[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2018:0834-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":52,"duplicates":53,"related":54,"reserved_at":9,"published_at":74,"modified_at":75,"state":9,"summary":76,"references_raw":78,"kevs":287,"epss":9,"epss_history":288,"metrics":289,"affected":290},"SUSE-SU-2018:0834-1","Security update for the Linux Kernel\n\n\nThe SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-1068: Fixed flaw in the implementation of 32-bit syscall interface\n  for bridging. This allowed a privileged user to arbitrarily write to a limited\n  range of kernel memory (bnc#1085107).\n- CVE-2017-18221: The __munlock_pagevec function allowed local users to cause a\n  denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall\n  and munlockall system calls (bnc#1084323).\n- CVE-2018-1066: Prevent NULL pointer dereference in\n  fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allowed an attacker controlling a\n  CIFS server to kernel panic a client that has this server mounted, because an\n  empty TargetInfo field in an NTLMSSP setup negotiation response was mishandled\n  during session recovery (bnc#1083640).\n- CVE-2017-13166: Prevent elevation of privilege vulnerability in the kernel\n  v4l2 video driver (bnc#1072865).\n- CVE-2017-16911: The vhci_hcd driver allowed local attackers to disclose\n  kernel memory addresses. Successful exploitation required that a USB device was\n  attached over IP (bnc#1078674).\n- CVE-2017-15299: The KEYS subsystem mishandled use of add_key for a key that\n  already exists but is uninstantiated, which allowed local users to cause a\n  denial of service (NULL pointer dereference and system crash) or possibly have\n  unspecified other impact via a crafted system call (bnc#1063416).\n- CVE-2017-18208: The madvise_willneed function kernel allowed local users to\n  cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED\n  for a DAX mapping (bnc#1083494).\n- CVE-2018-7566: The ALSA sequencer core initializes the event pool on demand\n  by invoking snd_seq_pool_init() when the first write happens and the pool is\n  empty. A user could have reset the pool size manually via ioctl concurrently,\n  which may have lead UAF or out-of-bound access (bsc#1083483).\n- CVE-2017-18204: The ocfs2_setattr function allowed local users to cause a\n  denial of service (deadlock) via DIO requests (bnc#1083244).\n- CVE-2017-16644: The hdpvr_probe function allowed local users to cause a\n  denial of service (improper error handling and system crash) or possibly have\n  unspecified other impact via a crafted USB device (bnc#1067118).\n- CVE-2018-6927: The futex_requeue function allowed attackers to cause a denial\n  of service (integer overflow) or possibly have unspecified other impact by\n  triggering a negative wake or requeue value (bnc#1080757).\n- CVE-2017-16914: The 'stub_send_ret_submit()' function allowed attackers to\n  cause a denial of service (NULL pointer dereference) via a specially crafted\n  USB over IP packet (bnc#1078669).\n- CVE-2016-7915: The hid_input_field function allowed physically proximate\n  attackers to obtain sensitive information from kernel memory or cause a denial\n  of service (out-of-bounds read) by connecting a device (bnc#1010470).\n- CVE-2017-12190: The bio_map_user_iov and bio_unmap_user functions did\n  unbalanced refcounting when a SCSI I/O vector had small consecutive buffers\n  belonging to the same page. The bio_add_pc_page function merged them into one,\n  but the page reference was never dropped. This caused a memory leak and\n  possible system lockup (exploitable against the host OS by a guest OS user, if\n  a SCSI disk is passed through to a virtual machine) due to an out-of-memory\n  condition (bnc#1062568).