin banks references on error paths (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).
- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- printk: Add panic_in_progress helper (bsc#1197894).
- printk: disable optimistic spin during panic (bsc#1197894).
- pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).
- s390/bpf: Perform r1 range checking before accessing jit->seen_reg (git-fixes).
- s390/gmap: do not unconditionally call pte_unmap_unlock() in __gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/hypfs: include z/VM guests with access control group set (bsc#1195640 LTC#196352).
- s390/kexec_file: fix error handling when applying relocations (git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- s390/mm: fix VMA and page table handling code in storage key handling functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
- s390/module: fix loading modules with a lot of relocations (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling follow_pte() (git-fixes).
- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
- serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
- serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time (bsc#1180153).
- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).
- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m -> VIRTIO_PCI=y
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (git-fixes).
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- usb: bdc: remove duplicated error message (git-fixes).
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- usb: bdc: use devm_platform_ioremap_resource() to simplify code (git-fixes).
- usb: dwc3: gadget: Use list_replace_init() before traversing lists (git-fixes).
- usb: dwc3: qcom: add IRQ check (git-fixes).
- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (git-fixes).
- usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature (bsc#1178134).
- x86/mm/pat: Do not flush cache if hardware enforces cache coherency across encryption domnains (bsc#1178134).
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#1178134).
- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Patchnames
SUSE-2022-1183,SUSE-SLE-Module-Basesystem-15-SP3-2022-1183,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1183,SUSE-SLE-Module-Legacy-15-SP3-2022-1183,SUSE-SLE-Module-Live-Patching-15-SP3-2022-1183,SUSE-SLE-Product-HA-15-SP3-2022-1183,SUSE-SLE-Product-WE-15-SP3-2022-1183,SUSE-SUSE-MicroOS-5.1-2022-1183,SUSE-SUSE-MicroOS-5.2-2022-1183,openSUSE-SLE-15.3-2022-1183,openSUSE-SLE-15.4-2022-1183
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 SP3 kernel was updated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space. (bnc#1196823)\n- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)\n- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel. (bnc#1198031)\n- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel. (bnc#1198032)\n- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033)\n- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation. (bnc#1197702)\n- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#1197331)\n- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file. (bnc#1197366)\n- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)\n- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c. (bsc#1196761)\n- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198028)\n- CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)\n- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).\n- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a local attacker with a user privilege to execute a denial of service. (bsc#1198029)\n- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)\n\nThe following non-security bugs were fixed:\n\n- ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).\n- ACPI: APEI: fix return value of __setup handlers (git-fixes).\n- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).\n- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).\n- ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).\n- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).\n- ACPI: docs: enumeration: Update UART serial bus resource documentation (git-fixes).\n- ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).\n- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).\n- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).\n- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).\n- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).\n- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).\n- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).\n- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).\n- ALSA: spi: Add check for clk_enable() (git-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).\n- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).\n- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).\n- ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).\n- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).\n- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).\n- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).\n- ASoC: fsi: Add check for clk_enable (git-fixes).\n- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).\n- ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).\n- ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).\n- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).\n- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).\n- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).\n- ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).\n- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).\n- ASoC: SOF: topology: remove redundant code (git-fixes).\n- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).\n- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).\n- ASoC: topology: Allow TLV control to be either read or write (git-fixes).\n- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).\n- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).\n- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).\n- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018).\n- block: update io_ticks when io hang (bsc#1197817).\n- block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).\n- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).\n- bpf: Remove config check to enable bpf support for branch records (git-fixes bsc#1177028).\n- btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1194649).\n- btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1194649).\n- btrfs: avoid unnecessary logging of xattrs during fast fsyncs (bsc#1194649).\n- btrfs: check error value from btrfs_update_inode in tree log (bsc#1194649).\n- btrfs: check if a log root exists before locking the log_mutex on unlink (bsc#1194649).\n- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).\n- btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1194649).\n- btrfs: do not log new dentries when logging that a new name exists (bsc#1194649).\n- btrfs: eliminate some false positives when checking if inode was logged (bsc#1194649).\n- btrfs: fix race leading to unnecessary transaction commit when logging inode (bsc#1194649).\n- btrfs: fix race that causes unnecessary logging of ancestor inodes (bsc#1194649).\n- btrfs: fix race that makes inode logging fallback to transaction commit (bsc#1194649).\n- btrfs: fix race that results in logging old extents during a fast fsync (bsc#1194649).\n- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).\n- btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1194649).\n- btrfs: Remove unnecessary check from join_running_log_trans (bsc#1194649).\n- btrfs: remove unnecessary directory inode item update when deleting dir entry (bsc#1194649).\n- btrfs: remove unnecessary list head initialization when syncing log (bsc#1194649).\n- btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#1194649).\n- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).\n- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).\n- can: mcba_usb: properly check endpoint type (git-fixes).\n- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).\n- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).\n- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: bcm2835: Remove unused variable (git-fixes).\n- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).\n- clk: Initialize orphan req_rate (git-fixes).\n- clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: nxp: Remove unused variable (git-fixes).\n- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes).\n- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).\n- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).\n- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).\n- clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).\n- clk: uniphier: Fix fixed-rate initialization (git-fixes).\n- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).\n- clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).\n- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)\n- crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).\n- crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).\n- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).\n- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).\n- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).\n- crypto: qat - do not cast parameter in bit operations (git-fixes).\n- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).\n- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).\n- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).\n- crypto: vmx - add missing dependencies (git-fixes).\n- dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).\n- driver core: dd: fix return value of __setup handler (git-fixes).\n- drm: add a locked version of drm_is_current_master (bsc#1197914).\n- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).\n- drm: drm_file struct kABI compatibility workaround (bsc#1197914).\n- drm: protect drm_master pointers in drm_lease.c (bsc#1197914).\n- drm: serialize drm_file.master with a new spinlock (bsc#1197914).\n- drm: use the lookup lock in drm_is_current_master (bsc#1197914).\n- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).\n- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).\n- drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).\n- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).\n- drm/doc: overview before functions for drm_writeback.c (git-fixes).\n- drm/i915: Fix dbuf slice config lookup (git-fixes).\n- drm/i915/gem: add missing boundary check in vm_access (git-fixes).\n- drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).\n- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).\n- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).\n- drm/msm/dpu: add DSPP blocks teardown (git-fixes).\n- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).\n- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).\n- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).\n- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling (git-fixes).\n- drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).\n- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).\n- ecryptfs: Fix typo in message (bsc#1197811).\n- ext2: correct max file size computing (bsc#1197820).\n- firmware: google: Properly state IOMEM dependency (git-fixes).\n- firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).\n- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).\n- HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).\n- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).\n- hwmon: (pmbus) Add Vin unit off handling (git-fixes).\n- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).\n- hwrng: atmel - disable trng on failure path (git-fixes).\n- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).\n- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).\n- iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).\n- iio: adc: Add check for devm_request_threaded_irq (git-fixes).\n- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).\n- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).\n- iio: inkern: apply consumer scale when no channel scale is available (git-fixes).\n- iio: inkern: make a best effort on offset calculation (git-fixes).\n- Input: aiptek - properly check endpoint type (git-fixes).\n- iwlwifi: do not advertise TWT support (git-fixes).\n- KVM: SVM: Do not flush cache if hardware enforces cache coherency across encryption domains (bsc#1178134).\n- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).\n- mac80211: fix potential double free on mesh join (git-fixes).\n- mac80211: refuse aggregations sessions before authorized (git-fixes).\n- media: aspeed: Correct value for h-total-pixels (git-fixes).\n- media: bttv: fix WARNING regression on tunerless devices (git-fixes).\n- media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).\n- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).\n- media: em28xx: initialize refcount before kref_get (git-fixes).\n- media: hantro: Fix overfill bottom register field name (git-fixes).\n- media: Revert 'media: em28xx: add missing em28xx_close_extension' (git-fixes).\n- media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).\n- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).\n- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).\n- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)\n- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)\n- memory: emif: Add check for setup_interrupts (git-fixes).\n- memory: emif: check the pointer temp in get_device_details() (git-fixes).\n- misc: alcor_pci: Fix an error handling path (git-fixes).\n- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).\n- mm_zone: add function to check if managed dma zone exists (bsc#1197501).\n- mm: add vma_lookup(), update find_vma_intersection() comments (git-fixes).\n- mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).\n- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).\n- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (git-fixes).\n- net: enetc: initialize the RFS and RSS memories (git-fixes).\n- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx() (git-fixes).\n- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).\n- net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).\n- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).\n- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018).\n- net: watchdog: hold device global xmit lock during tx disable (git-fixes).\n- net/smc: Fix loop in smc_listen (git-fixes).\n- net/smc: fix using of uninitialized completions (git-fixes).\n- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).\n- net/smc: Make sure the link_id is unique (git-fixes).\n- net/smc: Reset conn->lgr when link group registration fails (git-fixes).\n- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).\n- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).\n- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).\n- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).\n- NFS: Do not skip directory entries when doing uncached readdir (git-fixes).\n- NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).\n- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).\n- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).\n- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).\n- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).\n- NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).\n- NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).\n- NFS: Fix another issue with a list iterator pointing to the head (git-fixes).\n- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).\n- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).\n- pinctrl: mediatek: paris: Fix 'argument' argument type for mtk_pinconf_get() (git-fixes).\n- pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).\n- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).\n- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).\n- pinctrl: samsung: drop pin banks references on error paths (git-fixes).\n- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).\n- PM: hibernate: fix __setup handler error handling (git-fixes).\n- PM: suspend: fix return value of __setup handler (git-fixes).\n- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).\n- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).\n- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).\n- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).\n- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).\n- powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).\n- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).\n- powerpc/xive: fix return value of __setup handler (bsc#1065729).\n- printk: Add panic_in_progress helper (bsc#1197894).\n- printk: disable optimistic spin during panic (bsc#1197894).\n- pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).\n- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).\n- remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).\n- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).\n- s390/bpf: Perform r1 range checking before accessing jit->seen_reg (git-fixes).\n- s390/gmap: do not unconditionally call pte_unmap_unlock() in __gmap_zap() (git-fixes).\n- s390/gmap: validate VMA in __gmap_zap() (git-fixes).\n- s390/hypfs: include z/VM guests with access control group set (bsc#1195640 LTC#196352).\n- s390/kexec_file: fix error handling when applying relocations (git-fixes).\n- s390/kexec: fix memory leak of ipl report buffer (git-fixes).\n- s390/kexec: fix return code handling (git-fixes).\n- s390/mm: fix VMA and page table handling code in storage key handling functions (git-fixes).\n- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).\n- s390/module: fix loading modules with a lot of relocations (git-fixes).\n- s390/pci_mmio: fully validate the VMA before calling follow_pte() (git-fixes).\n- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).\n- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).\n- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).\n- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).\n- scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Fix typos in comments (bsc#1197675).\n- scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).\n- scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).\n- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).\n- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).\n- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).\n- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).\n- scsi: lpfc: Use fc_block_rport() (bsc#1197675).\n- scsi: lpfc: Use kcalloc() (bsc#1197675).\n- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).\n- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).\n- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).\n- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).\n- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).\n- scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).\n- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).\n- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).\n- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).\n- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).\n- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).\n- scsi: qla2xxx: Fix typos in comments (bsc#1197661).\n- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).\n- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).\n- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).\n- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).\n- scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).\n- serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).\n- serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).\n- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).\n- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).\n- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).\n- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).\n- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).\n- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).\n- staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).\n- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).\n- tcp: change source port randomizarion at connect() time (bsc#1180153).\n- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).\n- thermal: int340x: Increase bitmap size (git-fixes).\n- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).\n- Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m -> VIRTIO_PCI=y\n- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).\n- usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (git-fixes).\n- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).\n- usb: bdc: remove duplicated error message (git-fixes).\n- usb: bdc: Use devm_clk_get_optional() (git-fixes).\n- usb: bdc: use devm_platform_ioremap_resource() to simplify code (git-fixes).\n- usb: dwc3: gadget: Use list_replace_init() before traversing lists (git-fixes).\n- usb: dwc3: qcom: add IRQ check (git-fixes).\n- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).\n- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (git-fixes).\n- usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).\n- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).\n- VFS: filename_create(): fix incorrect intent (bsc#1197534).\n- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).\n- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).\n- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).\n- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).\n- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).\n- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).\n- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).\n- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).\n- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).\n- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).\n- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).\n- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).\n- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).\n- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature (bsc#1178134).\n- x86/mm/pat: Do not flush cache if hardware enforces cache coherency across encryption domnains (bsc#1178134).\n- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#1178134).\n- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).