CVE-2017-8890

Upstream information

CVE-2017-8890 at MITRE

Description

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

---

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

CVSS v2 Scores

	National Vulnerability Database	SUSE
Base Score	7.2	6.9
Vector	AV:L/AC:L/Au:N/C:C/I:C/A:C	AV:L/AC:M/Au:N/C:C/I:C/A:C
Access Vector	Local	Local
Access Complexity	Low	Medium
Authentication	None	None
Confidentiality Impact	Complete	Complete
Integrity Impact	Complete	Complete
Availability Impact	Complete	Complete

CVSS v3 Scores

	National Vulnerability Database	SUSE
Base Score	7.8	7.8
Vector	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Access Vector	Local	Local
Access Complexity	Low	Low
Privileges Required	Low	Low
User Interaction	None	None
Scope	Unchanged	Unchanged
Confidentiality Impact	High	High
Integrity Impact	High	High
Availability Impact	High	High
CVSSv3 Version	3	3

SUSE Bugzilla entries: 1038544 [RESOLVED / FIXED], 1038564 [RESOLVED / FIXED], 1039883 [RESOLVED / FIXED], 1039885 [RESOLVED / FIXED], 1040069 [RESOLVED / FIXED], 1042364 [RESOLVED / FIXED], 1051906 [RESOLVED / WONTFIX]

SUSE Security Advisories:

