[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2017:2694-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":218,"epss":9,"epss_history":219,"metrics":220,"affected":221},"SUSE-SU-2017:2694-1","Security update for the Linux Kernel\n\n\nThe SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-1000251: The native Bluetooth stack was vulnerable to a stack\n  overflow vulnerability in the processing of L2CAP configuration responses\n  resulting in remote code execution in kernel space (bnc#1057389).\n- CVE-2017-14340: The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h did not\n  verify that a filesystem has a realtime device, which allowed local users to\n  cause a denial of service (NULL pointer dereference and OOPS) via vectors\n  related to setting an RHINHERIT flag on a directory (bnc#1058524).\n- CVE-2017-14140: The move_pages system call in mm/migrate.c did not check the\n  effective uid of the target process, enabling a local attacker to learn the\n  memory layout of a setuid executable despite ASLR (bnc#1057179).\n- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl\n  function in drivers/scsi/qla2xxx/qla_attr.c allowed local users to cause a\n  denial of service (memory corruption and system crash) by leveraging root\n  access (bnc#1056588).\n- CVE-2017-10661: Race condition in fs/timerfd.c allowed local users to gain\n  privileges or cause a denial of service (list corruption or use-after-free) via\n  simultaneous file-descriptor operations that leverage improper might_cancel\n  queueing (bnc#1053152).\n- CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c a user-controlled buffer was\n  copied into a local buffer of constant size using strcpy without a length check\n  which can cause a buffer overflow (bnc#1053148).\n- CVE-2017-8831: The saa7164_bus_get function allowed local users to cause a\n  denial of service (out-of-bounds array access) or possibly have unspecified\n  other impact by changing a certain sequence-number value, aka a 'double fetch'\n  vulnerability (bnc#1037994).\n- CVE-2017-1000112: Prevent race condition in net-packet code that could have\n  been exploited by unprivileged users to gain root access.(bnc#1052311).\n\nThe following non-security bugs were fixed:\n\n- ALSA: Fix Lewisburg audio issue\n- Drop commit 96234ae:kvm_io_bus_unregister_dev() should never fail (bsc#1055680)\n- Fixup build warnings in drivers/scsi/scsi.c (bsc#1031358)\n- NFS: Cache aggressively when file is open for writing (bsc#1053933).\n- NFS: Do drop directory dentry when error clearly requires it (bsc#1051932).\n- NFS: Do not flush caches for a getattr that races with writeback (bsc#1053933).\n- NFS: Optimize fallocate by refreshing mapping when needed (bsc#1053933).\n- NFS: invalidate file size when taking a lock (bsc#1053933).\n- PCI: fix hotplug related issues (bnc#1054247).\n- af_key: do not use GFP_KERNEL in atomic contexts (bsc#1054093).\n- avoid deadlock in xenbus (bnc#1047523).\n- blacklist 9754d45e9970 tpm: read burstcount from TPM_STS in one 32-bit transaction\n- blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216).\n- cx231xx-audio: fix NULL-deref at probe (bsc#1050431).\n- cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc#1045154).\n- fuse: do not use iocb after it may have been freed (bsc#1054706).\n- fuse: fix fuse_write_end() if zero bytes were copied (bsc#1054706).\n- fuse: fsync() did not return IO errors (bsc#1054076).\n- fuse: fuse_flush must check mapping->flags for errors (bsc#1054706).\n- gspca: konica: add missing endpoint sanity check (bsc#1050431).\n- kabi/severities: Ignore zpci symbol changes (bsc#1054247)\n- lib/mpi: mpi_read_raw_data(): fix nbits calculation\n- media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS ioctl (bsc#1050431).