\n- xhci: fix garbage USBSTS being logged in some cases (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-1183,SUSE-SLE-Module-Basesystem-15-SP3-2022-1183,SUSE-SLE-Module-Development-Tools-15-SP3-2022-1183,SUSE-SLE-Module-Legacy-15-SP3-2022-1183,SUSE-SLE-Module-Live-Patching-15-SP3-2022-1183,SUSE-SLE-Product-HA-15-SP3-2022-1183,SUSE-SLE-Product-WE-15-SP3-2022-1183,SUSE-SUSE-MicroOS-5.1-2022-1183,SUSE-SUSE-MicroOS-5.2-2022-1183,openSUSE-SLE-15.3-2022-1183,openSUSE-SLE-15.4-2022-1183", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1183-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:1183-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20221183-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:1183-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010701.html", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1156395", url: "https://bugzilla.suse.com/1156395", }, { category: "self", summary: "SUSE Bug 1175667", url: "https://bugzilla.suse.com/1175667", }, { category: "self", summary: "SUSE Bug 1177028", url: "https://bugzilla.suse.com/1177028", }, { category: "self", summary: "SUSE Bug 1178134", url: "https://bugzilla.suse.com/1178134", }, { category: "self", summary: "SUSE Bug 1179639", url: "https://bugzilla.suse.com/1179639", }, { category: "self", summary: "SUSE Bug 1180153", url: "https://bugzilla.suse.com/1180153", }, { category: "self", summary: "SUSE Bug 1189562", url: "https://bugzilla.suse.com/1189562", }, { category: "self", summary: "SUSE Bug 1194649", url: "https://bugzilla.suse.com/1194649", }, { category: "self", summary: "SUSE Bug 1195640", url: "https://bugzilla.suse.com/1195640", }, { category: "self", summary: "SUSE Bug 1195926", url: "https://bugzilla.suse.com/1195926", }, { category: "self", summary: "SUSE Bug 1196018", url: "https://bugzilla.suse.com/1196018", }, { category: "self", summary: "SUSE Bug 1196196", url: "https://bugzilla.suse.com/1196196", }, { category: "self", summary: "SUSE Bug 1196478", url: "https://bugzilla.suse.com/1196478", }, { category: "self", summary: "SUSE Bug 1196761", url: "https://bugzilla.suse.com/1196761", }, { category: "self", summary: "SUSE Bug 1196823", url: "https://bugzilla.suse.com/1196823", }, { category: "self", summary: "SUSE Bug 1197227", url: "https://bugzilla.suse.com/1197227", }, { category: "self", summary: "SUSE Bug 1197243", url: "https://bugzilla.suse.com/1197243", }, { category: "self", summary: "SUSE Bug 1197300", url: "https://bugzilla.suse.com/1197300", }, { category: "self", summary: "SUSE Bug 1197302", url: "https://bugzilla.suse.com/1197302", }, { category: "self", summary: "SUSE Bug 1197331", url: "https://bugzilla.suse.com/1197331", }, { category: "self", summary: "SUSE Bug 1197343", url: "https://bugzilla.suse.com/1197343", }, { category: "self", summary: "SUSE Bug 1197366", url: "https://bugzilla.suse.com/1197366", }, { category: "self", summary: "SUSE Bug 1197389", url: "https://bugzilla.suse.com/1197389", }, { category: "self", summary: "SUSE Bug 1197462", url: "https://bugzilla.suse.com/1197462", }, { category: "self", summary: "SUSE Bug 1197501", url: "https://bugzilla.suse.com/1197501", }, { category: "self", summary: "SUSE Bug 1197534", url: "https://bugzilla.suse.com/1197534", }, { category: "self", summary: "SUSE Bug 1197661", url: "https://bugzilla.suse.com/1197661", }, { category: "self", summary: "SUSE Bug 1197675", url: "https://bugzilla.suse.com/1197675", }, { category: "self", summary: "SUSE Bug 1197702", url: "https://bugzilla.suse.com/1197702", }, { category: "self", summary: "SUSE Bug 1197811", url: "https://bugzilla.suse.com/1197811", }, { category: "self", summary: "SUSE Bug 1197812", url: "https://bugzilla.suse.com/1197812", }, { category: "self", summary: "SUSE Bug 1197815", url: "https://bugzilla.suse.com/1197815", }, { category: "self", summary: "SUSE Bug 1197817", url: "https://bugzilla.suse.com/1197817", }, { category: "self", summary: "SUSE Bug 1197819", url: "https://bugzilla.suse.com/1197819", }, { category: "self", summary: "SUSE Bug 1197820", url: "https://bugzilla.suse.com/1197820", }, { category: "self", summary: "SUSE Bug 1197888", url: "https://bugzilla.suse.com/1197888", }, { category: "self", summary: "SUSE Bug 1197889", url: "https://bugzilla.suse.com/1197889", }, { category: "self", summary: "SUSE Bug 1197894", url: "https://bugzilla.suse.com/1197894", }, { category: "self", summary: "SUSE Bug 1197914", url: "https://bugzilla.suse.com/1197914", }, { category: "self", summary: "SUSE Bug 1198027", url: "https://bugzilla.suse.com/1198027", }, { category: "self", summary: "SUSE Bug 1198028", url: "https://bugzilla.suse.com/1198028", }, { category: "self", summary: "SUSE Bug 1198029", url: "https://bugzilla.suse.com/1198029", }, { category: "self", summary: "SUSE Bug 1198030", url: "https://bugzilla.suse.com/1198030", }, { category: "self", summary: "SUSE Bug 1198031", url: "https://bugzilla.suse.com/1198031", }, { category: "self", summary: "SUSE Bug 1198032", url: "https://bugzilla.suse.com/1198032", }, { category: "self", summary: "SUSE Bug 1198033", url: "https://bugzilla.suse.com/1198033", }, { category: "self", summary: "SUSE CVE CVE-2021-45868 page", url: "https://www.suse.com/security/cve/CVE-2021-45868/", }, { category: "self", summary: "SUSE CVE CVE-2022-0850 page", url: "https://www.suse.com/security/cve/CVE-2022-0850/", }, { category: "self", summary: "SUSE CVE CVE-2022-0854 page", url: "https://www.suse.com/security/cve/CVE-2022-0854/", }, { category: "self", summary: "SUSE CVE CVE-2022-1011 page", url: "https://www.suse.com/security/cve/CVE-2022-1011/", }, { category: "self", summary: "SUSE CVE CVE-2022-1016 page", url: "https://www.suse.com/security/cve/CVE-2022-1016/", }, { category: "self", summary: "SUSE CVE CVE-2022-1048 page", url: "https://www.suse.com/security/cve/CVE-2022-1048/", }, { category: "self", summary: "SUSE CVE CVE-2022-1055 page", url: "https://www.suse.com/security/cve/CVE-2022-1055/", }, { category: "self", summary: "SUSE CVE CVE-2022-1195 page", url: "https://www.suse.com/security/cve/CVE-2022-1195/", }, { category: "self", summary: "SUSE CVE CVE-2022-1198 page", url: "https://www.suse.com/security/cve/CVE-2022-1198/", }, { category: "self", summary: "SUSE CVE CVE-2022-1199 page", url: "https://www.suse.com/security/cve/CVE-2022-1199/", }, { category: "self", summary: "SUSE CVE CVE-2022-1205 page", url: "https://www.suse.com/security/cve/CVE-2022-1205/", }, { category: "self", summary: "SUSE CVE CVE-2022-27666 page", url: "https://www.suse.com/security/cve/CVE-2022-27666/", }, { category: "self", summary: "SUSE CVE CVE-2022-28388 page", url: "https://www.suse.com/security/cve/CVE-2022-28388/", }, { category: "self", summary: "SUSE CVE CVE-2022-28389 page", url: "https://www.suse.com/security/cve/CVE-2022-28389/", }, { category: "self", summary: "SUSE CVE CVE-2022-28390 page", url: "https://www.suse.com/security/cve/CVE-2022-28390/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2022-04-13T14:58:44Z", generator: { date: "2022-04-13T14:58:44Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:1183-1", initial_release_date: "2022-04-13T14:58:44Z", revision_history: [ { date: "2022-04-13T14:58:44Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product: { name: "cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product_id: "cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", product: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", product_id: "cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product: { name: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product_id: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product: { name: "dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product_id: "dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", product: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", product_id: "dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product: { name: "dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product_id: "dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-al-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-al-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-al-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-allwinner-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-allwinner-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-allwinner-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-altera-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-altera-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-altera-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-amd-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-amd-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-amd-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-amlogic-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-amlogic-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-amlogic-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-apm-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-apm-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-apm-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-arm-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-arm-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-arm-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-broadcom-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-broadcom-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-broadcom-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-cavium-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-cavium-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-cavium-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-exynos-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-exynos-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-exynos-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-freescale-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-freescale-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-freescale-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-lg-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-lg-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-lg-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-marvell-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-marvell-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-marvell-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-mediatek-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-mediatek-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-mediatek-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-nvidia-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-nvidia-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-nvidia-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-qcom-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-qcom-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-qcom-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-renesas-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-renesas-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-renesas-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-rockchip-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-rockchip-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-rockchip-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-socionext-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-socionext-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-socionext-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-sprd-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-sprd-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-sprd-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-xilinx-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-xilinx-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-xilinx-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "dtb-zte-5.3.18-150300.59.63.1.aarch64", product: { name: "dtb-zte-5.3.18-150300.59.63.1.aarch64", product_id: "dtb-zte-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product: { name: "gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product_id: "gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", product: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", product_id: "gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product: { name: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product_id: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-64kb-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-64kb-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-default-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-default-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", product: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", product_id: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", product: { name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", product_id: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-default-devel-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-default-devel-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-default-extra-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-default-extra-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-default-optional-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-default-optional-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-default-optional-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-obs-build-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-obs-build-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-preempt-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-preempt-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150300.59.63.1.aarch64", product: { name: "kernel-syms-5.3.18-150300.59.63.1.aarch64", product_id: "kernel-syms-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product: { name: "kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product_id: "kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", product: { name: "kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", product_id: "kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product: { name: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product_id: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product: { name: "ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product_id: "ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", product: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", product_id: "ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product: { name: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product_id: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product: { name: "reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", product_id: "reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", product: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", product_id: "reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", }, }, { category: "product_version", name: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product: { name: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", product_id: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, }, ], category: "architecture", name: "aarch64", }, { branches: [ { category: "product_version", name: "kernel-devel-5.3.18-150300.59.63.1.noarch", product: { name: "kernel-devel-5.3.18-150300.59.63.1.noarch", product_id: "kernel-devel-5.3.18-150300.59.63.1.noarch", }, }, { category: "product_version", name: "kernel-docs-5.3.18-150300.59.63.1.noarch", product: { name: "kernel-docs-5.3.18-150300.59.63.1.noarch", product_id: "kernel-docs-5.3.18-150300.59.63.1.noarch", }, }, { category: "product_version", name: "kernel-docs-html-5.3.18-150300.59.63.1.noarch", product: { name: "kernel-docs-html-5.3.18-150300.59.63.1.noarch", product_id: "kernel-docs-html-5.3.18-150300.59.63.1.noarch", }, }, { category: "product_version", name: "kernel-macros-5.3.18-150300.59.63.1.noarch", product: { name: "kernel-macros-5.3.18-150300.59.63.1.noarch", product_id: "kernel-macros-5.3.18-150300.59.63.1.noarch", }, }, { category: "product_version", name: "kernel-source-5.3.18-150300.59.63.1.noarch", product: { name: "kernel-source-5.3.18-150300.59.63.1.noarch", product_id: "kernel-source-5.3.18-150300.59.63.1.noarch", }, }, { category: "product_version", name: "kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", product: { name: "kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", product_id: "kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", product: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", product_id: "cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", product: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", product_id: "dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", product: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", product_id: "gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-debug-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-debug-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-default-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-default-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", product: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", product_id: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", product: { name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", product_id: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", product: { name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", product_id: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150300.59.63.1.ppc64le", product: { name: "kernel-syms-5.3.18-150300.59.63.1.ppc64le", product_id: "kernel-syms-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", product: { name: "kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", product_id: "kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", product: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", product_id: "ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", product: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", product_id: "reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", product: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", product_id: "cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150300.59.63.1.s390x", product: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.s390x", product_id: "dlm-kmp-default-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", product: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", product_id: "gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-default-5.3.18-150300.59.63.1.s390x", product_id: "kernel-default-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", product: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", product_id: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", product: { name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", product_id: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-default-devel-5.3.18-150300.59.63.1.s390x", product_id: "kernel-default-devel-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-default-extra-5.3.18-150300.59.63.1.s390x", product_id: "kernel-default-extra-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", product_id: "kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", product_id: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-default-optional-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-default-optional-5.3.18-150300.59.63.1.s390x", product_id: "kernel-default-optional-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", product: { name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", product_id: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-obs-build-5.3.18-150300.59.63.1.s390x", product_id: "kernel-obs-build-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-obs-qa-5.3.18-150300.59.63.1.s390x", product_id: "kernel-obs-qa-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-syms-5.3.18-150300.59.63.1.s390x", product_id: "kernel-syms-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", product: { name: "kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", product_id: "kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", product: { name: "kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", product_id: "kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", product: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", product_id: "ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", product: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", product_id: "reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", product: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", product_id: "cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product: { name: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product_id: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", product: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", product_id: "dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product: { name: "dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product_id: "dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", product: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", product_id: "gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product: { name: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product_id: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-debug-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-debug-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-default-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-default-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", product: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", product_id: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", }, }, { category: "product_version", name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", product: { name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", product_id: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", }, }, { category: "product_version", name: "kernel-default-devel-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-default-devel-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-default-devel-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-extra-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-default-extra-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-default-extra-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-default-optional-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-default-optional-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-default-optional-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", product: { name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", product_id: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", }, }, { category: "product_version", name: "kernel-livepatch-5_3_18-150300_59_63-preempt-1-150300.7.3.1.x86_64", product: { name: "kernel-livepatch-5_3_18-150300_59_63-preempt-1-150300.7.3.1.x86_64", product_id: "kernel-livepatch-5_3_18-150300_59_63-preempt-1-150300.7.3.