• SUSE-SU-2017:1853-1, published Thu, 13 Jul 2017 15:09:41 +0200 (CEST)
• SUSE-SU-2017:1990-1, published Fri, 28 Jul 2017 15:10:24 +0200 (CEST)
• SUSE-SU-2017:2043-1, published Fri, 4 Aug 2017 21:06:55 +0200 (CEST)
• SUSE-SU-2017:2046-1, published Fri, 4 Aug 2017 21:09:28 +0200 (CEST)
• SUSE-SU-2017:2049-1, published Sat, 5 Aug 2017 03:07:04 +0200 (CEST)
• SUSE-SU-2017:2060-1, published Mon, 7 Aug 2017 15:09:29 +0200 (CEST)
• SUSE-SU-2017:2061-1, published Mon Aug 7 07:10:24 MDT 2017
• SUSE-SU-2017:2062-1, published Mon, 7 Aug 2017 15:11:15 +0200 (CEST)
• SUSE-SU-2017:2063-1, published Mon Aug 7 07:12:26 MDT 2017
• SUSE-SU-2017:2064-1, published Mon, 7 Aug 2017 15:13:41 +0200 (CEST)
• SUSE-SU-2017:2065-1, published Mon, 7 Aug 2017 15:15:00 +0200 (CEST)
• SUSE-SU-2017:2066-1, published Mon, 7 Aug 2017 15:16:21 +0200 (CEST)
• SUSE-SU-2017:2067-1, published Mon, 7 Aug 2017 15:17:40 +0200 (CEST)
• SUSE-SU-2017:2068-1, published Mon Aug 7 07:18:56 MDT 2017
• SUSE-SU-2017:2070-1, published Mon, 7 Aug 2017 15:20:40 +0200 (CEST)
• SUSE-SU-2017:2072-1, published Mon, 7 Aug 2017 18:08:57 +0200 (CEST)
• SUSE-SU-2017:2073-1, published Mon Aug 7 10:09:55 MDT 2017
• SUSE-SU-2017:2088-1, published Tue, 8 Aug 2017 15:07:56 +0200 (CEST)
• SUSE-SU-2017:2089-1, published Tue, 8 Aug 2017 15:09:00 +0200 (CEST)
• SUSE-SU-2017:2090-1, published Tue, 8 Aug 2017 15:09:41 +0200 (CEST)
• SUSE-SU-2017:2091-1, published Tue, 8 Aug 2017 15:10:24 +0200 (CEST)
• SUSE-SU-2017:2092-1, published Tue, 8 Aug 2017 15:11:16 +0200 (CEST)
• SUSE-SU-2017:2094-1, published Tue, 8 Aug 2017 15:13:09 +0200 (CEST)
• SUSE-SU-2017:2342-1, published Mon, 4 Sep 2017 21:11:06 +0200 (CEST)
• SUSE-SU-2017:2389-1, published Fri, 8 Sep 2017 18:09:08 +0200 (CEST)
• SUSE-SU-2017:2446-1, published Wed Sep 13 09:25:21 MDT 2017
• SUSE-SU-2017:2447-1, published Wed, 13 Sep 2017 17:26:23 +0200 (CEST)
• SUSE-SU-2017:2448-1, published Wed, 13 Sep 2017 17:27:22 +0200 (CEST)
• SUSE-SU-2017:2525-1, published Tue, 19 Sep 2017 15:07:27 +0200 (CEST)
• SUSE-SU-2017:2791-1, published Fri, 20 Oct 2017 03:07:40 +0200 (CEST)
• SUSE-SU-2017:2908-1, published Mon, 30 Oct 2017 19:23:22 +0100 (CET)
• SUSE-SU-2017:2920-1, published Thu, 2 Nov 2017 18:12:40 +0100 (CET)
• openSUSE-SU-2017:1513-1, published Thu, 8 Jun 2017 18:13:15 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
Openstack Cloud Magnum Orchestration 7	kernel-default >= 4.4.74-92.29.1	Patchnames: SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1146
SUSE Linux Enterprise Build System Kit 12 SP2	kernel-zfcpdump >= 4.4.74-92.29.1	Patchnames: SUSE-SLE-BSK-12-SP2-2017-1146
SUSE Linux Enterprise Desktop 12 SP2	kernel-default >= 4.4.74-92.29.1 kernel-default-devel >= 4.4.74-92.29.1 kernel-default-extra >= 4.4.74-92.29.1 kernel-devel >= 4.4.74-92.29.1 kernel-macros >= 4.4.74-92.29.1 kernel-source >= 4.4.74-92.29.1 kernel-syms >= 4.4.74-92.29.1	Patchnames: SUSE-SLE-DESKTOP-12-SP2-2017-1146
SUSE Linux Enterprise Desktop 12 SP3	kernel-default >= 4.4.73-5.1 kernel-default-devel >= 4.4.73-5.1 kernel-default-extra >= 4.4.73-5.1 kernel-devel >= 4.4.73-5.1 kernel-macros >= 4.4.73-5.1 kernel-source >= 4.4.73-5.1 kernel-syms >= 4.4.73-5.1
SUSE Linux Enterprise Desktop 12 SP4	kernel-default >= 4.12.14-94.41.1 kernel-default-devel >= 4.12.14-94.41.1 kernel-default-extra >= 4.12.14-94.41.1 kernel-devel >= 4.12.14-94.41.1 kernel-macros >= 4.12.14-94.41.1 kernel-source >= 4.12.14-94.41.1 kernel-syms >= 4.12.14-94.41.1
SUSE Linux Enterprise High Availability 12 SP2	cluster-md-kmp-default >= 4.4.74-92.29.1 cluster-network-kmp-default >= 4.4.74-92.29.1 dlm-kmp-default >= 4.4.74-92.29.1 gfs2-kmp-default >= 4.4.74-92.29.1 kernel-default >= 4.4.74-92.29.1 ocfs2-kmp-default >= 4.4.74-92.29.1	Patchnames: SUSE-SLE-HA-12-SP2-2017-1146
SUSE Linux Enterprise High Availability 12 SP3	cluster-md-kmp-default >= 4.4.73-5.1 dlm-kmp-default >= 4.4.73-5.1 gfs2-kmp-default >= 4.4.73-5.1 ocfs2-kmp-default >= 4.4.73-5.1