\n- net: Fix RCU splat in af_key (bsc#1054093).\n- powerpc/fadump: add reschedule point while releasing memory (bsc#1040609 bsc#1024450).\n- powerpc/fadump: avoid duplicates in crash memory ranges (bsc#1037669 bsc#1037667).\n- powerpc/fadump: provide a helpful error message (bsc#1037669 bsc#1037667).\n- powerpc/prom: Increase minimum RMA size to 512MB (bsc#984530, bsc#1052370).\n- powerpc/slb: Force a full SLB flush when we insert for a bad EA (bsc#1054070).\n- reiserfs: fix race in readdir (bsc#1039803).\n- s390/pci: do not cleanup in arch_setup_msi_irqs (bnc#1054247).\n- s390/pci: fix handling of PEC 306 (bnc#1054247).\n- s390/pci: improve error handling during fmb (de)registration (bnc#1054247).\n- s390/pci: improve error handling during interrupt deregistration (bnc#1054247).\n- s390/pci: improve pci hotplug (bnc#1054247).\n- s390/pci: improve unreg_ioat error handling (bnc#1054247).\n- s390/pci: introduce clp_get_state (bnc#1054247).\n- s390/pci: provide more debug information (bnc#1054247).\n- scsi: avoid system stall due to host_busy race (bsc#1031358).\n- scsi: close race when updating blocked counters (bsc#1031358).\n- ser_gigaset: return -ENOMEM on error instead of success (bsc#1037441).\n- supported.conf: clear mistaken external support flag for cifs.ko (bsc#1053802).\n- tpm: fix a kernel memory leak in tpm-sysfs.c (bsc#1050381).\n- uwb: fix device quirk on big-endian hosts (bsc#1036629).\n- xfs: fix inobt inode allocation search optimization (bsc#1013018).\n",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2017-1000112",{"_key":17},"CVE-2017-1000251",{"_key":19},"CVE-2017-10661",{"_key":21},"CVE-2017-12762",{"_key":23},"CVE-2017-14051",{"_key":25},"CVE-2017-14140",{"_key":27},"CVE-2017-14340",{"_key":29},"CVE-2017-8831",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2017-10-10T12:16:47Z","2026-02-04T02:30:09.058781Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,61,65,69,73,77,81,85,89,93,97,101,105,109,113,117,121,125,129,133,137,141,145,149,153,157,161,165,169,173,177,181,185,190,194,198,202,206,210,214],{"url":47,"sources":48,"tags":50},"https://www.suse.com/support/update/announcement/2017/suse-su-20172694-1/",[49],"osv_suse",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugzilla.suse.com/1013018",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"https://bugzilla.suse.com/1024450",[49],[56],{"url":62,"sources":63,"tags":64},"https://bugzilla.suse.com/1031358",[49],[56],{"url":66,"sources":67,"tags":68},"https://bugzilla.suse.com/1036629",[49],[56],{"url":70,"sources":71,"tags":72},"https://bugzilla.suse.com/1037441",[49],[56],{"url":74,"sources":75,"tags":76},"https://bugzilla.suse.com/1037667",[49],[56],{"url":78,"sources":79,"tags":80},"https://bugzilla.suse.com/1037669",[49],[56],{"url":82,"sources":83,"tags":84},"https://bugzilla.suse.com/1037994",[49],[56],{"url":86,"sources":87,"tags":88},"https://bugzilla.suse.com/1039803",[49],[56],{"url":90,"sources":91,"tags":92},"https://bugzilla.suse.com/1040609",[49],[56],{"url":94,"sources":95,"tags":96},"https://bugzilla.suse.com/1042863",[49],[56],{"url":98,"sources":99,"tags":100},"https://bugzilla.suse.com/1045154",[49],[56],{"url":102,"sources":103,"tags":104},"https://bugzilla.suse.com/1047523",[49],[56],{"url":106,"sources":107,"tags":108},"https://bugzilla.suse.com/1050381",[49],[56],{"url":110,"sources":111,"tags":112},"https://bugzilla.suse.com/1050431",[49],[56],{"url":114,"sources":115,"tags":116},"https://bugzilla.suse.com/1051932",[49],[56],{"url":118,"sources":119,"tags":120},"https://bugzilla.suse.com/1052311",[49],[56],{"url":122,"sources":123,"tags":124},"https://bugzilla.suse.