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-build-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-obs-build-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-obs-build-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-preempt-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-preempt-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-5.3.18-150300.59.63.1.x86_64", product: { name: "kernel-syms-5.3.18-150300.59.63.1.x86_64", product_id: "kernel-syms-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", product: { name: "kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", product_id: "kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product: { name: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product_id: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", product: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", product_id: "ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product: { name: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product_id: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", product: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", product_id: "reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product: { name: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", product_id: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Basesystem 15 SP3", product: { name: "SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-basesystem:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Development Tools 15 SP3", product: { name: "SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-development-tools:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Module for Legacy 15 SP3", product: { name: "SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-legacy:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Live Patching 15 SP3", product: { name: "SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-live-patching:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise High Availability Extension 15 SP3", product: { name: "SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-ha:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Workstation Extension 15 SP3", product: { name: "SUSE Linux Enterprise Workstation Extension 15 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-we:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.1", product: { name: "SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.2", product: { name: "SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.2", }, }, }, { category: "product_name", name: "openSUSE Leap 15.3", product: { name: "openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-64kb-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-devel-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.63.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.63.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-preempt-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3", product_id: "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Basesystem 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150300.59.63.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-docs-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-obs-build-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150300.59.63.1.noarch as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-source-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-syms-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-syms-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP3", product_id: "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Development Tools 15 SP3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", }, product_reference: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", }, product_reference: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64 as component of SUSE Linux Enterprise Live Patching 15 SP3", product_id: "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", }, product_reference: "kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Live Patching 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 15 SP3", product_id: "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise High Availability Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-extra-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP3", product_id: "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Workstation Extension 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.s390x as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, product_reference: "cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, product_reference: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, product_reference: "cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, product_reference: "dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-al-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-al-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-allwinner-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-allwinner-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-altera-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-altera-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-amd-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-amd-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-amlogic-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-amlogic-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-apm-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-apm-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-arm-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-arm-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-broadcom-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-broadcom-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-cavium-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-cavium-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-exynos-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-exynos-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-freescale-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-freescale-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-hisilicon-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-lg-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-lg-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-marvell-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-marvell-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-mediatek-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-mediatek-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-nvidia-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-nvidia-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-qcom-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-qcom-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-renesas-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-renesas-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-rockchip-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-rockchip-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-socionext-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-socionext-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-sprd-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-sprd-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-xilinx-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-xilinx-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "dtb-zte-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", }, product_reference: "dtb-zte-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, product_reference: "gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, product_reference: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, product_reference: "gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-64kb-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-debug-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-debug-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-devel-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", }, product_reference: "kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", }, product_reference: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", }, product_reference: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", }, product_reference: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", }, product_reference: "kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-devel-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-devel-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-extra-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-extra-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-extra-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-extra-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-default-optional-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-default-optional-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-default-optional-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-default-optional-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-5.3.18-150300.59.63.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-devel-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-5.3.18-150300.59.63.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-docs-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-docs-html-5.3.18-150300.59.63.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-docs-html-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-macros-5.3.18-150300.59.63.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-macros-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-obs-build-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-build-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-obs-build-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-obs-qa-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-obs-qa-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-preempt-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-preempt-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-5.3.18-150300.59.63.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-source-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-vanilla-5.3.18-150300.59.63.1.noarch as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", }, product_reference: "kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kernel-syms-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kernel-syms-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-syms-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kernel-syms-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kernel-zfcpdump-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", }, product_reference: "kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, product_reference: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, product_reference: "kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, product_reference: "ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, product_reference: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, product_reference: "ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", }, product_reference: "reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", }, product_reference: "reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", }, product_reference: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", }, product_reference: "reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, ], }, vulnerabilities: [ { cve: "CVE-2021-45868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-45868", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-45868", url: "https://www.suse.com/security/cve/CVE-2021-45868", }, { category: "external", summary: "SUSE Bug 1197366 for CVE-2021-45868", url: "https://bugzilla.suse.com/1197366", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2021-45868", }, { cve: "CVE-2022-0850", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0850", }, ], notes: [ { category: "general", text: "A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0850", url: "https://www.suse.com/security/cve/CVE-2022-0850", }, { category: "external", summary: "SUSE Bug 1196761 for CVE-2022-0850", url: "https://bugzilla.suse.com/1196761", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-0850", }, { cve: "CVE-2022-0854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0854", }, ], notes: [ { category: "general", text: "A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0854", url: "https://www.suse.com/security/cve/CVE-2022-0854", }, { category: "external", summary: "SUSE Bug 1196823 for CVE-2022-0854", url: "https://bugzilla.suse.com/1196823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-0854", }, { cve: "CVE-2022-1011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1011", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1011", url: "https://www.suse.com/security/cve/CVE-2022-1011", }, { category: "external", summary: "SUSE Bug 1197343 for CVE-2022-1011", url: "https://bugzilla.suse.com/1197343", }, { category: "external", summary: "SUSE Bug 1197344 for CVE-2022-1011", url: "https://bugzilla.suse.com/1197344", }, { category: "external", summary: "SUSE Bug 1198687 for CVE-2022-1011", url: "https://bugzilla.suse.com/1198687", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-1011", url: "https://bugzilla.suse.com/1204132", }, { category: "external", summary: "SUSE Bug 1212322 for CVE-2022-1011", url: "https://bugzilla.suse.com/1212322", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-1011", }, { cve: "CVE-2022-1016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1016", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1016", url: "https://www.suse.com/security/cve/CVE-2022-1016", }, { category: "external", summary: "SUSE Bug 1197335 for CVE-2022-1016", url: "https://bugzilla.suse.com/1197335", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "important", }, ], title: "CVE-2022-1016", }, { cve: "CVE-2022-1048", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1048", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1048", url: "https://www.suse.com/security/cve/CVE-2022-1048", }, { category: "external", summary: "SUSE Bug 1197331 for CVE-2022-1048", url: "https://bugzilla.suse.com/1197331", }, { category: "external", summary: "SUSE Bug 1197597 for CVE-2022-1048", url: "https://bugzilla.suse.com/1197597", }, { category: "external", summary: "SUSE Bug 1200041 for CVE-2022-1048", url: "https://bugzilla.suse.com/1200041", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-1048", url: "https://bugzilla.suse.com/1204132", }, { category: "external", summary: "SUSE Bug 1212325 for CVE-2022-1048", url: "https://bugzilla.suse.com/1212325", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "important", }, ], title: "CVE-2022-1048", }, { cve: "CVE-2022-1055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1055", }, ], notes: [ { category: "general", text: "A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1055", url: "https://www.suse.com/security/cve/CVE-2022-1055", }, { category: "external", summary: "SUSE Bug 1197702 for CVE-2022-1055", url: "https://bugzilla.suse.com/1197702", }, { category: "external", summary: "SUSE Bug 1197705 for CVE-2022-1055", url: "https://bugzilla.suse.com/1197705", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "important", }, ], title: "CVE-2022-1055", }, { cve: "CVE-2022-1195", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1195", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1195", url: "https://www.suse.com/security/cve/CVE-2022-1195", }, { category: "external", summary: "SUSE Bug 1198029 for CVE-2022-1195", url: "https://bugzilla.suse.com/1198029", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-1195", }, { cve: "CVE-2022-1198", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1198", }, ], notes: [ { category: "general", text: "A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1198", url: "https://www.suse.com/security/cve/CVE-2022-1198", }, { category: "external", summary: "SUSE Bug 1198030 for CVE-2022-1198", url: "https://bugzilla.suse.com/1198030", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-1198", }, { cve: "CVE-2022-1199", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1199", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1199", url: "https://www.suse.com/security/cve/CVE-2022-1199", }, { category: "external", summary: "SUSE Bug 1198028 for CVE-2022-1199", url: "https://bugzilla.suse.com/1198028", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-1199", }, { cve: "CVE-2022-1205", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1205", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1205", url: "https://www.suse.com/security/cve/CVE-2022-1205", }, { category: "external", summary: "SUSE Bug 1198027 for CVE-2022-1205", url: "https://bugzilla.suse.com/1198027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-1205", }, { cve: "CVE-2022-27666", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-27666", }, ], notes: [ { category: "general", text: "A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-27666", url: "https://www.suse.com/security/cve/CVE-2022-27666", }, { category: "external", summary: "SUSE Bug 1197131 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197131", }, { category: "external", summary: "SUSE Bug 1197133 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197133", }, { category: "external", summary: "SUSE Bug 1197462 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197462", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "important", }, ], title: "CVE-2022-27666", }, { cve: "CVE-2022-28388", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28388", }, ], notes: [ { category: "general", text: "usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28388", url: "https://www.suse.com/security/cve/CVE-2022-28388", }, { category: "external", summary: "SUSE Bug 1198032 for CVE-2022-28388", url: "https://bugzilla.suse.com/1198032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-28388", }, { cve: "CVE-2022-28389", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28389", }, ], notes: [ { category: "general", text: "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28389", url: "https://www.suse.com/security/cve/CVE-2022-28389", }, { category: "external", summary: "SUSE Bug 1198033 for CVE-2022-28389", url: "https://bugzilla.suse.com/1198033", }, { category: "external", summary: "SUSE Bug 1201657 for CVE-2022-28389", url: "https://bugzilla.suse.com/1201657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-28389", }, { cve: "CVE-2022-28390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28390", }, ], notes: [ { category: "general", text: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28390", url: "https://www.suse.com/security/cve/CVE-2022-28390", }, { category: "external", summary: "SUSE Bug 1198031 for CVE-2022-28390", url: "https://bugzilla.suse.com/1198031", }, { category: "external", summary: "SUSE Bug 1201517 for CVE-2022-28390", url: "https://bugzilla.suse.com/1201517", }, { category: "external", summary: "SUSE Bug 1207969 for CVE-2022-28390", url: "https://bugzilla.suse.com/1207969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise High Availability Extension 15 SP3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.ppc64le", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.s390x", "SUSE Linux Enterprise Live Patching 15 SP3:kernel-livepatch-5_3_18-150300_59_63-default-1-150300.7.3.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.1:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Micro 5.2:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-devel-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-macros-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Basesystem 15 SP3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-docs-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-source-5.3.18-150300.59.63.1.noarch", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Development Tools 15 SP3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "SUSE Linux Enterprise Workstation Extension 15 SP3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:cluster-md-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:dlm-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:dtb-al-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-allwinner-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-altera-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-amlogic-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-apm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-arm-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-broadcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-cavium-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-exynos-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-freescale-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-hisilicon-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-lg-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-marvell-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-mediatek-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-nvidia-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-qcom-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-renesas-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-rockchip-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-socionext-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-sprd-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-xilinx-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:dtb-zte-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:gfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-64kb-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-debug-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.aarch64", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.ppc64le", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.s390x", "openSUSE Leap 15.3:kernel-default-base-rebuild-5.3.18-150300.59.63.1.150300.18.39.1.x86_64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-default-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-devel-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-docs-html-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-macros-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-build-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-obs-qa-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-source-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-source-vanilla-5.3.18-150300.59.63.1.noarch", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kernel-syms-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kernel-zfcpdump-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:kselftests-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:ocfs2-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-64kb-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.ppc64le", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.s390x", "openSUSE Leap 15.3:reiserfs-kmp-default-5.3.18-150300.59.63.1.x86_64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64", "openSUSE Leap 15.3:reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-13T14:58:44Z", details: "moderate", }, ], title: "CVE-2022-28390", }, ], }
suse-su-2022:1407-1
Vulnerability from csaf_suse
Published
2022-04-26 09:19
Modified
2022-04-26 09:19
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP3 kernel was updated.