SUSE Linux Enterprise High Availability 12 SP4	cluster-md-kmp-default >= 4.12.14-94.41.1 dlm-kmp-default >= 4.12.14-94.41.1 gfs2-kmp-default >= 4.12.14-94.41.1 ocfs2-kmp-default >= 4.12.14-94.41.1
SUSE Linux Enterprise High Availability 15	cluster-md-kmp-default >= 4.12.14-23.1 dlm-kmp-default >= 4.12.14-23.1 gfs2-kmp-default >= 4.12.14-23.1 ocfs2-kmp-default >= 4.12.14-23.1
SUSE Linux Enterprise High Availability Extension 11 SP4	cluster-network >= 1.4-2.32.2.14 cluster-network-kmp-bigmem >= 1.4_3.0.101_108.7-2.32.2.14 cluster-network-kmp-default >= 1.4_3.0.101_108.7-2.32.2.14 cluster-network-kmp-pae >= 1.4_3.0.101_108.7-2.32.2.14 cluster-network-kmp-ppc64 >= 1.4_3.0.101_108.7-2.32.2.14 cluster-network-kmp-trace >= 1.4_3.0.101_108.7-2.32.2.14 cluster-network-kmp-xen >= 1.4_3.0.101_108.7-2.32.2.14 drbd >= 8.4.4-0.27.2.1 drbd-bash-completion >= 8.4.4-0.27.2.1 drbd-heartbeat >= 8.4.4-0.27.2.1 drbd-kmp >= 8.4.4-0.27.2.13 drbd-kmp-bigmem >= 8.4.4_3.0.101_108.7-0.27.2.13 drbd-kmp-default >= 8.4.4_3.0.101_108.7-0.27.2.13 drbd-kmp-pae >= 8.4.4_3.0.101_108.7-0.27.2.13 drbd-kmp-ppc64 >= 8.4.4_3.0.101_108.7-0.27.2.13 drbd-kmp-trace >= 8.4.4_3.0.101_108.7-0.27.2.13 drbd-kmp-xen >= 8.4.4_3.0.101_108.7-0.27.2.13 drbd-pacemaker >= 8.4.4-0.27.2.1 drbd-udev >= 8.4.4-0.27.2.1 drbd-utils >= 8.4.4-0.27.2.1 drbd-xen >= 8.4.4-0.27.2.1 gfs2 >= 2-0.24.2.14 gfs2-kmp-bigmem >= 2_3.0.101_108.7-0.24.2.14 gfs2-kmp-default >= 2_3.0.101_108.7-0.24.2.14 gfs2-kmp-pae >= 2_3.0.101_108.7-0.24.2.14 gfs2-kmp-ppc64 >= 2_3.0.101_108.7-0.24.2.14 gfs2-kmp-trace >= 2_3.0.101_108.7-0.24.2.14 gfs2-kmp-xen >= 2_3.0.101_108.7-0.24.2.14 ocfs2 >= 1.6-0.28.3.4 ocfs2-kmp-bigmem >= 1.6_3.0.101_108.7-0.28.3.4 ocfs2-kmp-default >= 1.6_3.0.101_108.7-0.28.3.4 ocfs2-kmp-pae >= 1.6_3.0.101_108.7-0.28.3.4 ocfs2-kmp-ppc64 >= 1.6_3.0.101_108.7-0.28.3.4 ocfs2-kmp-trace >= 1.6_3.0.101_108.7-0.28.3.4 ocfs2-kmp-xen >= 1.6_3.0.101_108.7-0.28.3.4	Patchnames: slehasp4-kernel-13274
SUSE Linux Enterprise Live Patching 12	kgraft-patch-4_4_21-69-default >= 8-18.7.1 kgraft-patch-4_4_21-81-default >= 8-2.1 kgraft-patch-4_4_21-84-default >= 7-2.1 kgraft-patch-4_4_21-90-default >= 7-2.1 kgraft-patch-4_4_38-93-default >= 7-2.1 kgraft-patch-4_4_49-92_11-default >= 5-2.1 kgraft-patch-4_4_49-92_14-default >= 4-2.1 kgraft-patch-4_4_59-92_17-default >= 3-2.1 kgraft-patch-4_4_59-92_20-default >= 3-2.1 kgraft-patch-4_4_59-92_24-default >= 2-2.1 kgraft-patch-4_4_74-92_29-default >= 1-4.1 kgraft-patch-SLE12-SP2_Update_0 >= 8-18.7.1 kgraft-patch-SLE12-SP2_Update_1 >= 8-2.1 kgraft-patch-SLE12-SP2_Update_10 >= 1-4.1 kgraft-patch-SLE12-SP2_Update_2 >= 7-2.1 kgraft-patch-SLE12-SP2_Update_3 >= 7-2.1 kgraft-patch-SLE12-SP2_Update_4 >= 7-2.1 kgraft-patch-SLE12-SP2_Update_5 >= 5-2.1 kgraft-patch-SLE12-SP2_Update_6 >= 4-2.1 kgraft-patch-SLE12-SP2_Update_7 >= 3-2.1 kgraft-patch-SLE12-SP2_Update_8 >= 3-2.1 kgraft-patch-SLE12-SP2_Update_9 >= 2-2.1	Patchnames: SUSE-SLE-Live-Patching-12-2017-1146 SUSE-SLE-Live-Patching-12-2017-1257 SUSE-SLE-Live-Patching-12-2017-1258 SUSE-SLE-Live-Patching-12-2017-1263 SUSE-SLE-Live-Patching-12-2017-1264 SUSE-SLE-Live-Patching-12-2017-1265 SUSE-SLE-Live-Patching-12-2017-1266 SUSE-SLE-Live-Patching-12-2017-1267 SUSE-SLE-Live-Patching-12-2017-1269 SUSE-SLE-Live-Patching-12-2017-1270 SUSE-SLE-Live-Patching-12-2017-1271
SUSE Linux Enterprise Module for Basesystem 15	kernel-default >= 4.12.14-23.1 kernel-default-devel >= 4.12.14-23.1 kernel-devel >= 4.12.14-23.1 kernel-macros >= 4.12.14-23.1
SUSE Linux Enterprise Module for Development Tools 15	kernel-docs >= 4.12.14-23.1 kernel-obs-build >= 4.12.14-23.1 kernel-source >= 4.12.14-23.1 kernel-syms >= 4.12.14-23.1 kernel-vanilla-base >= 4.12.14-23.1
SUSE Linux Enterprise Module for Legacy Software 15	reiserfs-kmp-default >= 4.12.14-23.1
SUSE Linux Enterprise Module for Live Patching 15	kernel-default-livepatch >= 4.12.14-23.1
