[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2016:3069-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":34,"duplicates":35,"related":36,"reserved_at":9,"published_at":47,"modified_at":48,"state":9,"summary":49,"references_raw":51,"kevs":340,"epss":9,"epss_history":341,"metrics":342,"affected":343},"SUSE-SU-2016:3069-1","Security update for the Linux Kernel\n\nThe SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.\n\nThis feature was added:\n\n- Support for the 2017 Intel Purley platform. \n\nThe following security bugs were fixed:\n\n- CVE-2016-5195: A local privilege escalation using MAP_PRIVATE was fixed, which is reportedly exploited in the wild (bsc#1004418).\n- CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759).\n- CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566).\n- CVE-2016-6828: Use after free in tcp_xmit_retransmit_queue or other tcp_ functions (bsc#994296)\n- CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly determine the rate of challenge ACK segments, which made it easier for man-in-the-middle attackers to hijack TCP sessions via a blind in-window attack (bnc#989152)\n- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608)\n- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).\n- CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689).\n- CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104).\n- CVE-2016-7425: A buffer overflow in the Linux Kernel in arcmsr_iop_message_xfer() could have caused kernel heap corruption and arbitraty kernel code execution (bsc#999932)\n\nThe following non-security bugs were fixed:\n\n- ahci: Order SATA device IDs for codename Lewisburg.\n- AHCI: Remove obsolete Intel Lewisburg SATA RAID device IDs.\n- ALSA: hda - Add Intel Lewisburg device IDs Audio.\n- avoid dentry crash triggered by NFS (bsc#984194).\n- blktap2: eliminate deadlock potential from shutdown path (bsc#909994).\n- blktap2: eliminate race from deferred work queue handling (bsc#911687).\n- bonding: always set recv_probe to bond_arp_rcv in arp monitor (bsc#977687).\n- bonding: fix bond_arp_rcv setting and arp validate desync state (bsc#977687).\n- btrfs: account for non-CoW'd blocks in btrfs_abort_transaction (bsc#983619).\n- btrfs: ensure that file descriptor used with subvol ioctls is a dir (bsc#999600).\n- cdc-acm: added sanity checking for probe() (bsc#993891).\n- cxgb4: Set VPD size so we can read both VPD structures (bsc#976867).\n- Delete patches.fixes/net-fix-crash-due-to-wrong-dev-in-calling.patch. (bsc#979514)\n- fs/cifs: fix wrongly prefixed path to root (bsc#963655, bsc#979681)\n- fs/select: add vmalloc fallback for select(2) (bsc#1000189).\n- fs/select: introduce SIZE_MAX (bsc#1000189).\n- i2c: i801: add Intel Lewisburg device IDs.\n- include/linux/mmdebug.h: should include linux/bug.h (bnc#971975 VM performance -- git fixes).\n- increase CONFIG_NR_IRQS 512 -> 2048 reportedly irq error with multiple nvme and tg3 in the same machine is resolved by increasing CONFIG_NR_IRQS (bsc#998399)\n- kabi, unix: properly account for FDs passed over unix sockets (bnc#839104).\n- kaweth: fix firmware download (bsc#993890).\n- kaweth: fix oops upon failed memory allocation (bsc#993890).\n- KVM: x86: SYSENTER emulation is broken (bsc#994618).\n- libfc: sanity check cpu number extracted from xid (bsc#988440).\n- lpfc: call lpfc_sli_validate_fcp_iocb() with the hbalock held (bsc#951392).\n- md: lockless I/O submission for RAID1 (bsc#982783).\n- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).\n- mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).\n- net: add pfmemalloc check in sk_add_backlog() (bnc#920016).\n- netback: fix flipping mode (bsc#996664).