The following security bugs were fixed:
- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space. (bnc#1196823)
- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)
- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198028)
- CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)
- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).
- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a local attacker with a user privilege to execute a denial of service. (bsc#1198029)
- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel. (bnc#1198031)
- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel. (bnc#1198032)
- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033)
- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#1197331)
- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation. (bnc#1197702)
- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c. (bsc#1196761)
- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)
- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file. (bnc#1197366)
- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)
The following non-security bugs were fixed:
- ACPI: APEI: fix return value of __setup handlers (git-fixes).
- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).
- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).
- ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).
- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).
- ACPI: docs: enumeration: Update UART serial bus resource documentation (git-fixes).
- ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).
- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).
- ACPI: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).
- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).
- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).
- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).
- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).
- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).
- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).
- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).
- ALSA: spi: Add check for clk_enable() (git-fixes).
- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).
- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).
- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).
- ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).
- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).
- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).
- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).
- ASoC: fsi: Add check for clk_enable (git-fixes).
- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).
- ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).
- ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).
- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).
- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).
- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).
- ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).
- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).
- ASoC: SOF: topology: remove redundant code (git-fixes).
- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).
- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).
- ASoC: topology: Allow TLV control to be either read or write (git-fixes).
- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).
- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).
- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).
- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018).
- block: update io_ticks when io hang (bsc#1197817).
- block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).
- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).
- bpf: Remove config check to enable bpf support for branch records (git-fixes bsc#1177028).
- btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1194649).
- btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1194649).
- btrfs: avoid unnecessary logging of xattrs during fast fsyncs (bsc#1194649).
- btrfs: check error value from btrfs_update_inode in tree log (bsc#1194649).
- btrfs: check if a log root exists before locking the log_mutex on unlink (bsc#1194649).
- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).
- btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1194649).
- btrfs: do not log new dentries when logging that a new name exists (bsc#1194649).
- btrfs: eliminate some false positives when checking if inode was logged (bsc#1194649).
- btrfs: fix race leading to unnecessary transaction commit when logging inode (bsc#1194649).
- btrfs: fix race that causes unnecessary logging of ancestor inodes (bsc#1194649).
- btrfs: fix race that makes inode logging fallback to transaction commit (bsc#1194649).
- btrfs: fix race that results in logging old extents during a fast fsync (bsc#1194649).
- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).
- btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1194649).
- btrfs: Remove unnecessary check from join_running_log_trans (bsc#1194649).
- btrfs: remove unnecessary directory inode item update when deleting dir entry (bsc#1194649).
- btrfs: remove unnecessary list head initialization when syncing log (bsc#1194649).
- btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#1194649).
- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).
- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).
- can: mcba_usb: properly check endpoint type (git-fixes).
- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).
- cifs: do not skip link targets when an I/O fails (bsc#1194625).
- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).
- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).
- clk: bcm2835: Remove unused variable (git-fixes).
- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).
- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).
- clk: Initialize orphan req_rate (git-fixes).
- clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).
- clk: nxp: Remove unused variable (git-fixes).
- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes).
- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).
- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).
- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).
- clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).
- clk: uniphier: Fix fixed-rate initialization (git-fixes).
- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).
- clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).
- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).
- crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).
- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).
- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).
- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).
- crypto: qat - do not cast parameter in bit operations (git-fixes).
- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).
- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).
- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).
- crypto: vmx - add missing dependencies (git-fixes).
- dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).
- driver core: dd: fix return value of __setup handler (git-fixes).
- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).
- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).
- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).
- drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).
- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).
- drm/doc: overview before functions for drm_writeback.c (git-fixes).
- drm/i915: Fix dbuf slice config lookup (git-fixes).
- drm/i915/gem: add missing boundary check in vm_access (git-fixes).
- drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).
- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).
- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).
- drm/msm/dpu: add DSPP blocks teardown (git-fixes).
- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).
- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).
- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).
- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling (git-fixes).
- drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).
- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).
- ecryptfs: Fix typo in message (bsc#1197811).
- ext2: correct max file size computing (bsc#1197820).
- firmware: google: Properly state IOMEM dependency (git-fixes).
- firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).
- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).
- HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).
- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).
- hwmon: (pmbus) Add Vin unit off handling (git-fixes).
- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).
- hwrng: atmel - disable trng on failure path (git-fixes).
- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).
- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).
- iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).
- iio: adc: Add check for devm_request_threaded_irq (git-fixes).
- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).
- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).
- iio: inkern: apply consumer scale when no channel scale is available (git-fixes).
- iio: inkern: make a best effort on offset calculation (git-fixes).
- Input: aiptek - properly check endpoint type (git-fixes).
- iwlwifi: do not advertise TWT support (git-fixes).
- KVM: SVM: Do not flush cache if hardware enforces cache coherency across encryption domains (bsc#1178134).
- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).
- mac80211: fix potential double free on mesh join (git-fixes).
- mac80211: refuse aggregations sessions before authorized (git-fixes).
- media: aspeed: Correct value for h-total-pixels (git-fixes).
- media: bttv: fix WARNING regression on tunerless devices (git-fixes).
- media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).
- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).
- media: em28xx: initialize refcount before kref_get (git-fixes).
- media: hantro: Fix overfill bottom register field name (git-fixes).
- media: Revert 'media: em28xx: add missing em28xx_close_extension' (git-fixes).
- media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).
- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).
- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).
- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)
- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)
- memory: emif: Add check for setup_interrupts (git-fixes).
- memory: emif: check the pointer temp in get_device_details() (git-fixes).
- misc: alcor_pci: Fix an error handling path (git-fixes).
- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).
- mm_zone: add function to check if managed dma zone exists (bsc#1197501).
- mm: add vma_lookup(), update find_vma_intersection() comments (git-fixes).
- mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).
- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).
- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (git-fixes).
- net: enetc: initialize the RFS and RSS memories (git-fixes).
- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx() (git-fixes).
- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).
- net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).
- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018).
- net: watchdog: hold device global xmit lock during tx disable (git-fixes).
- net/smc: Fix loop in smc_listen (git-fixes).
- net/smc: fix using of uninitialized completions (git-fixes).
- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).
- net/smc: Make sure the link_id is unique (git-fixes).
- net/smc: Reset conn->lgr when link group registration fails (git-fixes).
- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).
- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).
- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).
- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).
- NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).
- NFS: Do not skip directory entries when doing uncached readdir (git-fixes).
- NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).
- NFS: Fix another issue with a list iterator pointing to the head (git-fixes).
- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).
- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).
- NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).
- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).
- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).
- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).
- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).
- pinctrl: mediatek: paris: Fix 'argument' argument type for mtk_pinconf_get() (git-fixes).
- pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).
- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).
- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).
- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).
- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).
- pinctrl: samsung: drop pin banks references on error paths (git-fixes).
- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).
- PM: hibernate: fix __setup handler error handling (git-fixes).
- PM: suspend: fix return value of __setup handler (git-fixes).
- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).
- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).
- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).
- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).
- powerpc/perf: Expose Performance Monitor Counter SPR's as part of extended regs (bsc#1198077 ltc#197299).
- powerpc/perf: Include PMCs as part of per-cpu cpuhw_events struct (bsc#1198077 ltc#197299).
- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).
- powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).
- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).
- powerpc/xive: fix return value of __setup handler (bsc#1065729).
- printk: Add panic_in_progress helper (bsc#1197894).
- printk: disable optimistic spin during panic (bsc#1197894).
- pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).
- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).
- remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).
- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).
- s390/bpf: Perform r1 range checking before accessing jit->seen_reg (git-fixes).
- s390/gmap: do not unconditionally call pte_unmap_unlock() in __gmap_zap() (git-fixes).
- s390/gmap: validate VMA in __gmap_zap() (git-fixes).
- s390/hypfs: include z/VM guests with access control group set (bsc#1195640 LTC#196352).
- s390/kexec_file: fix error handling when applying relocations (git-fixes).
- s390/kexec: fix memory leak of ipl report buffer (git-fixes).
- s390/kexec: fix return code handling (git-fixes).
- s390/mm: fix VMA and page table handling code in storage key handling functions (git-fixes).
- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).
- s390/module: fix loading modules with a lot of relocations (git-fixes).