SUSE Linux Enterprise Module for Public Cloud 12	kernel-ec2 >= 3.12.74-60.64.63.1 kernel-ec2-devel >= 3.12.74-60.64.63.1 kernel-ec2-extra >= 3.12.74-60.64.63.1	Patchnames: SUSE-SLE-Module-Public-Cloud-12-2017-1799 SUSE-SLE-Module-Public-Cloud-12-2017-1808
SUSE Linux Enterprise Point of Sale 11 SP3	kernel-default >= 3.0.101-0.47.106.5.1 kernel-default-base >= 3.0.101-0.47.106.5.1 kernel-default-devel >= 3.0.101-0.47.106.5.1 kernel-ec2 >= 3.0.101-0.47.106.5.1 kernel-ec2-base >= 3.0.101-0.47.106.5.1 kernel-ec2-devel >= 3.0.101-0.47.106.5.1 kernel-pae >= 3.0.101-0.47.106.5.1 kernel-pae-base >= 3.0.101-0.47.106.5.1 kernel-pae-devel >= 3.0.101-0.47.106.5.1 kernel-source >= 3.0.101-0.47.106.5.1 kernel-syms >= 3.0.101-0.47.106.5.1 kernel-trace >= 3.0.101-0.47.106.5.1 kernel-trace-base >= 3.0.101-0.47.106.5.1 kernel-trace-devel >= 3.0.101-0.47.106.5.1 kernel-xen >= 3.0.101-0.47.106.5.1 kernel-xen-base >= 3.0.101-0.47.106.5.1 kernel-xen-devel >= 3.0.101-0.47.106.5.1	Patchnames: sleposp3-kernel-source-13284
SUSE Linux Enterprise Real Time Extension 11 SP4	cluster-network >= 1.4-2.32.2.14 cluster-network-kmp-rt >= 1.4_3.0.101_rt130_68-2.32.2.14 cluster-network-kmp-rt_trace >= 1.4_3.0.101_rt130_68-2.32.2.14 drbd-kmp >= 8.4.4-0.27.2.13 drbd-kmp-rt >= 8.4.4_3.0.101_rt130_68-0.27.2.13 drbd-kmp-rt_trace >= 8.4.4_3.0.101_rt130_68-0.27.2.13 gfs2 >= 2-0.24.2.14 gfs2-kmp-rt >= 2_3.0.101_rt130_68-0.24.2.14 gfs2-kmp-rt_trace >= 2_3.0.101_rt130_68-0.24.2.14 kernel-rt >= 3.0.101.rt130-69.5.1 kernel-rt-base >= 3.0.101.rt130-69.5.1 kernel-rt-devel >= 3.0.101.rt130-69.5.1 kernel-rt_trace >= 3.0.101.rt130-69.5.1 kernel-rt_trace-base >= 3.0.101.rt130-69.5.1 kernel-rt_trace-devel >= 3.0.101.rt130-69.5.1 kernel-source-rt >= 3.0.101.rt130-69.5.1 kernel-syms-rt >= 3.0.101.rt130-69.5.1 ocfs2 >= 1.6-0.28.3.4 ocfs2-kmp-rt >= 1.6_3.0.101_rt130_68-0.28.3.4 ocfs2-kmp-rt_trace >= 1.6_3.0.101_rt130_68-0.28.3.4	Patchnames: slertesp4-kernel-13274 slertesp4-kernel-rt-13262
SUSE Linux Enterprise Real Time Extension 12 SP2	cluster-md-kmp-rt >= 4.4.74-7.10.1 cluster-network-kmp-rt >= 4.4.74-7.10.1 dlm-kmp-rt >= 4.4.74-7.10.1 gfs2-kmp-rt >= 4.4.74-7.10.1 kernel-devel-rt >= 4.4.74-7.10.1 kernel-rt >= 4.4.74-7.10.1 kernel-rt-base >= 4.4.74-7.10.1 kernel-rt-devel >= 4.4.74-7.10.1 kernel-rt_debug >= 4.4.74-7.10.1 kernel-rt_debug-devel >= 4.4.74-7.10.1 kernel-source-rt >= 4.4.74-7.10.1 kernel-syms-rt >= 4.4.74-7.10.1 ocfs2-kmp-rt >= 4.4.74-7.10.1	Patchnames: SUSE-SLE-RT-12-SP2-2017-1231
SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS	kernel-bigsmp >= 3.0.101-0.47.106.5.1 kernel-bigsmp-base >= 3.0.101-0.47.106.5.1 kernel-bigsmp-devel >= 3.0.101-0.47.106.5.1 kernel-default >= 3.0.101-0.47.106.5.1 kernel-default-base >= 3.0.101-0.47.106.5.1 kernel-default-devel >= 3.0.101-0.47.106.5.1 kernel-default-man >= 3.0.101-0.47.106.5.1 kernel-ec2 >= 3.0.101-0.47.106.5.1 kernel-ec2-base >= 3.0.101-0.47.106.5.1 kernel-ec2-devel >= 3.0.101-0.47.106.5.1 kernel-pae >= 3.0.101-0.47.106.5.1 kernel-pae-base >= 3.0.101-0.47.106.5.1 kernel-pae-devel >= 3.0.101-0.47.106.5.1 kernel-source >= 3.0.101-0.47.106.5.1 kernel-syms >= 3.0.101-0.47.106.5.1 kernel-trace >= 3.0.101-0.47.106.5.1 kernel-trace-base >= 3.0.101-0.47.106.5.1 kernel-trace-devel >= 3.0.101-0.47.106.5.1 kernel-xen >= 3.0.101-0.47.106.5.1 kernel-xen-base >= 3.0.101-0.47.106.5.1 kernel-xen-devel >= 3.0.101-0.47.106.5.1	Patchnames: slessp3-kernel-source-13284
SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4	kernel-bigmem >= 3.0.101-108.7.1 kernel-bigmem-base >= 3.0.101-108.7.1 kernel-bigmem-devel >= 3.0.101-108.7.1 kernel-default >= 3.0.101-108.7.1 kernel-default-base >= 3.0.101-108.7.1 kernel-default-devel >= 3.0.101-108.7.1 kernel-default-man >= 3.0.101-108.7.1 kernel-ec2 >= 3.0.101-108.7.1 kernel-ec2-base >= 3.0.101-108.7.1 kernel-ec2-devel >= 3.0.101-108.7.1 kernel-pae >= 3.0.101-108.7.1 kernel-pae-base >= 3.0.101-108.7.1 kernel-pae-devel >= 3.0.101-108.7.1 kernel-ppc64 >= 3.0.101-108.7.1 kernel-ppc64-base >= 3.0.101-108.7.1 kernel-ppc64-devel >= 3.0.101-108.7.1 kernel-source >= 3.0.101-108.7.1 kernel-syms >= 3.0.101-108.7.1 kernel-trace >= 3.0.101-108.7.1 kernel-trace-base >= 3.0.101-108.7.1 kernel-trace-devel >= 3.0.101-108.7.1 kernel-xen >= 3.0.101-108.7.1 kernel-xen-base >= 3.0.101-108.7.1 kernel-xen-devel >= 3.0.101-108.7.1	Patchnames: slessp4-kernel-13274
SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS	kernel-default >= 3.12.74-60.64.63.1 kernel-default-base >= 3.12.74-60.64.63.1 kernel-default-devel >= 3.12.74-60.64.63.1 kernel-default-man >= 3.12.74-60.64.63.1 kernel-devel >= 3.12.74-60.64.63.1 kernel-macros >= 3.12.74-60.64.63.1 kernel-source >= 3.12.74-60.64.63.1 kernel-syms >= 3.12.74-60.64.63.1 kernel-xen >= 3.12.74-60.64.63.1 kernel-xen-base >= 3.12.74-60.64.63.1 kernel-xen-devel >= 3.12.74-60.64.63.1 kgraft-patch-3_12_62-60_62-default >= 10-2.1 kgraft-patch-3_12_62-60_62-xen >= 10-2.1 kgraft-patch-3_12_62-60_64_8-default >= 10-2.1 kgraft-patch-3_12_62-60_64_8-xen >= 10-2.1 kgraft-patch-3_12_67-60_64_18-default >= 9-2.1 kgraft-patch-3_12_67-60_64_18-xen >= 9-2.1 kgraft-patch-3_12_67-60_64_21-default >= 8-2.1 kgraft-patch-3_12_67-60_64_21-xen >= 8-2.1 kgraft-patch-3_12_67-60_64_24-default >= 7-2.1 kgraft-patch-3_12_67-60_64_24-xen >= 7-2.1 kgraft-patch-3_12_69-60_64_29-default >= 6-2.1 kgraft-patch-3_12_69-60_64_29-xen >= 6-2.1 kgraft-patch-3_12_69-60_64_32-default >= 5-2.1 kgraft-patch-3_12_69-60_64_32-xen >= 5-2.1 kgraft-patch-3_12_69-60_64_35-default >= 4-2.1 kgraft-patch-3_12_69-60_64_35-xen >= 4-2.1 kgraft-patch-3_12_74-60_64_40-default >= 3-2.1 kgraft-patch-3_12_74-60_64_40-xen >= 3-2.1 kgraft-patch-3_12_74-60_64_45-default >= 3-2.1 kgraft-patch-3_12_74-60_64_45-xen >= 3-2.1 kgraft-patch-3_12_74-60_64_48-default >= 2-2.1 kgraft-patch-3_12_74-60_64_48-xen >= 2-2.1 kgraft-patch-3_12_74-60_64_51-default >= 2-2.1 kgraft-patch-3_12_74-60_64_51-xen >= 2-2.1 kgraft-patch-3_12_74-60_64_54-default >= 2-2.1 kgraft-patch-3_12_74-60_64_54-xen >= 2-2.1 kgraft-patch-3_12_74-60_64_57-default >= 2-2.1 kgraft-patch-3_12_74-60_64_57-xen >= 2-2.1 kgraft-patch-3_12_74-60_64_60-default >= 2-4.1 kgraft-patch-3_12_74-60_64_60-xen >= 2-4.1 kgraft-patch-3_12_74-60_64_63-default >= 1-2.1 kgraft-patch-3_12_74-60_64_63-xen >= 1-2.1 kgraft-patch-SLE12-SP1_Update_10 >= 8-2.1 kgraft-patch-SLE12-SP1_Update_11 >= 7-2.1 kgraft-patch-SLE12-SP1_Update_12 >= 6-2.1 kgraft-patch-SLE12-SP1_Update_13 >= 5-2.1 kgraft-patch-SLE12-SP1_Update_14 >= 4-2.1 kgraft-patch-SLE12-SP1_Update_15 >= 3-2.1 kgraft-patch-SLE12-SP1_Update_16 >= 3-2.1 kgraft-patch-SLE12-SP1_Update_17 >= 2-2.1 kgraft-patch-SLE12-SP1_Update_18 >= 2-2.1 kgraft-patch-SLE12-SP1_Update_19 >= 2-2.1 kgraft-patch-SLE12-SP1_Update_20 >= 2-2.1 kgraft-patch-SLE12-SP1_Update_21 >= 2-4.1 kgraft-patch-SLE12-SP1_Update_22 >= 1-2.1 kgraft-patch-SLE12-SP1_Update_7 >= 10-2.1 kgraft-patch-SLE12-SP1_Update_8 >= 10-2.1 kgraft-patch-SLE12-SP1_Update_9 >= 9-2.1	Patchnames: SUSE-SLE-SERVER-12-SP1-2017-1261 SUSE-SLE-SERVER-12-SP1-2017-1273 SUSE-SLE-SERVER-12-SP1-2017-1274 SUSE-SLE-SERVER-12-SP1-2017-1275 SUSE-SLE-SERVER-12-SP1-2017-1276 SUSE-SLE-SERVER-12-SP1-2017-1290 SUSE-SLE-SERVER-12-SP1-2017-1291 SUSE-SLE-SERVER-12-SP1-2017-1292 SUSE-SLE-SERVER-12-SP1-2017-1293 SUSE-SLE-SERVER-12-SP1-2017-1294 SUSE-SLE-SERVER-12-SP1-2017-1295 SUSE-SLE-SERVER-12-SP1-2017-1513 SUSE-SLE-SERVER-12-SP1-2017-1514 SUSE-SLE-SERVER-12-SP1-2017-1515 SUSE-SLE-SERVER-12-SP1-2017-1732 SUSE-SLE-SERVER-12-SP1-2017-1799
SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2	kernel-default >= 4.4.74-92.29.1 kernel-default-base >= 4.4.74-92.29.1 kernel-default-devel >= 4.4.74-92.29.1 kernel-default-man >= 4.4.74-92.29.1 kernel-devel >= 4.4.74-92.29.1 kernel-macros >= 4.4.74-92.29.1 kernel-source >= 4.4.74-92.29.1 kernel-syms >= 4.4.74-92.29.1	Patchnames: SUSE-SLE-SERVER-12-SP2-2017-1146