\n- nfs: Do not drop directory dentry which is in use (bsc#993127).\n- nfs: Don't disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261).\n- nfs: Don't write enable new pages while an invalidation is proceeding (bsc#999584).\n- nfs: Fix a regression in the read() syscall (bsc#999584).\n- nfs: Fix races in nfs_revalidate_mapping (bsc#999584).\n- nfs: fix the handling of NFS_INO_INVALID_DATA flag in nfs_revalidate_mapping (bsc#999584).\n- nfs: Fix writeback performance issue on cache invalidation (bsc#999584).\n- nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).\n- nfsv4: do not check MAY_WRITE access bit in OPEN (bsc#985206).\n- nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595).\n- nfsv4: Fix range checking in __nfs4_get_acl_uncached and __nfs4_proc_set_acl (bsc#982218).\n- pci: Add pci_set_vpd_size() to set VPD size (bsc#976867).\n- pciback: fix conf_space read/write overlap check.\n- powerpc: add kernel parameter iommu_alloc_quiet (bsc#994926).\n- ppp: defer netns reference release for ppp channel (bsc#980371).\n- random32: add prandom_u32_max (bsc#989152).\n- rpm/constraints.in: Bump x86 disk space requirement to 20GB Clamav tends to run out of space nowadays.\n- s390/dasd: fix hanging device after clear subchannel (bnc#994436).\n- sata: Adding Intel Lewisburg device IDs for SATA.\n- sched/core: Fix an SMP ordering race in try_to_wake_up() vs.  schedule() (bnc#1001419).\n- sched/core: Fix a race between try_to_wake_up() and a woken up task (bnc#1002165).\n- sched: Fix possible divide by zero in avg_atom() calculation (bsc#996329).\n- scsi_dh_rdac: retry inquiry for UNIT ATTENTION (bsc#934760).\n- scsi: do not print 'reservation conflict' for TEST UNIT READY (bsc#984102).\n- scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).\n- scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)\n- scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).\n- scsi_scan: Send TEST UNIT READY to LUN0 before LUN scanning (bnc#843236,bsc#989779).\n- tmpfs: change final i_blocks BUG to WARNING (bsc#991923).\n- Update patches.drivers/fcoe-0102-fcoe-ensure-that-skb-placed-on-the-fip_recv_list-are.patch (add bsc#732582 reference).\n- USB: fix typo in wMaxPacketSize validation (bsc#991665).\n- USB: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).\n- vlan: don't deliver frames for unknown vlans to protocols (bsc#979514).\n- vlan: mask vlan prio bits (bsc#979514).\n- xenbus: inspect the correct type in xenbus_dev_request_and_reply().\n- xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).\n- xfs: Avoid grabbing ilock when file size is not changed (bsc#983535).\n- xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32],{"_key":15},"CVE-2013-4312",{"_key":17},"CVE-2015-7513",{"_key":19},"CVE-2016-0823",{"_key":21},"CVE-2016-3841",{"_key":23},"CVE-2016-4997",{"_key":25},"CVE-2016-5195",{"_key":27},"CVE-2016-5696",{"_key":29},"CVE-2016-6480",{"_key":31},"CVE-2016-6828",{"_key":33},"CVE-2016-7425",[],[],[37,38,39,40,41,42,43,44,45,46],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},"2016-12-09T13:20:33Z","2026-02-04T03:46:16.668468Z",{"cisa_kev":50,"cisa_ransomware":50,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[52,58,63,67,71,75,79,83,87,91,95,99,103,107,111,115,119,123,127,131,135,139,143,147,151,155,159,163,167,171,175,179,183,187,191,195,199,203,207,211,215,219,223,227,231,235,239,243,247,251,255,259,263,267,271,275,279,283,287,291,295,299,304,308,312,316,320,324,328,332,336],{"url":53,"sources":54,"tags":56},"https://www.suse.com/support/update/announcement/2016/suse-su-20163069-1/",[55],"osv_suse",[57],"Advisory",{"url":59,"sources":60,"tags":61},"https://bugzilla.suse.com/1000189",[55],[62],"REPORT",{"url":64,"sources":65,"tags