- s390/pci_mmio: fully validate the VMA before calling follow_pte() (git-fixes).
- s390/tape: fix timer initialization in tape_std_assign() (bsc#1197677 LTC#197378).
- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).
- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).
- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).
- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).
- scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).
- scsi: lpfc: Fix typos in comments (bsc#1197675).
- scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).
- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).
- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).
- scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).
- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).
- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).
- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).
- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).
- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).
- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).
- scsi: lpfc: Use fc_block_rport() (bsc#1197675).
- scsi: lpfc: Use kcalloc() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).
- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).
- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).
- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).
- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).
- scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).
- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).
- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).
- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).
- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).
- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).
- scsi: qla2xxx: Fix typos in comments (bsc#1197661).
- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).
- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).
- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).
- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).
- scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).
- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).
- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).
- serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).
- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).
- serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).
- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).
- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).
- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).
- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).
- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).
- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).
- staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).
- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).
- tcp: change source port randomizarion at connect() time (bsc#1180153).
- team: protect features update by RCU to avoid deadlock (git-fixes).
- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).
- thermal: int340x: Increase bitmap size (git-fixes).
- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).
- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).
- usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (git-fixes).
- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).
- usb: bdc: remove duplicated error message (git-fixes).
- usb: bdc: Use devm_clk_get_optional() (git-fixes).
- usb: bdc: use devm_platform_ioremap_resource() to simplify code (git-fixes).
- usb: dwc3: gadget: Use list_replace_init() before traversing lists (git-fixes).
- usb: dwc3: qcom: add IRQ check (git-fixes).
- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).
- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (git-fixes).
- usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).
- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).
- VFS: filename_create(): fix incorrect intent (bsc#1197534).
- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).
- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).
- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).
- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).
- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).
- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).
- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).
- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).
- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).
- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).
- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).
- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).
- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature (bsc#1178134).
- x86/mm/pat: Do not flush cache if hardware enforces cache coherency across encryption domnains (bsc#1178134).
- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#1178134).
- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).
- xhci: fix garbage USBSTS being logged in some cases (git-fixes).
Patchnames
SUSE-2022-1407,SUSE-SLE-Module-RT-15-SP3-2022-1407,SUSE-SUSE-MicroOS-5.1-2022-1407,SUSE-SUSE-MicroOS-5.2-2022-1407
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for the Linux Kernel", title: "Title of the patch", }, { category: "description", text: "\nThe SUSE Linux Enterprise 15 SP3 kernel was updated.\n\nThe following security bugs were fixed:\n\n- CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space. (bnc#1196823)\n- CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227)\n- CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198028)\n- CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027)\n- CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030).\n- CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a local attacker with a user privilege to execute a denial of service. (bsc#1198029)\n- CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel. (bnc#1198031)\n- CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel. (bnc#1198032)\n- CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033)\n- CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#1197331)\n- CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation. (bnc#1197702)\n- CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c. (bsc#1196761)\n- CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462)\n- CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file. (bnc#1197366)\n- CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343)\n\nThe following non-security bugs were fixed:\n\n- ACPI: APEI: fix return value of __setup handlers (git-fixes).\n- ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes).\n- ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes).\n- ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes).\n- ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes).\n- ACPI: docs: enumeration: Update UART serial bus resource documentation (git-fixes).\n- ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes).\n- ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes).\n- ACPI: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes).\n- ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes).\n- ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes).\n- ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes).\n- ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes).\n- ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes).\n- ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes).\n- ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes).\n- ALSA: spi: Add check for clk_enable() (git-fixes).\n- ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes).\n- ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes).\n- ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes).\n- ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes).\n- ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes).\n- ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes).\n- ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes).\n- ASoC: fsi: Add check for clk_enable (git-fixes).\n- ASoC: fsl_spdif: Disable TX clock when stop (git-fixes).\n- ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes).\n- ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes).\n- ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes).\n- ASoC: mxs-saif: Handle errors for clk_enable (git-fixes).\n- ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes).\n- ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes).\n- ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes).\n- ASoC: SOF: topology: remove redundant code (git-fixes).\n- ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes).\n- ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes).\n- ASoC: topology: Allow TLV control to be either read or write (git-fixes).\n- ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes).\n- ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes).\n- ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes).\n- ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018).\n- block: update io_ticks when io hang (bsc#1197817).\n- block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819).\n- bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes).\n- bpf: Remove config check to enable bpf support for branch records (git-fixes bsc#1177028).\n- btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1194649).\n- btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1194649).\n- btrfs: avoid unnecessary logging of xattrs during fast fsyncs (bsc#1194649).\n- btrfs: check error value from btrfs_update_inode in tree log (bsc#1194649).\n- btrfs: check if a log root exists before locking the log_mutex on unlink (bsc#1194649).\n- btrfs: check if a log tree exists at inode_logged() (bsc#1194649).\n- btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1194649).\n- btrfs: do not log new dentries when logging that a new name exists (bsc#1194649).\n- btrfs: eliminate some false positives when checking if inode was logged (bsc#1194649).\n- btrfs: fix race leading to unnecessary transaction commit when logging inode (bsc#1194649).\n- btrfs: fix race that causes unnecessary logging of ancestor inodes (bsc#1194649).\n- btrfs: fix race that makes inode logging fallback to transaction commit (bsc#1194649).\n- btrfs: fix race that results in logging old extents during a fast fsync (bsc#1194649).\n- btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649).\n- btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1194649).\n- btrfs: Remove unnecessary check from join_running_log_trans (bsc#1194649).\n- btrfs: remove unnecessary directory inode item update when deleting dir entry (bsc#1194649).\n- btrfs: remove unnecessary list head initialization when syncing log (bsc#1194649).\n- btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#1194649).\n- can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes).\n- can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes).\n- can: mcba_usb: properly check endpoint type (git-fixes).\n- can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes).\n- cifs: do not skip link targets when an I/O fails (bsc#1194625).\n- cifs: use the correct max-length for dentry_path_raw() (bsc1196196).\n- clk: actions: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: bcm2835: Remove unused variable (git-fixes).\n- clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: imx7d: Remove audio_mclk_root_clk (git-fixes).\n- clk: Initialize orphan req_rate (git-fixes).\n- clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes).\n- clk: nxp: Remove unused variable (git-fixes).\n- clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes).\n- clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes).\n- clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes).\n- clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes).\n- clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes).\n- clk: uniphier: Fix fixed-rate initialization (git-fixes).\n- clocksource: acpi_pm: fix return value of __setup handler (git-fixes).\n- clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes).\n- cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes)\n- crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes).\n- crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes).\n- crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes).\n- crypto: ccree - do not attempt 0 len DMA mappings (git-fixes).\n- crypto: mxs-dcp - Fix scatterlist processing (git-fixes).\n- crypto: qat - do not cast parameter in bit operations (git-fixes).\n- crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes).\n- crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes).\n- crypto: rsa-pkcs1pad - restore signature length check (git-fixes).\n- crypto: vmx - add missing dependencies (git-fixes).\n- dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501).\n- driver core: dd: fix return value of __setup handler (git-fixes).\n- drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes).\n- drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes).\n- drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes).\n- drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes).\n- drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes).\n- drm/doc: overview before functions for drm_writeback.c (git-fixes).\n- drm/i915: Fix dbuf slice config lookup (git-fixes).\n- drm/i915/gem: add missing boundary check in vm_access (git-fixes).\n- drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes).\n- drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes).\n- drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes).\n- drm/msm/dpu: add DSPP blocks teardown (git-fixes).\n- drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes).\n- drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes).\n- drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes).\n- drm/vc4: crtc: Make sure the HDMI controller is powered when disabling (git-fixes).\n- drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes).\n- ecryptfs: fix kernel panic with null dev_name (bsc#1197812).\n- ecryptfs: Fix typo in message (bsc#1197811).\n- ext2: correct max file size computing (bsc#1197820).\n- firmware: google: Properly state IOMEM dependency (git-fixes).\n- firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes).\n- fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815).\n- HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243).\n- hwmon: (pmbus) Add mutex to regulator ops (git-fixes).\n- hwmon: (pmbus) Add Vin unit off handling (git-fixes).\n- hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes).\n- hwrng: atmel - disable trng on failure path (git-fixes).\n- i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes).\n- ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259).\n- iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes).\n- iio: adc: Add check for devm_request_threaded_irq (git-fixes).\n- iio: afe: rescale: use s64 for temporary scale calculations (git-fixes).\n- iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes).\n- iio: inkern: apply consumer scale when no channel scale is available (git-fixes).\n- iio: inkern: make a best effort on offset calculation (git-fixes).\n- Input: aiptek - properly check endpoint type (git-fixes).\n- iwlwifi: do not advertise TWT support (git-fixes).\n- KVM: SVM: Do not flush cache if hardware enforces cache coherency across encryption domains (bsc#1178134).\n- llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes).\n- mac80211: fix potential double free on mesh join (git-fixes).\n- mac80211: refuse aggregations sessions before authorized (git-fixes).\n- media: aspeed: Correct value for h-total-pixels (git-fixes).