com/1052370",[49],[56],{"url":126,"sources":127,"tags":128},"https://bugzilla.suse.com/1053148",[49],[56],{"url":130,"sources":131,"tags":132},"https://bugzilla.suse.com/1053152",[49],[56],{"url":134,"sources":135,"tags":136},"https://bugzilla.suse.com/1053802",[49],[56],{"url":138,"sources":139,"tags":140},"https://bugzilla.suse.com/1053933",[49],[56],{"url":142,"sources":143,"tags":144},"https://bugzilla.suse.com/1054070",[49],[56],{"url":146,"sources":147,"tags":148},"https://bugzilla.suse.com/1054076",[49],[56],{"url":150,"sources":151,"tags":152},"https://bugzilla.suse.com/1054093",[49],[56],{"url":154,"sources":155,"tags":156},"https://bugzilla.suse.com/1054247",[49],[56],{"url":158,"sources":159,"tags":160},"https://bugzilla.suse.com/1054706",[49],[56],{"url":162,"sources":163,"tags":164},"https://bugzilla.suse.com/1055680",[49],[56],{"url":166,"sources":167,"tags":168},"https://bugzilla.suse.com/1056588",[49],[56],{"url":170,"sources":171,"tags":172},"https://bugzilla.suse.com/1057179",[49],[56],{"url":174,"sources":175,"tags":176},"https://bugzilla.suse.com/1057389",[49],[56],{"url":178,"sources":179,"tags":180},"https://bugzilla.suse.com/1058524",[49],[56],{"url":182,"sources":183,"tags":184},"https://bugzilla.suse.com/984530",[49],[56],{"url":186,"sources":187,"tags":188},"https://www.suse.com/security/cve/CVE-2017-1000112",[49],[189],"WEB",{"url":191,"sources":192,"tags":193},"https://www.suse.com/security/cve/CVE-2017-1000251",[49],[189],{"url":195,"sources":196,"tags":197},"https://www.suse.com/security/cve/CVE-2017-10661",[49],[189],{"url":199,"sources":200,"tags":201},"https://www.suse.com/security/cve/CVE-2017-12762",[49],[189],{"url":203,"sources":204,"tags":205},"https://www.suse.com/security/cve/CVE-2017-14051",[49],[189],{"url":207,"sources":208,"tags":209},"https://www.suse.com/security/cve/CVE-2017-14140",[49],[189],{"url":211,"sources":212,"tags":213},"https://www.suse.com/security/cve/CVE-2017-14340",[49],[189],{"url":215,"sources":216,"tags":217},"https://www.suse.com/security/cve/CVE-2017-8831",[49],[189],[],[],[],[222,235,240,245],{"ecosystem":223,"name":224,"vendor":225,"product":226,"cpe_part":9,"purl_type":227,"purl_namespace":225,"purl_name":226,"source":9,"versions":228},"SUSE Linux Enterprise","kernel-rt_trace","suse","kernel-rt_trace&distro=SUSE Linux Enterprise Real Time 11 SP4","rpm",[229],{"version":230,"is_range":231,"range_type":232,"version_start":9,"version_start_type":9,"version_end":233,"version_end_type":234,"fixed_in":9},"lt3_0_101_rt130_69_8_1",true,"ecosystem","3.0.101.rt130-69.8.1","excluding",{"ecosystem":223,"name":236,"vendor":225,"product":237,"cpe_part":9,"purl_type":227,"purl_namespace":225,"purl_name":237,"source":9,"versions":238},"kernel-rt","kernel-rt&distro=SUSE Linux Enterprise Real Time 11 SP4",[239],{"version":230,"is_range":231,"range_type":232,"version_start":9,"version_start_type":9,"version_end":233,"version_end_type":234,"fixed_in":9},{"ecosystem":223,"name":241,"vendor":225,"product":242,"cpe_part":9,"purl_type":227,"purl_namespace":225,"purl_name":242,"source":9,"versions":243},"kernel-source-rt","kernel-source-rt&distro=SUSE Linux Enterprise Real Time 11 SP4",[244],{"version":230,"is_range":231,"range_type":232,"version_start":9,"version_start_type":9,"version_end":233,"version_end_type":234,"fixed_in":9},{"ecosystem":223,"name":246,"vendor":225,"product":247,"cpe_part":9,"purl_type":227,"purl_namespace":225,"purl_name":247,"source":9,"versions":248},"kernel-syms-rt","kernel-syms-rt&distro=SUSE Linux Enterprise Real Time 11 SP4",[249],{"version":230,"is_range":231,"range_type":232,"version_start":9,"version_start_type":9,"version_end":233,"version_end_type":234,"fixed_in":9}]