SUSE Linux Enterprise Server 12 SP3	kernel-default >= 4.4.73-5.1 kernel-default-base >= 4.4.73-5.1 kernel-default-devel >= 4.4.73-5.1 kernel-default-man >= 4.4.73-5.1 kernel-devel >= 4.4.73-5.1 kernel-macros >= 4.4.73-5.1 kernel-source >= 4.4.73-5.1 kernel-syms >= 4.4.73-5.1
SUSE Linux Enterprise Server 12 SP4	kernel-default >= 4.12.14-94.41.1 kernel-default-base >= 4.12.14-94.41.1 kernel-default-devel >= 4.12.14-94.41.1 kernel-default-man >= 4.12.14-94.41.1 kernel-devel >= 4.12.14-94.41.1 kernel-macros >= 4.12.14-94.41.1 kernel-source >= 4.12.14-94.41.1 kernel-syms >= 4.12.14-94.41.1
SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for SAP Applications 12-LTSS	kernel-default >= 3.12.61-52.101.1 kernel-default-base >= 3.12.61-52.101.1 kernel-default-devel >= 3.12.61-52.101.1 kernel-default-man >= 3.12.61-52.101.1 kernel-devel >= 3.12.61-52.101.1 kernel-macros >= 3.12.61-52.101.1 kernel-source >= 3.12.61-52.101.1 kernel-syms >= 3.12.61-52.101.1 kernel-xen >= 3.12.61-52.101.1 kernel-xen-base >= 3.12.61-52.101.1 kernel-xen-devel >= 3.12.61-52.101.1 kgraft-patch-3_12_61-52_101-default >= 1-8.1 kgraft-patch-3_12_61-52_101-xen >= 1-8.1 kgraft-patch-SLE12_Update_28 >= 1-8.1	Patchnames: SUSE-SLE-SERVER-12-2017-1808
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	kernel-default >= 4.4.74-92.29.1 kernel-default-base >= 4.4.74-92.29.1 kernel-default-devel >= 4.4.74-92.29.1 kernel-devel >= 4.4.74-92.29.1 kernel-macros >= 4.4.74-92.29.1 kernel-source >= 4.4.74-92.29.1 kernel-syms >= 4.4.74-92.29.1	Patchnames: SUSE-SLE-RPI-12-SP2-2017-1146
SUSE Linux Enterprise Server for SAP Applications 12 SP1	kernel-default >= 3.12.74-60.64.63.1 kernel-default-base >= 3.12.74-60.64.63.1 kernel-default-devel >= 3.12.74-60.64.63.1 kernel-devel >= 3.12.74-60.64.63.1 kernel-macros >= 3.12.74-60.64.63.1 kernel-source >= 3.12.74-60.64.63.1 kernel-syms >= 3.12.74-60.64.63.1 kernel-xen >= 3.12.74-60.64.63.1 kernel-xen-base >= 3.12.74-60.64.63.1 kernel-xen-devel >= 3.12.74-60.64.63.1 kgraft-patch-3_12_62-60_62-default >= 10-2.1 kgraft-patch-3_12_62-60_62-xen >= 10-2.1 kgraft-patch-3_12_62-60_64_8-default >= 10-2.1 kgraft-patch-3_12_62-60_64_8-xen >= 10-2.1 kgraft-patch-3_12_67-60_64_18-default >= 9-2.1 kgraft-patch-3_12_67-60_64_18-xen >= 9-2.1 kgraft-patch-3_12_67-60_64_21-default >= 8-2.1 kgraft-patch-3_12_67-60_64_21-xen >= 8-2.1 kgraft-patch-3_12_67-60_64_24-default >= 7-2.1 kgraft-patch-3_12_67-60_64_24-xen >= 7-2.1 kgraft-patch-3_12_69-60_64_29-default >= 6-2.1 kgraft-patch-3_12_69-60_64_29-xen >= 6-2.1 kgraft-patch-3_12_69-60_64_32-default >= 5-2.1 kgraft-patch-3_12_69-60_64_32-xen >= 5-2.1 kgraft-patch-3_12_69-60_64_35-default >= 4-2.1 kgraft-patch-3_12_69-60_64_35-xen >= 4-2.1 kgraft-patch-3_12_74-60_64_40-default >= 3-2.1 kgraft-patch-3_12_74-60_64_40-xen >= 3-2.1 kgraft-patch-3_12_74-60_64_45-default >= 3-2.1 kgraft-patch-3_12_74-60_64_45-xen >= 3-2.1 kgraft-patch-3_12_74-60_64_48-default >= 2-2.1 kgraft-patch-3_12_74-60_64_48-xen >= 2-2.1 kgraft-patch-3_12_74-60_64_51-default >= 2-2.1 kgraft-patch-3_12_74-60_64_51-xen >= 2-2.1 kgraft-patch-3_12_74-60_64_54-default >= 2-2.1 kgraft-patch-3_12_74-60_64_54-xen >= 2-2.1 kgraft-patch-3_12_74-60_64_57-default >= 2-2.1 kgraft-patch-3_12_74-60_64_57-xen >= 2-2.1 kgraft-patch-3_12_74-60_64_60-default >= 2-4.1 kgraft-patch-3_12_74-60_64_60-xen >= 2-4.1 kgraft-patch-3_12_74-60_64_63-default >= 1-2.1 kgraft-patch-3_12_74-60_64_63-xen >= 1-2.1 kgraft-patch-SLE12-SP1_Update_10 >= 8-2.1 kgraft-patch-SLE12-SP1_Update_11 >= 7-2.1 kgraft-patch-SLE12-SP1_Update_12 >= 6-2.1 kgraft-patch-SLE12-SP1_Update_13 >= 5-2.1 kgraft-patch-SLE12-SP1_Update_14 >= 4-2.1 kgraft-patch-SLE12-SP1_Update_15 >= 3-2.1 kgraft-patch-SLE12-SP1_Update_16 >= 3-2.1 kgraft-patch-SLE12-SP1_Update_17 >= 2-2.1 kgraft-patch-SLE12-SP1_Update_18 >= 2-2.1 kgraft-patch-SLE12-SP1_Update_19 >= 2-2.1 kgraft-patch-SLE12-SP1_Update_20 >= 2-2.1 kgraft-patch-SLE12-SP1_Update_21 >= 2-4.1 kgraft-patch-SLE12-SP1_Update_22 >= 1-2.1 kgraft-patch-SLE12-SP1_Update_7 >= 10-2.1 kgraft-patch-SLE12-SP1_Update_8 >= 10-2.1 kgraft-patch-SLE12-SP1_Update_9 >= 9-2.1	Patchnames: SUSE-SLE-SAP-12-SP1-2017-1261 SUSE-SLE-SAP-12-SP1-2017-1273 SUSE-SLE-SAP-12-SP1-2017-1274 SUSE-SLE-SAP-12-SP1-2017-1275 SUSE-SLE-SAP-12-SP1-2017-1276 SUSE-SLE-SAP-12-SP1-2017-1290 SUSE-SLE-SAP-12-SP1-2017-1291 SUSE-SLE-SAP-12-SP1-2017-1292 SUSE-SLE-SAP-12-SP1-2017-1293 SUSE-SLE-SAP-12-SP1-2017-1294 SUSE-SLE-SAP-12-SP1-2017-1295 SUSE-SLE-SAP-12-SP1-2017-1513 SUSE-SLE-SAP-12-SP1-2017-1514 SUSE-SLE-SAP-12-SP1-2017-1515 SUSE-SLE-SAP-12-SP1-2017-1732 SUSE-SLE-SAP-12-SP1-2017-1799
SUSE Linux Enterprise Software Development Kit 11 SP4	kernel-docs >= 3.0.101-108.7.2	Patchnames: sdksp4-kernel-13274
SUSE Linux Enterprise Software Development Kit 12 SP2	kernel-docs >= 4.4.74-92.29.3 kernel-obs-build >= 4.4.74-92.29.1	Patchnames: SUSE-SLE-SDK-12-SP2-2017-1146
SUSE Linux Enterprise Software Development Kit 12 SP3	kernel-docs >= 4.4.73-5.1 kernel-obs-build >= 4.4.73-5.1
SUSE Linux Enterprise Software Development Kit 12 SP4	kernel-docs >= 4.12.14-94.41.1 kernel-obs-build >= 4.12.14-94.41.1
SUSE Linux Enterprise Workstation Extension 12 SP2	kernel-default >= 4.4.74-92.29.1 kernel-default-extra >= 4.4.74-92.29.1	Patchnames: SUSE-SLE-WE-12-SP2-2017-1146
SUSE Linux Enterprise Workstation Extension 12 SP3	kernel-default-extra >= 4.4.73-5.1
SUSE Linux Enterprise Workstation Extension 12 SP4	kernel-default-extra >= 4.12.14-94.41.1
SUSE Linux Enterprise Workstation Extension 15	kernel-default-extra >= 4.12.14-23.1
SUSE OpenStack Cloud 6	kernel-default >= 3.12.74-60.64.63.1 kernel-default-base >= 3.12.74-60.64.63.1 kernel-default-devel >= 3.12.74-60.64.63.1 kernel-devel >= 3.12.74-60.64.63.1 kernel-macros >= 3.12.74-60.64.63.1 kernel-source >= 3.12.74-60.64.63.1 kernel-syms >= 3.12.74-60.64.63.1 kernel-xen >= 3.12.74-60.64.63.1 kernel-xen-base >= 3.12.74-60.64.63.1 kernel-xen-devel >= 3.12.74-60.64.63.1 kgraft-patch-3_12_74-60_64_63-default >= 1-2.1 kgraft-patch-3_12_74-60_64_63-xen >= 1-2.1 kgraft-patch-SLE12-SP1_Update_22 >= 1-2.1	Patchnames: SUSE-OpenStack-Cloud-6-2017-1799
openSUSE Leap 15.0	kernel-default >= 4.12.14-lp150.11.4 kernel-vanilla-base >= 4.12.14-lp150.11.4	Patchnames: openSUSE Leap 15.0 GA kernel-default
openSUSE Leap 42.2	kernel-debug >= 4.4.70-18.9.1 kernel-debug-base >= 4.4.70-18.9.1 kernel-debug-base-debuginfo >= 4.4.70-18.9.1 kernel-debug-debuginfo >= 4.4.70-18.9.1 kernel-debug-debugsource >= 4.4.70-18.9.1 kernel-debug-devel >= 4.4.70-18.9.1 kernel-debug-devel-debuginfo >= 4.4.70-18.9.1 kernel-default >= 4.4.70-18.9.1 kernel-default-base >= 4.4.70-18.9.1 kernel-default-base-debuginfo >= 4.4.70-18.9.1 kernel-default-debuginfo >= 4.4.70-18.9.1 kernel-default-debugsource >= 4.4.70-18.9.1 kernel-default-devel >= 4.4.70-18.9.1 kernel-devel >= 4.4.70-18.9.1 kernel-docs >= 4.4.70-18.9.2 kernel-docs-html >= 4.4.70-18.9.2 kernel-docs-pdf >= 4.4.70-18.9.2 kernel-macros >= 4.4.70-18.9.1 kernel-obs-build >= 4.4.70-18.9.1 kernel-obs-build-debugsource >= 4.4.70-18.9.1 kernel-obs-qa >= 4.4.70-18.9.1 kernel-source >= 4.4.70-18.9.1 kernel-source-vanilla >= 4.4.70-18.9.1 kernel-syms >= 4.4.70-18.9.1 kernel-vanilla >= 4.4.70-18.9.1 kernel-vanilla-base >= 4.4.70-18.9.1 kernel-vanilla-base-debuginfo >= 4.4.70-18.9.1 kernel-vanilla-debuginfo >= 4.4.70-18.9.1 kernel-vanilla-debugsource >= 4.4.70-18.9.1 kernel-vanilla-devel >= 4.4.70-18.9.1	Patchnames: openSUSE-2017-666
openSUSE Leap 42.3	kernel-default >= 4.4.76-1.1 kernel-default-devel >= 4.4.76-1.1 kernel-devel >= 4.4.76-1.1 kernel-docs >= 4.4.76-1.1 kernel-macros >= 4.4.76-1.1 kernel-source >= 4.4.76-1.1 kernel-syms >= 4.4.76-1.1	Patchnames: openSUSE Leap 42.3 GA kernel-default