\n- CVE-2017-16912: The 'get_pipe()' function allowed attackers to cause a denial\n  of service (out-of-bounds read) via a specially crafted USB over IP packet\n  (bnc#1078673).\n- CVE-2017-16913: The 'stub_recv_cmd_submit()' function when handling\n  CMD_SUBMIT packets allowed attackers to cause a denial of service (arbitrary\n  memory allocation) via a specially crafted USB over IP packet (bnc#1078672).\n- CVE-2018-5332: The rds_message_alloc_sgs() function did not validate a value\n  that is used during DMA page allocation, leading to a heap-based out-of-bounds\n  write (related to the rds_rdma_extra_size function in net/rds/rdma.c)\n  (bnc#1075621).\n- CVE-2018-5333: The rds_cmsg_atomic function in net/rds/rdma.c mishandled\n  cases where page pinning fails or an invalid address is supplied, leading to an\n  rds_atomic_free_op NULL pointer dereference (bnc#1075617).\n- CVE-2017-18017: The tcpmss_mangle_packet function allowed remote attackers to\n  cause a denial of service (use-after-free and memory corruption) or possibly\n  have unspecified other impact by leveraging the presence of xt_TCPMSS in an\n  iptables action (bnc#1074488).\n\nThe following non-security bugs were fixed:\n\n- Fix build on arm64 by defining empty gmb() (bnc#1068032).\n- KEYS: do not let add_key() update an uninstantiated key (bnc#1063416).\n- KEYS: fix writing past end of user-supplied buffer in keyring_read() (bsc#1066001).\n- KEYS: return full count in keyring_read() if buffer is too small (bsc#1066001).\n- include/stddef.h: Move offsetofend() from vfio.h to a generic kernel header (bsc#1077560).\n- ipc/msg: introduce msgctl(MSG_STAT_ANY) (bsc#1072689).\n- ipc/sem: introduce semctl(SEM_STAT_ANY) (bsc#1072689).\n- ipc/shm: introduce shmctl(SHM_STAT_ANY) (bsc#1072689).\n- x86/kaiser: use trampoline stack for kernel entry (bsc#1077560)\n- leds: do not overflow sysfs buffer in led_trigger_show (bsc#1080464).\n- livepatch: __kgr_shadow_get_or_alloc() is local to shadow.c. Shadow variables support (bsc#1082299).\n- livepatch: introduce shadow variable API. Shadow variables support (bsc#1082299)\n- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: do not copy back the result for certain errors (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: fix the indentation (bnc#1012382).\n- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (bnc#1012382).\n- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (bnc#1012382).\n- media: v4l2-ioctl.c: do not copy back the result for -ENOTTY (bnc#1012382).\n- netfilter: ebtables: CONFIG_COMPAT: do not trust userland offsets (bsc#1085107).\n- netfilter: ebtables: fix erroneous reject of last rule (bsc#1085107).\n- packet: only call dev_add_pack() on freshly allocated fanout instances\n- pipe: cap initial pipe capacity according to pipe-max-size limit (bsc#1045330).\n- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50],{"_key":15},"CVE-2016-7915",{"_key":17},"CVE-2017-12190",{"_key":19},"CVE-2017-13166",{"_key":21},"CVE-2017-15299",{"_key":23},"CVE-2017-16644",{"_key":25},"CVE-2017-16911",{"_key":27},"CVE-2017-16912",{"_key":29},"CVE-2017-16913",{"_key":31},"CVE-2017-16914",{"_key":33},"CVE-2017-18017",{"_key":35},"CVE-2017-18204",{"_key":37},"CVE-2017-18208",{"_key":39},"CVE-2017-18221",{"_key":41},"CVE-2018-1066",{"_key":43},"CVE-2018-1068",{"_key":45},"CVE-2018-5332",{"_key":47},"CVE-2018-5333",{"_key":49},"CVE-2018-6927",{"_key":51},"CVE-2018-7566",[],[],[55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},"2018-03-28T14:17:49Z","2026-02-04T03:54:59.456038Z",{"cisa_kev":77,"cisa_ransomware":77,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