":66},"https://bugzilla.suse.com/1001419",[55],[62],{"url":68,"sources":69,"tags":70},"https://bugzilla.suse.com/1002165",[55],[62],{"url":72,"sources":73,"tags":74},"https://bugzilla.suse.com/1004418",[55],[62],{"url":76,"sources":77,"tags":78},"https://bugzilla.suse.com/732582",[55],[62],{"url":80,"sources":81,"tags":82},"https://bugzilla.suse.com/839104",[55],[62],{"url":84,"sources":85,"tags":86},"https://bugzilla.suse.com/843236",[55],[62],{"url":88,"sources":89,"tags":90},"https://bugzilla.suse.com/909994",[55],[62],{"url":92,"sources":93,"tags":94},"https://bugzilla.suse.com/911687",[55],[62],{"url":96,"sources":97,"tags":98},"https://bugzilla.suse.com/915183",[55],[62],{"url":100,"sources":101,"tags":102},"https://bugzilla.suse.com/920016",[55],[62],{"url":104,"sources":105,"tags":106},"https://bugzilla.suse.com/934760",[55],[62],{"url":108,"sources":109,"tags":110},"https://bugzilla.suse.com/951392",[55],[62],{"url":112,"sources":113,"tags":114},"https://bugzilla.suse.com/956514",[55],[62],{"url":116,"sources":117,"tags":118},"https://bugzilla.suse.com/960689",[55],[62],{"url":120,"sources":121,"tags":122},"https://bugzilla.suse.com/963655",[55],[62],{"url":124,"sources":125,"tags":126},"https://bugzilla.suse.com/971975",[55],[62],{"url":128,"sources":129,"tags":130},"https://bugzilla.suse.com/971989",[55],[62],{"url":132,"sources":133,"tags":134},"https://bugzilla.suse.com/974620",[55],[62],{"url":136,"sources":137,"tags":138},"https://bugzilla.suse.com/976867",[55],[62],{"url":140,"sources":141,"tags":142},"https://bugzilla.suse.com/977687",[55],[62],{"url":144,"sources":145,"tags":146},"https://bugzilla.suse.com/979514",[55],[62],{"url":148,"sources":149,"tags":150},"https://bugzilla.suse.com/979595",[55],[62],{"url":152,"sources":153,"tags":154},"https://bugzilla.suse.com/979681",[55],[62],{"url":156,"sources":157,"tags":158},"https://bugzilla.suse.com/980371",[55],[62],{"url":160,"sources":161,"tags":162},"https://bugzilla.suse.com/982218",[55],[62],{"url":164,"sources":165,"tags":166},"https://bugzilla.suse.com/982783",[55],[62],{"url":168,"sources":169,"tags":170},"https://bugzilla.suse.com/983535",[55],[62],{"url":172,"sources":173,"tags":174},"https://bugzilla.suse.com/983619",[55],[62],{"url":176,"sources":177,"tags":178},"https://bugzilla.suse.com/984102",[55],[62],{"url":180,"sources":181,"tags":182},"https://bugzilla.suse.com/984194",[55],[62],{"url":184,"sources":185,"tags":186},"https://bugzilla.suse.com/984992",[55],[62],{"url":188,"sources":189,"tags":190},"https://bugzilla.suse.com/985206",[55],[62],{"url":192,"sources":193,"tags":194},"https://bugzilla.suse.com/986362",[55],[62],{"url":196,"sources":197,"tags":198},"https://bugzilla.suse.com/986365",[55],[62],{"url":200,"sources":201,"tags":202},"https://bugzilla.suse.com/986445",[55],[62],{"url":204,"sources":205,"tags":206},"https://bugzilla.suse.com/987565",[55],[62],{"url":208,"sources":209,"tags":210},"https://bugzilla.suse.com/988440",[55],[62],{"url":212,"sources":213,"tags":214},"https://bugzilla.suse.com/989152",[55],[62],{"url":216,"sources":217,"tags":218},"https://bugzilla.suse.com/989261",[55],[62],{"url":220,"sources":221,"tags":222},"https://bugzilla.suse.com/989779",[55],[62],{"url":224,"sources":225,"tags":226},"https://bugzilla.suse.com/991608",[55],[62],{"url":228,"sources":229,"tags":230},"https://bugzilla.suse.com/991665",[55],[62],{"url":232,"sources":233,"tags":234},"https://bugzilla.suse.com/991923",[55],[62],{"url":236,"sources":237,"tags":238},"https://bugzilla.suse.com/992566",[55],[62],{"url":240,"sources":241,"tags":242},"https://bugzilla.suse.com/993127",[55],[62],{"url":244,"sources":245,"tags":246},"https://bugzilla.suse.com/993890