---

Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.

Product(s)	Source package	State
SUSE Linux Enterprise Desktop 12 SP1	kernel-default	Affected
SUSE Linux Enterprise Desktop 12 SP1	kernel-source	Affected
SUSE Linux Enterprise Desktop 12 SP2	kernel-default	Released
SUSE Linux Enterprise Desktop 12 SP2	kernel-source	Released
SUSE Linux Enterprise Live Patching	kgraft-patch-SLE12-SP2_Update_0	Released
SUSE Linux Enterprise Point of Service 11 SP3	kernel-default	Released
SUSE Linux Enterprise Point of Service 11 SP3	kernel-source	Released
SUSE Linux Enterprise Point of Service Image Server 12	kgraft-patch-SLE12-SP2_Update_0	Released
SUSE Linux Enterprise Server 11 SP3 LTSS	kernel-default	Released
SUSE Linux Enterprise Server 11 SP3 LTSS	kernel-source	Released
SUSE Linux Enterprise Server 11 SP4	kernel-default	Released
SUSE Linux Enterprise Server 11 SP4	kernel-source	Released
SUSE Linux Enterprise Server 12 LTSS	kernel-default	Released
SUSE Linux Enterprise Server 12 LTSS	kernel-source	Released
SUSE Linux Enterprise Server 12 SP1	kernel-default	Affected
SUSE Linux Enterprise Server 12 SP1	kernel-source	Affected
SUSE Linux Enterprise Server 12 SP1 LTSS	kernel-default	Released
SUSE Linux Enterprise Server 12 SP1 LTSS	kernel-source	Released
SUSE Linux Enterprise Server 12 SP2	kernel-default	Released
SUSE Linux Enterprise Server 12 SP2	kernel-source	Released
SUSE Linux Enterprise Server 12 SP2 BCL	kgraft-patch-SLE12-SP2_Update_0	Released
SUSE Linux Enterprise Server 12 SP2 ESPOS	kgraft-patch-SLE12-SP2_Update_0	Released
SUSE Linux Enterprise Server 12 SP2 LTSS	kgraft-patch-SLE12-SP2_Update_0	Released
SUSE Linux Enterprise Server for SAP Applications 12 SP2	kgraft-patch-SLE12-SP2_Update_0	Released
SUSE Linux Enterprise Server for SAP Applications 12 SP3	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server for the Raspberry Pi	kernel-default	Released
SUSE Linux Enterprise Server for the Raspberry Pi	kernel-source	Released
SUSE OpenStack Cloud 7	kgraft-patch-SLE12-SP2_Update_0	Released