\n- media: bttv: fix WARNING regression on tunerless devices (git-fixes).\n- media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes).\n- media: davinci: vpif: fix unbalanced runtime PM get (git-fixes).\n- media: em28xx: initialize refcount before kref_get (git-fixes).\n- media: hantro: Fix overfill bottom register field name (git-fixes).\n- media: Revert 'media: em28xx: add missing em28xx_close_extension' (git-fixes).\n- media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes).\n- media: usb: go7007: s2250-board: fix leak in probe() (git-fixes).\n- media: video/hdmi: handle short reads of hdmi info frame (git-fixes).\n- membarrier: Execute SYNC_CORE on the calling thread (git-fixes)\n- membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes)\n- memory: emif: Add check for setup_interrupts (git-fixes).\n- memory: emif: check the pointer temp in get_device_details() (git-fixes).\n- misc: alcor_pci: Fix an error handling path (git-fixes).\n- misc: sgi-gru: Do not cast parameter in bit operations (git-fixes).\n- mm_zone: add function to check if managed dma zone exists (bsc#1197501).\n- mm: add vma_lookup(), update find_vma_intersection() comments (git-fixes).\n- mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501).\n- mmc: davinci_mmc: Handle error for clk_enable (git-fixes).\n- net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (git-fixes).\n- net: enetc: initialize the RFS and RSS memories (git-fixes).\n- net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx() (git-fixes).\n- net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes).\n- net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes).\n- net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes).\n- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018).\n- net: watchdog: hold device global xmit lock during tx disable (git-fixes).\n- net/smc: Fix loop in smc_listen (git-fixes).\n- net/smc: fix using of uninitialized completions (git-fixes).\n- net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes).\n- net/smc: Make sure the link_id is unique (git-fixes).\n- net/smc: Reset conn->lgr when link group registration fails (git-fixes).\n- netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389).\n- netxen_nic: fix MSI/MSI-x interrupts (git-fixes).\n- NFS: Avoid duplicate uncached readdir calls on eof (git-fixes).\n- NFS: Do not report writeback errors in nfs_getattr() (git-fixes).\n- NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes).\n- NFS: Do not skip directory entries when doing uncached readdir (git-fixes).\n- NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes).\n- NFS: Fix another issue with a list iterator pointing to the head (git-fixes).\n- NFS: Fix initialisation of nfs_client cl_flags field (git-fixes).\n- NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes).\n- NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes).\n- NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes).\n- NFS: Use of mapping_set_error() results in spurious errors (git-fixes).\n- nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes).\n- pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes).\n- pinctrl: mediatek: paris: Fix 'argument' argument type for mtk_pinconf_get() (git-fixes).\n- pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes).\n- pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes).\n- pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes).\n- pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes).\n- pinctrl: samsung: drop pin banks references on error paths (git-fixes).\n- pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes).\n- PM: hibernate: fix __setup handler error handling (git-fixes).\n- PM: suspend: fix return value of __setup handler (git-fixes).\n- powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395).\n- powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395).\n- powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes).\n- powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395).\n- powerpc/perf: Expose Performance Monitor Counter SPR's as part of extended regs (bsc#1198077 ltc#197299).\n- powerpc/perf: Include PMCs as part of per-cpu cpuhw_events struct (bsc#1198077 ltc#197299).\n- powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729).\n- powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729).\n- powerpc/tm: Fix more userspace r13 corruption (bsc#1065729).\n- powerpc/xive: fix return value of __setup handler (bsc#1065729).\n- printk: Add panic_in_progress helper (bsc#1197894).\n- printk: disable optimistic spin during panic (bsc#1197894).\n- pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes).\n- regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes).\n- remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes).\n- remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes).\n- s390/bpf: Perform r1 range checking before accessing jit->seen_reg (git-fixes).\n- s390/gmap: do not unconditionally call pte_unmap_unlock() in __gmap_zap() (git-fixes).\n- s390/gmap: validate VMA in __gmap_zap() (git-fixes).\n- s390/hypfs: include z/VM guests with access control group set (bsc#1195640 LTC#196352).\n- s390/kexec_file: fix error handling when applying relocations (git-fixes).\n- s390/kexec: fix memory leak of ipl report buffer (git-fixes).\n- s390/kexec: fix return code handling (git-fixes).\n- s390/mm: fix VMA and page table handling code in storage key handling functions (git-fixes).\n- s390/mm: validate VMA in PGSTE manipulation functions (git-fixes).\n- s390/module: fix loading modules with a lot of relocations (git-fixes).\n- s390/pci_mmio: fully validate the VMA before calling follow_pte() (git-fixes).\n- s390/tape: fix timer initialization in tape_std_assign() (bsc#1197677 LTC#197378).\n- scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675).\n- scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675).\n- scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675).\n- scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675).\n- scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Fix typos in comments (bsc#1197675).\n- scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478).\n- scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675).\n- scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675).\n- scsi: lpfc: Remove failing soft_wwn support (bsc#1197675).\n- scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675).\n- scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675).\n- scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675).\n- scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675).\n- scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675).\n- scsi: lpfc: Use fc_block_rport() (bsc#1197675).\n- scsi: lpfc: Use kcalloc() (bsc#1197675).\n- scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675).\n- scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675).\n- scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661).\n- scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661).\n- scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661).\n- scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661).\n- scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661).\n- scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661).\n- scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661).\n- scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661).\n- scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661).\n- scsi: qla2xxx: Fix typos in comments (bsc#1197661).\n- scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661).\n- scsi: qla2xxx: Reduce false trigger to login (bsc#1197661).\n- scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661).\n- scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661).\n- scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661).\n- scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661).\n- serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes).\n- serial: 8250: Fix race condition in RTS-after-send handling (git-fixes).\n- serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes).\n- soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes).\n- soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes).\n- soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes).\n- soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes).\n- spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes).\n- spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes).\n- staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes).\n- tcp: add some entropy in __inet_hash_connect() (bsc#1180153).\n- tcp: change source port randomizarion at connect() time (bsc#1180153).\n- team: protect features update by RCU to avoid deadlock (git-fixes).\n- thermal: int340x: Check for NULL after calling kmemdup() (git-fixes).\n- thermal: int340x: Increase bitmap size (git-fixes).\n- udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes).\n- usb: bdc: Adb shows offline after resuming from S2 (git-fixes).\n- usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (git-fixes).\n- usb: bdc: Fix unused assignment in bdc_probe() (git-fixes).\n- usb: bdc: remove duplicated error message (git-fixes).\n- usb: bdc: Use devm_clk_get_optional() (git-fixes).\n- usb: bdc: use devm_platform_ioremap_resource() to simplify code (git-fixes).\n- usb: dwc3: gadget: Use list_replace_init() before traversing lists (git-fixes).\n- usb: dwc3: qcom: add IRQ check (git-fixes).\n- usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes).\n- usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (git-fixes).\n- usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes).\n- usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes).\n- VFS: filename_create(): fix incorrect intent (bsc#1197534).\n- video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes).\n- video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes).\n- video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes).\n- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).\n- video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes).\n- video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes).\n- video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes).\n- VMCI: Fix the description of vmci_check_host_caps() (git-fixes).\n- vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889).\n- wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes).\n- wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes).\n- wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes).\n- wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes).\n- x86/cpu: Add hardware-enforced cache coherency as a CPUID feature (bsc#1178134).\n- x86/mm/pat: Do not flush cache if hardware enforces cache coherency across encryption domnains (bsc#1178134).\n- x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#1178134).\n- x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134).\n- xhci: fix garbage USBSTS being logged in some cases (git-fixes).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-1407,SUSE-SLE-Module-RT-15-SP3-2022-1407,SUSE-SUSE-MicroOS-5.1-2022-1407,SUSE-SUSE-MicroOS-5.2-2022-1407", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1407-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:1407-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20221407-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:1407-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010837.html", }, { category: "self", summary: "SUSE Bug 1065729", url: "https://bugzilla.suse.com/1065729", }, { category: "self", summary: "SUSE Bug 1156395", url: "https://bugzilla.suse.com/1156395", }, { category: "self", summary: "SUSE Bug 1175667", url: "https://bugzilla.suse.com/1175667", }, { category: "self", summary: "SUSE Bug 1177028", url: "https://bugzilla.suse.com/1177028", }, { category: "self", summary: "SUSE Bug 1178134", url: "https://bugzilla.suse.com/1178134", }, { category: "self", summary: "SUSE Bug 1179639", url: "https://bugzilla.suse.com/1179639", }, { category: "self", summary: "SUSE Bug 1180153", url: "https://bugzilla.suse.com/1180153", }, { category: "self", summary: "SUSE Bug 1189562", url: "https://bugzilla.suse.com/1189562", }, { category: "self", summary: "SUSE Bug 1194625", url: "https://bugzilla.suse.com/1194625", }, { category: "self", summary: "SUSE Bug 1194649", url: "https://bugzilla.suse.com/1194649", }, { category: "self", summary: "SUSE Bug 1195640", url: "https://bugzilla.suse.com/1195640", }, { category: "self", summary: "SUSE Bug 1195926", url: "https://bugzilla.suse.com/1195926", }, { category: "self", summary: "SUSE Bug 1196018", url: "https://bugzilla.suse.com/1196018", }, { category: "self", summary: "SUSE Bug 1196196", url: "https://bugzilla.suse.com/1196196", }, { category: "self", summary: "SUSE Bug 1196478", url: "https://bugzilla.suse.com/1196478", }, { category: "self", summary: "SUSE Bug 1196761", url: "https://bugzilla.suse.com/1196761", }, { category: "self", summary: "SUSE Bug 1196823", url: "https://bugzilla.suse.com/1196823", }, { category: "self", summary: "SUSE Bug 1197227", url: "https://bugzilla.suse.com/1197227", }, { category: "self", summary: "SUSE Bug 1197243", url: "https://bugzilla.suse.com/1197243", }, { category: "self", summary: "SUSE Bug 1197300", url: "https://bugzilla.suse.com/1197300", }, { category: "self", summary: "SUSE Bug 1197302", url: "https://bugzilla.suse.com/1197302", }, { category: "self", summary: "SUSE Bug 1197331", url: "https://bugzilla.suse.com/1197331", }, { category: "self", summary: "SUSE Bug 1197343", url: "https://bugzilla.suse.com/1197343", }, { category: "self", summary: "SUSE Bug 1197366", url: "https://bugzilla.suse.com/1197366", }, { category: "self", summary: "SUSE Bug 1197389", url: "https://bugzilla.suse.com/1197389", }, { category: "self", summary: "SUSE Bug 1197462", url: "https://bugzilla.suse.com/1197462", }, { category: "self", summary: "SUSE Bug 1197501", url: "https://bugzilla.suse.com/1197501", }, { category: "self", summary: "SUSE Bug 1197534", url: "https://bugzilla.suse.com/1197534", }, { category: "self", summary: "SUSE Bug 1197661", url: "https://bugzilla.suse.com/1197661", }, { category: "self", summary: "SUSE Bug 1197675", url: "https://bugzilla.suse.com/1197675", }, { category: "self", summary: "SUSE Bug 1197677", url: "https://bugzilla.suse.com/1197677", }, { category: "self", summary: "SUSE Bug 1197702", url: "https://bugzilla.suse.com/1197702", }, { category: "self", summary: "SUSE Bug 1197811", url: "https://bugzilla.suse.com/1197811", }, { category: "self", summary: "SUSE Bug 1197812", url: "https://bugzilla.suse.com/1197812", }, { category: "self", summary: "SUSE Bug 1197815", url: "https://bugzilla.suse.com/1197815", }, { category: "self", summary: "SUSE Bug 1197817", url: "https://bugzilla.suse.com/1197817", }, { category: "self", summary: "SUSE Bug 1197819", url: "https://bugzilla.suse.com/1197819", }, { category: "self", summary: "SUSE Bug 1197820", url: "https://bugzilla.suse.com/1197820", }, { category: "self", summary: "SUSE Bug 1197888", url: "https://bugzilla.suse.com/1197888", }, { category: "self", summary: "SUSE Bug 1197889", url: "https://bugzilla.suse.com/1197889", }, { category: "self", summary: "SUSE Bug 1197894", url: "https://bugzilla.suse.com/1197894", }, { category: "self", summary: "SUSE Bug 1198027", url: "https://bugzilla.suse.com/1198027", }, { category: "self", summary: "SUSE Bug 1198028", url: "https://bugzilla.suse.com/1198028", }, { category: "self", summary: "SUSE Bug 1198029", url: "https://bugzilla.suse.com/1198029", }, { category: "self", summary: "SUSE Bug 1198030", url: "https://bugzilla.suse.com/1198030", }, { category: "self", summary: "SUSE Bug 1198031", url: "https://bugzilla.suse.com/1198031", }, { category: "self", summary: "SUSE Bug 1198032", url: "https://bugzilla.suse.com/1198032", }, { category: "self", summary: "SUSE Bug 1198033", url: "https://bugzilla.suse.com/1198033", }, { category: "self", summary: "SUSE Bug 1198077", url: "https://bugzilla.suse.com/1198077", }, { category: "self", summary: "SUSE CVE CVE-2021-45868 page", url: "https://www.suse.com/security/cve/CVE-2021-45868/", }, { category: "self", summary: "SUSE CVE CVE-2022-0850 page", url: "https://www.suse.com/security/cve/CVE-2022-0850/", }, { category: "self", summary: "SUSE CVE CVE-2022-0854 page", url: "https://www.suse.com/security/cve/CVE-2022-0854/", }, { category: "self", summary: "SUSE CVE CVE-2022-1011 page", url: "https://www.suse.com/security/cve/CVE-2022-1011/", }, { category: "self", summary: "SUSE CVE CVE-2022-1016 page", url: "https://www.suse.com/security/cve/CVE-2022-1016/", }, { category: "self", summary: "SUSE CVE CVE-2022-1048 page", url: "https://www.suse.com/security/cve/CVE-2022-1048/", }, { category: "self", summary: "SUSE CVE CVE-2022-1055 page", url: "https://www.suse.com/security/cve/CVE-2022-1055/", }, { category: "self", summary: "SUSE CVE CVE-2022-1195 page", url: "https://www.suse.com/security/cve/CVE-2022-1195/", }, { category: "self", summary: "SUSE CVE CVE-2022-1198 page", url: "https://www.suse.com/security/cve/CVE-2022-1198/", }, { category: "self", summary: "SUSE CVE CVE-2022-1199 page", url: "https://www.suse.com/security/cve/CVE-2022-1199/", }, { category: "self", summary: "SUSE CVE CVE-2022-1205 page", url: "https://www.suse.com/security/cve/CVE-2022-1205/", }, { category: "self", summary: "SUSE CVE CVE-2022-27666 page", url: "https://www.suse.com/security/cve/CVE-2022-27666/", }, { category: "self", summary: "SUSE CVE CVE-2022-28388 page", url: "https://www.suse.com/security/cve/CVE-2022-28388/", }, { category: "self", summary: "SUSE CVE CVE-2022-28389 page", url: "https://www.suse.com/security/cve/CVE-2022-28389/", }, { category: "self", summary: "SUSE CVE CVE-2022-28390 page", url: "https://www.suse.com/security/cve/CVE-2022-28390/", }, ], title: "Security update for the Linux Kernel", tracking: { current_release_date: "2022-04-26T09:19:06Z", generator: { date: "2022-04-26T09:19:06Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:1407-1", initial_release_date: "2022-04-26T09:19:06Z", revision_history: [ { date: "2022-04-26T09:19:06Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "kernel-devel-rt-5.3.18-150300.85.1.noarch", product: { name: "kernel-devel-rt-5.3.18-150300.85.1.noarch", product_id: "kernel-devel-rt-5.3.18-150300.85.1.noarch", }, }, { category: "product_version", name: "kernel-source-rt-5.3.18-150300.85.1.noarch", product: { name: "kernel-source-rt-5.3.18-150300.85.1.noarch", product_id: "kernel-source-rt-5.3.18-150300.85.1.noarch", }, }, ], category: "architecture", name: "noarch", }, { branches: [ { category: "product_version", name: "cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", product: { name: "cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", product_id: "cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "cluster-md-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product: { name: "cluster-md-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product_id: "cluster-md-kmp-rt_debug-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt-5.3.18-150300.85.1.x86_64", product: { name: "dlm-kmp-rt-5.3.18-150300.85.1.x86_64", product_id: "dlm-kmp-rt-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "dlm-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product: { name: "dlm-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product_id: "dlm-kmp-rt_debug-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", product: { name: "gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", product_id: "gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "gfs2-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product: { name: "gfs2-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product_id: "gfs2-kmp-rt_debug-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-devel-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt-devel-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt-devel-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-extra-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt-extra-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt-extra-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-livepatch-devel-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt-livepatch-devel-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt-livepatch-devel-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt-optional-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt-optional-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt-optional-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt_debug-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt_debug-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-extra-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt_debug-extra-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt_debug-extra-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt_debug-livepatch-devel-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt_debug-livepatch-devel-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-rt_debug-optional-5.3.18-150300.85.1.x86_64", product: { name: "kernel-rt_debug-optional-5.3.18-150300.85.1.x86_64", product_id: "kernel-rt_debug-optional-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kernel-syms-rt-5.3.18-150300.85.1.x86_64", product: { name: "kernel-syms-rt-5.3.18-150300.85.1.x86_64", product_id: "kernel-syms-rt-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt-5.3.18-150300.85.1.x86_64", product: { name: "kselftests-kmp-rt-5.3.18-150300.85.1.x86_64", product_id: "kselftests-kmp-rt-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "kselftests-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product: { name: "kselftests-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product_id: "kselftests-kmp-rt_debug-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", product: { name: "ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", product_id: "ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "ocfs2-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product: { name: "ocfs2-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product_id: "ocfs2-kmp-rt_debug-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt-5.3.18-150300.85.1.x86_64", product: { name: "reiserfs-kmp-rt-5.3.18-150300.85.1.x86_64", product_id: "reiserfs-kmp-rt-5.3.18-150300.85.1.x86_64", }, }, { category: "product_version", name: "reiserfs-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product: { name: "reiserfs-kmp-rt_debug-5.3.18-150300.85.1.x86_64", product_id: "reiserfs-kmp-rt_debug-5.3.18-150300.85.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Real Time Module 15 SP3", product: { name: "SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-rt:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.1", product: { name: "SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Micro 5.2", product: { name: "SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2", product_identification_helper: { cpe: "cpe:/o:suse:suse-microos:5.2", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", }, product_reference: "cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "dlm-kmp-rt-5.3.18-150300.85.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", }, product_reference: "dlm-kmp-rt-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "gfs2-kmp-rt-5.3.18-150300.85.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", }, product_reference: "gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-devel-rt-5.3.18-150300.85.1.noarch as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", }, product_reference: "kernel-devel-rt-5.3.18-150300.85.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.85.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-devel-5.3.18-150300.85.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", }, product_reference: "kernel-rt-devel-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", }, product_reference: "kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-source-rt-5.3.18-150300.85.1.noarch as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", }, product_reference: "kernel-source-rt-5.3.18-150300.85.1.noarch", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-syms-rt-5.3.18-150300.85.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", }, product_reference: "kernel-syms-rt-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64 as component of SUSE Real Time Module 15 SP3", product_id: "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", }, product_reference: "ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Real Time Module 15 SP3", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.85.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1", product_id: "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.1", }, { category: "default_component_of", full_product_name: { name: "kernel-rt-5.3.18-150300.85.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2", product_id: "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", }, product_reference: "kernel-rt-5.3.18-150300.85.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Micro 5.2", }, ], }, vulnerabilities: [ { cve: "CVE-2021-45868", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2021-45868", }, ], notes: [ { category: "general", text: "In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2021-45868", url: "https://www.suse.com/security/cve/CVE-2021-45868", }, { category: "external", summary: "SUSE Bug 1197366 for CVE-2021-45868", url: "https://bugzilla.suse.com/1197366", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2021-45868", }, { cve: "CVE-2022-0850", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0850", }, ], notes: [ { category: "general", text: "A vulnerability was found in linux kernel, where an information leak occurs via ext4_extent_header to userspace.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0850", url: "https://www.suse.com/security/cve/CVE-2022-0850", }, { category: "external", summary: "SUSE Bug 1196761 for CVE-2022-0850", url: "https://bugzilla.suse.com/1196761", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 4.4, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-0850", }, { cve: "CVE-2022-0854", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-0854", }, ], notes: [ { category: "general", text: "A memory leak flaw was found in the Linux kernel's DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-0854", url: "https://www.suse.com/security/cve/CVE-2022-0854", }, { category: "external", summary: "SUSE Bug 1196823 for CVE-2022-0854", url: "https://bugzilla.suse.com/1196823", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-0854", }, { cve: "CVE-2022-1011", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1011", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's FUSE filesystem in the way a user triggers write(). This flaw allows a local user to gain unauthorized access to data from the FUSE filesystem, resulting in privilege escalation.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1011", url: "https://www.suse.com/security/cve/CVE-2022-1011", }, { category: "external", summary: "SUSE Bug 1197343 for CVE-2022-1011", url: "https://bugzilla.suse.com/1197343", }, { category: "external", summary: "SUSE Bug 1197344 for CVE-2022-1011", url: "https://bugzilla.suse.com/1197344", }, { category: "external", summary: "SUSE Bug 1198687 for CVE-2022-1011", url: "https://bugzilla.suse.com/1198687", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-1011", url: "https://bugzilla.suse.com/1204132", }, { category: "external", summary: "SUSE Bug 1212322 for CVE-2022-1011", url: "https://bugzilla.suse.com/1212322", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-1011", }, { cve: "CVE-2022-1016", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1016", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel in net/netfilter/nf_tables_core.c:nft_do_chain, which can cause a use-after-free. This issue needs to handle 'return' with proper preconditions, as it can lead to a kernel information leak problem caused by a local, unprivileged attacker.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1016", url: "https://www.suse.com/security/cve/CVE-2022-1016", }, { category: "external", summary: "SUSE Bug 1197335 for CVE-2022-1016", url: "https://bugzilla.suse.com/1197335", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "important", }, ], title: "CVE-2022-1016", }, { cve: "CVE-2022-1048", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1048", }, ], notes: [ { category: "general", text: "A use-after-free flaw was found in the Linux kernel's sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1048", url: "https://www.suse.com/security/cve/CVE-2022-1048", }, { category: "external", summary: "SUSE Bug 1197331 for CVE-2022-1048", url: "https://bugzilla.suse.com/1197331", }, { category: "external", summary: "SUSE Bug 1197597 for CVE-2022-1048", url: "https://bugzilla.suse.com/1197597", }, { category: "external", summary: "SUSE Bug 1200041 for CVE-2022-1048", url: "https://bugzilla.suse.com/1200041", }, { category: "external", summary: "SUSE Bug 1204132 for CVE-2022-1048", url: "https://bugzilla.suse.com/1204132", }, { category: "external", summary: "SUSE Bug 1212325 for CVE-2022-1048", url: "https://bugzilla.suse.com/1212325", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "important", }, ], title: "CVE-2022-1048", }, { cve: "CVE-2022-1055", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1055", }, ], notes: [ { category: "general", text: "A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1055", url: "https://www.suse.com/security/cve/CVE-2022-1055", }, { category: "external", summary: "SUSE Bug 1197702 for CVE-2022-1055", url: "https://bugzilla.suse.com/1197702", }, { category: "external", summary: "SUSE Bug 1197705 for CVE-2022-1055", url: "https://bugzilla.suse.com/1197705", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 8.4, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "important", }, ], title: "CVE-2022-1055", }, { cve: "CVE-2022-1195", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1195", }, ], notes: [ { category: "general", text: "A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1195", url: "https://www.suse.com/security/cve/CVE-2022-1195", }, { category: "external", summary: "SUSE Bug 1198029 for CVE-2022-1195", url: "https://bugzilla.suse.com/1198029", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.5, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-1195", }, { cve: "CVE-2022-1198", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1198", }, ], notes: [ { category: "general", text: "A use-after-free vulnerabilitity was discovered in drivers/net/hamradio/6pack.c of linux that allows an attacker to crash linux kernel by simulating ax25 device using 6pack driver from user space.