",[55],[62],{"url":248,"sources":249,"tags":250},"https://bugzilla.suse.com/993891",[55],[62],{"url":252,"sources":253,"tags":254},"https://bugzilla.suse.com/994296",[55],[62],{"url":256,"sources":257,"tags":258},"https://bugzilla.suse.com/994436",[55],[62],{"url":260,"sources":261,"tags":262},"https://bugzilla.suse.com/994618",[55],[62],{"url":264,"sources":265,"tags":266},"https://bugzilla.suse.com/994759",[55],[62],{"url":268,"sources":269,"tags":270},"https://bugzilla.suse.com/994926",[55],[62],{"url":272,"sources":273,"tags":274},"https://bugzilla.suse.com/996329",[55],[62],{"url":276,"sources":277,"tags":278},"https://bugzilla.suse.com/996664",[55],[62],{"url":280,"sources":281,"tags":282},"https://bugzilla.suse.com/997708",[55],[62],{"url":284,"sources":285,"tags":286},"https://bugzilla.suse.com/998399",[55],[62],{"url":288,"sources":289,"tags":290},"https://bugzilla.suse.com/999584",[55],[62],{"url":292,"sources":293,"tags":294},"https://bugzilla.suse.com/999600",[55],[62],{"url":296,"sources":297,"tags":298},"https://bugzilla.suse.com/999932",[55],[62],{"url":300,"sources":301,"tags":302},"https://www.suse.com/security/cve/CVE-2013-4312",[55],[303],"WEB",{"url":305,"sources":306,"tags":307},"https://www.suse.com/security/cve/CVE-2015-7513",[55],[303],{"url":309,"sources":310,"tags":311},"https://www.suse.com/security/cve/CVE-2016-0823",[55],[303],{"url":313,"sources":314,"tags":315},"https://www.suse.com/security/cve/CVE-2016-3841",[55],[303],{"url":317,"sources":318,"tags":319},"https://www.suse.com/security/cve/CVE-2016-4997",[55],[303],{"url":321,"sources":322,"tags":323},"https://www.suse.com/security/cve/CVE-2016-5195",[55],[303],{"url":325,"sources":326,"tags":327},"https://www.suse.com/security/cve/CVE-2016-5696",[55],[303],{"url":329,"sources":330,"tags":331},"https://www.suse.com/security/cve/CVE-2016-6480",[55],[303],{"url":333,"sources":334,"tags":335},"https://www.suse.com/security/cve/CVE-2016-6828",[55],[303],{"url":337,"sources":338,"tags":339},"https://www.suse.com/security/cve/CVE-2016-7425",[55],[303],[],[],[],[344,357,362,367],{"ecosystem":345,"name":346,"vendor":347,"product":348,"cpe_part":9,"purl_type":349,"purl_namespace":347,"purl_name":348,"source":9,"versions":350},"SUSE Linux Enterprise","kernel-rt_trace","suse","kernel-rt_trace&distro=SUSE Linux Enterprise Real Time 11 SP4","rpm",[351],{"version":352,"is_range":353,"range_type":354,"version_start":9,"version_start_type":9,"version_end":355,"version_end_type":356,"fixed_in":9},"lt3_0_101_rt130_65_1",true,"ecosystem","3.0.101.rt130-65.1","excluding",{"ecosystem":345,"name":358,"vendor":347,"product":359,"cpe_part":9,"purl_type":349,"purl_namespace":347,"purl_name":359,"source":9,"versions":360},"kernel-rt","kernel-rt&distro=SUSE Linux Enterprise Real Time 11 SP4",[361],{"version":352,"is_range":353,"range_type":354,"version_start":9,"version_start_type":9,"version_end":355,"version_end_type":356,"fixed_in":9},{"ecosystem":345,"name":363,"vendor":347,"product":364,"cpe_part":9,"purl_type":349,"purl_namespace":347,"purl_name":364,"source":9,"versions":365},"kernel-source-rt","kernel-source-rt&distro=SUSE Linux Enterprise Real Time 11 SP4",[366],{"version":352,"is_range":353,"range_type":354,"version_start":9,"version_start_type":9,"version_end":355,"version_end_type":356,"fixed_in":9},{"ecosystem":345,"name":368,"vendor":347,"product":369,"cpe_part":9,"purl_type":349,"purl_namespace":347,"purl_name":369,"source":9,"versions":370},"kernel-syms-rt","kernel-syms-rt&distro=SUSE Linux Enterprise Real Time 11 SP4",[371],{"version":352,"is_range":353,"range_type":354,"version_start":9,"version_start_type":9,"version_end":355,"version_end_type":356,"fixed_in":9}]