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1198", url: "https://www.suse.com/security/cve/CVE-2022-1198", }, { category: "external", summary: "SUSE Bug 1198030 for CVE-2022-1198", url: "https://bugzilla.suse.com/1198030", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-1198", }, { cve: "CVE-2022-1199", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1199", }, ], notes: [ { category: "general", text: "A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1199", url: "https://www.suse.com/security/cve/CVE-2022-1199", }, { category: "external", summary: "SUSE Bug 1198028 for CVE-2022-1199", url: "https://bugzilla.suse.com/1198028", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-1199", }, { cve: "CVE-2022-1205", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-1205", }, ], notes: [ { category: "general", text: "A NULL pointer dereference flaw was found in the Linux kernel's Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-1205", url: "https://www.suse.com/security/cve/CVE-2022-1205", }, { category: "external", summary: "SUSE Bug 1198027 for CVE-2022-1205", url: "https://bugzilla.suse.com/1198027", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.1, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-1205", }, { cve: "CVE-2022-27666", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-27666", }, ], notes: [ { category: "general", text: "A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-27666", url: "https://www.suse.com/security/cve/CVE-2022-27666", }, { category: "external", summary: "SUSE Bug 1197131 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197131", }, { category: "external", summary: "SUSE Bug 1197133 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197133", }, { category: "external", summary: "SUSE Bug 1197462 for CVE-2022-27666", url: "https://bugzilla.suse.com/1197462", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7.7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "important", }, ], title: "CVE-2022-27666", }, { cve: "CVE-2022-28388", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28388", }, ], notes: [ { category: "general", text: "usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28388", url: "https://www.suse.com/security/cve/CVE-2022-28388", }, { category: "external", summary: "SUSE Bug 1198032 for CVE-2022-28388", url: "https://bugzilla.suse.com/1198032", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-28388", }, { cve: "CVE-2022-28389", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28389", }, ], notes: [ { category: "general", text: "mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28389", url: "https://www.suse.com/security/cve/CVE-2022-28389", }, { category: "external", summary: "SUSE Bug 1198033 for CVE-2022-28389", url: "https://bugzilla.suse.com/1198033", }, { category: "external", summary: "SUSE Bug 1201657 for CVE-2022-28389", url: "https://bugzilla.suse.com/1201657", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-28389", }, { cve: "CVE-2022-28390", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-28390", }, ], notes: [ { category: "general", text: "ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-28390", url: "https://www.suse.com/security/cve/CVE-2022-28390", }, { category: "external", summary: "SUSE Bug 1198031 for CVE-2022-28390", url: "https://bugzilla.suse.com/1198031", }, { category: "external", summary: "SUSE Bug 1201517 for CVE-2022-28390", url: "https://bugzilla.suse.com/1201517", }, { category: "external", summary: "SUSE Bug 1207969 for CVE-2022-28390", url: "https://bugzilla.suse.com/1207969", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 7, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, products: [ "SUSE Linux Enterprise Micro 5.1:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Linux Enterprise Micro 5.2:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:cluster-md-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:dlm-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:gfs2-kmp-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-devel-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-rt_debug-devel-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:kernel-source-rt-5.3.18-150300.85.1.noarch", "SUSE Real Time Module 15 SP3:kernel-syms-rt-5.3.18-150300.85.1.x86_64", "SUSE Real Time Module 15 SP3:ocfs2-kmp-rt-5.3.18-150300.85.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-04-26T09:19:06Z", details: "moderate", }, ], title: "CVE-2022-28390", }, ], }
wid-sec-w-2022-0161
Vulnerability from csaf_certbund
Published
2022-03-31 22:00
Modified
2022-12-28 23:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0161 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0161.json", }, { category: "self", summary: "WID-SEC-2022-0161 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0161", }, { category: "external", summary: "NetApp Security Advisory NTAP-20221228-0006 vom 2022-12-28", url: "https://security.netapp.com/advisory/ntap-20221228-0006/", }, { category: "external", summary: "Ubuntu Security Notice USN-5469-1 vom 2022-06-08", url: "https://ubuntu.com/security/notices/USN-5469-1", }, { category: "external", summary: "Ubuntu Security Notice USN-5467-1 vom 2022-06-08", url: "https://ubuntu.com/security/notices/USN-5467-1", }, { category: "external", summary: "RedHat Bugzilla vom 2022-03-31", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070689", }, { category: "external", summary: "RedHat Bugzilla vom 2022-03-31", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1163-1 vom 2022-04-12", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010687.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1183-1 vom 2022-04-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010701.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1407-1 vom 2022-04-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010837.html", }, { category: "external", summary: "Debian Security Advisory DSA-5127 vom 2022-05-02", url: "https://lists.debian.org/debian-security-announce/2022/msg00095.html", }, { category: "external", summary: "Debian Security Advisory DLA-3065 vom 2022-07-01", url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html", }, { category: "external", summary: "Debian Security Advisory DSA-5173 vom 2022-07-03", url: "https://lists.debian.org/debian-security-announce/2022/msg00141.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5515-1 vom 2022-07-13", url: "https://ubuntu.com/security/notices/USN-5515-1", }, { category: "external", summary: "Ubuntu Security Notice USN-5514-1 vom 2022-07-13", url: "https://ubuntu.com/security/notices/USN-5514-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2520-1 vom 2022-07-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011616.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5541-1 vom 2022-07-29", url: "https://ubuntu.com/security/notices/USN-5541-1", }, { category: "external", summary: "Ubuntu Security Notice USN-5539-1 vom 2022-07-29", url: "https://ubuntu.com/security/notices/USN-5539-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2615-1 vom 2022-08-01", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011728.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5650-1 vom 2022-10-01", url: "https://ubuntu.com/security/notices/USN-5650-1", }, ], source_lang: "en-US", title: "Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2022-12-28T23:00:00.000+00:00", generator: { date: "2024-08-15T17:26:59.426+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-0161", initial_release_date: "2022-03-31T22:00:00.000+00:00", revision_history: [ { date: "2022-03-31T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-04-12T22:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-04-13T22:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-04-26T22:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-05-02T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Debian aufgenommen", }, { date: "2022-06-07T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-07-03T22:00:00.000+00:00", number: "7", summary: "Neue Updates von Debian aufgenommen", }, { date: "2022-07-13T22:00:00.000+00:00", number: "8", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-07-21T22:00:00.000+00:00", number: "9", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-07-28T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-08-01T22:00:00.000+00:00", number: "11", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-10-03T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-12-28T23:00:00.000+00:00", number: "13", summary: "Neue Updates von NetApp aufgenommen", }, ], status: "final", version: "13", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "NetApp ActiveIQ Unified Manager for VMware vSphere", product: { name: "NetApp ActiveIQ Unified Manager for VMware vSphere", product_id: "T025152", product_identification_helper: { cpe: "cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere", }, }, }, ], category: "vendor", name: "NetApp", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel", product: { name: "Open Source Linux Kernel", product_id: "6368", product_identification_helper: { cpe: "cpe:/o:linux:linux_kernel:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2022-1198", notes: [ { category: "description", text: "Es existiert eine Schwachstelle im Linux Kernel. In drivers/net/hamradio/6pack.c gibt es mehrere Use-after-free Probleme. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.", }, ], product_status: { known_affected: [ "T025152", "2951", "T002207", "6368", "T000126", ], }, release_date: "2022-03-31T22:00:00.000+00:00", title: "CVE-2022-1198", }, { cve: "CVE-2022-1199", notes: [ { category: "description", text: "Es existiert eine Schwachstelle im Linux Kernel. In ax25_release() bestehen use-after-free und null-pointer-dereference Probleme. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.", }, ], product_status: { known_affected: [ "T025152", "2951", "T002207", "6368", "T000126", ], }, release_date: "2022-03-31T22:00:00.000+00:00", title: "CVE-2022-1199", }, ], }
WID-SEC-W-2022-0161
Vulnerability from csaf_certbund
Published
2022-03-31 22:00
Modified
2022-12-28 23:00
Summary
Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme
- Linux
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Der Kernel stellt den Kern des Linux Betriebssystems dar.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen.", title: "Angriff", }, { category: "general", text: "- Linux", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0161 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0161.json", }, { category: "self", summary: "WID-SEC-2022-0161 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0161", }, { category: "external", summary: "NetApp Security Advisory NTAP-20221228-0006 vom 2022-12-28", url: "https://security.netapp.com/advisory/ntap-20221228-0006/", }, { category: "external", summary: "Ubuntu Security Notice USN-5469-1 vom 2022-06-08", url: "https://ubuntu.com/security/notices/USN-5469-1", }, { category: "external", summary: "Ubuntu Security Notice USN-5467-1 vom 2022-06-08", url: "https://ubuntu.com/security/notices/USN-5467-1", }, { category: "external", summary: "RedHat Bugzilla vom 2022-03-31", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070689", }, { category: "external", summary: "RedHat Bugzilla vom 2022-03-31", url: "https://bugzilla.redhat.com/show_bug.cgi?id=2070694", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1163-1 vom 2022-04-12", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010687.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1183-1 vom 2022-04-13", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010701.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1407-1 vom 2022-04-26", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-April/010837.html", }, { category: "external", summary: "Debian Security Advisory DSA-5127 vom 2022-05-02", url: "https://lists.debian.org/debian-security-announce/2022/msg00095.html", }, { category: "external", summary: "Debian Security Advisory DLA-3065 vom 2022-07-01", url: "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html", }, { category: "external", summary: "Debian Security Advisory DSA-5173 vom 2022-07-03", url: "https://lists.debian.org/debian-security-announce/2022/msg00141.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5515-1 vom 2022-07-13", url: "https://ubuntu.com/security/notices/USN-5515-1", }, { category: "external", summary: "Ubuntu Security Notice USN-5514-1 vom 2022-07-13", url: "https://ubuntu.com/security/notices/USN-5514-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2520-1 vom 2022-07-22", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011616.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5541-1 vom 2022-07-29", url: "https://ubuntu.com/security/notices/USN-5541-1", }, { category: "external", summary: "Ubuntu Security Notice USN-5539-1 vom 2022-07-29", url: "https://ubuntu.com/security/notices/USN-5539-1", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2615-1 vom 2022-08-01", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011728.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5650-1 vom 2022-10-01", url: "https://ubuntu.com/security/notices/USN-5650-1", }, ], source_lang: "en-US", title: "Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service", tracking: { current_release_date: "2022-12-28T23:00:00.000+00:00", generator: { date: "2024-08-15T17:26:59.426+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-0161", initial_release_date: "2022-03-31T22:00:00.000+00:00", revision_history: [ { date: "2022-03-31T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-04-12T22:00:00.000+00:00", number: "2", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-04-13T22:00:00.000+00:00", number: "3", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-04-26T22:00:00.000+00:00", number: "4", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-05-02T22:00:00.000+00:00", number: "5", summary: "Neue Updates von Debian aufgenommen", }, { date: "2022-06-07T22:00:00.000+00:00", number: "6", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-07-03T22:00:00.000+00:00", number: "7", summary: "Neue Updates von Debian aufgenommen", }, { date: "2022-07-13T22:00:00.000+00:00", number: "8", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-07-21T22:00:00.000+00:00", number: "9", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-07-28T22:00:00.000+00:00", number: "10", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-08-01T22:00:00.000+00:00", number: "11", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-10-03T22:00:00.000+00:00", number: "12", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-12-28T23:00:00.000+00:00", number: "13", summary: "Neue Updates von NetApp aufgenommen", }, ], status: "final", version: "13", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "NetApp ActiveIQ Unified Manager for VMware vSphere", product: { name: "NetApp ActiveIQ Unified Manager for VMware vSphere", product_id: "T025152", product_identification_helper: { cpe: "cpe:/a:netapp:active_iq_unified_manager:for_vmware_vsphere", }, }, }, ], category: "vendor", name: "NetApp", }, { branches: [ { category: "product_name", name: "Open Source Linux Kernel", product: { name: "Open Source Linux Kernel", product_id: "6368", product_identification_helper: { cpe: "cpe:/o:linux:linux_kernel:-", }, }, }, ], category: "vendor", name: "Open Source", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, ], }, vulnerabilities: [ { cve: "CVE-2022-1198", notes: [ { category: "description", text: "Es existiert eine Schwachstelle im Linux Kernel. In drivers/net/hamradio/6pack.c gibt es mehrere Use-after-free Probleme. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.", }, ], product_status: { known_affected: [ "T025152", "2951", "T002207", "6368", "T000126", ], }, release_date: "2022-03-31T22:00:00.000+00:00", title: "CVE-2022-1198", }, { cve: "CVE-2022-1199", notes: [ { category: "description", text: "Es existiert eine Schwachstelle im Linux Kernel. In ax25_release() bestehen use-after-free und null-pointer-dereference Probleme. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service zu verursachen.", }, ], product_status: { known_affected: [ "T025152", "2951", "T002207", "6368", "T000126", ], }, release_date: "2022-03-31T22:00:00.000+00:00", title: "CVE-2022-1199", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.