[79,85,90,94,98,102,106,110,114,118,122,126,130,134,138,142,146,150,154,158,162,166,170,174,178,182,186,190,194,198,202,206,210,215,219,223,227,231,235,239,243,247,251,255,259,263,267,271,275,279,283],{"url":80,"sources":81,"tags":83},"https://www.suse.com/support/update/announcement/2018/suse-su-20180834-1/",[82],"osv_suse",[84],"Advisory",{"url":86,"sources":87,"tags":88},"https://bugzilla.suse.com/1010470",[82],[89],"REPORT",{"url":91,"sources":92,"tags":93},"https://bugzilla.suse.com/1012382",[82],[89],{"url":95,"sources":96,"tags":97},"https://bugzilla.suse.com/1045330",[82],[89],{"url":99,"sources":100,"tags":101},"https://bugzilla.suse.com/1062568",[82],[89],{"url":103,"sources":104,"tags":105},"https://bugzilla.suse.com/1063416",[82],[89],{"url":107,"sources":108,"tags":109},"https://bugzilla.suse.com/1066001",[82],[89],{"url":111,"sources":112,"tags":113},"https://bugzilla.suse.com/1067118",[82],[89],{"url":115,"sources":116,"tags":117},"https://bugzilla.suse.com/1068032",[82],[89],{"url":119,"sources":120,"tags":121},"https://bugzilla.suse.com/1072689",[82],[89],{"url":123,"sources":124,"tags":125},"https://bugzilla.suse.com/1072865",[82],[89],{"url":127,"sources":128,"tags":129},"https://bugzilla.suse.com/1074488",[82],[89],{"url":131,"sources":132,"tags":133},"https://bugzilla.suse.com/1075617",[82],[89],{"url":135,"sources":136,"tags":137},"https://bugzilla.suse.com/1075621",[82],[89],{"url":139,"sources":140,"tags":141},"https://bugzilla.suse.com/1077560",[82],[89],{"url":143,"sources":144,"tags":145},"https://bugzilla.suse.com/1078669",[82],[89],{"url":147,"sources":148,"tags":149},"https://bugzilla.suse.com/1078672",[82],[89],{"url":151,"sources":152,"tags":153},"https://bugzilla.suse.com/1078673",[82],[89],{"url":155,"sources":156,"tags":157},"https://bugzilla.suse.com/1078674",[82],[89],{"url":159,"sources":160,"tags":161},"https://bugzilla.suse.com/1080255",[82],[89],{"url":163,"sources":164,"tags":165},"https://bugzilla.suse.com/1080464",[82],[89],{"url":167,"sources":168,"tags":169},"https://bugzilla.suse.com/1080757",[82],[89],{"url":171,"sources":172,"tags":173},"https://bugzilla.suse.com/1082299",[82],[89],{"url":175,"sources":176,"tags":177},"https://bugzilla.suse.com/1083244",[82],[89],{"url":179,"sources":180,"tags":181},"https://bugzilla.suse.com/1083483",[82],[89],{"url":183,"sources":184,"tags":185},"https://bugzilla.suse.com/1083494",[82],[89],{"url":187,"sources":188,"tags":189},"https://bugzilla.suse.com/1083640",[82],[89],{"url":191,"sources":192,"tags":193},"https://bugzilla.suse.com/1084323",[82],[89],{"url":195,"sources":196,"tags":197},"https://bugzilla.suse.com/1085107",[82],[89],{"url":199,"sources":200,"tags":201},"https://bugzilla.suse.com/1085114",[82],[89],{"url":203,"sources":204,"tags":205},"https://bugzilla.suse.com/1085279",[82],[89],{"url":207,"sources":208,"tags":209},"https://bugzilla.suse.com/1085447",[82],[89],{"url":211,"sources":212,"tags":213},"https://www.suse.com/security/cve/CVE-2016-7915",[82],[214],"WEB",{"url":216,"sources":217,"tags":218},"https://www.suse.com/security/cve/CVE-2017-12190",[82],[214],{"url":220,"sources":221,"tags":222},"https://www.suse.com/security/cve/CVE-2017-13166",[82],[214],{"url":224,"sources":225,"tags":226},"https://www.suse.com/security/cve/CVE-2017-15299",[82],[214],{"url":228,"sources":229,"tags":230},"https://www.suse.com/security/cve/CVE-2017-16644",[82],[214],{"url":232,"sources":233,"tags":234},"https://www.suse.com/security/cve/CVE-2017-16911",[82],[214],{"url":236,"sources":237,"tags":238},"https://www.suse.com/security/cve/CVE-2017-16912",[82],[214],{"url":240,"sources":241,"tags":242},"https://www.suse.com/security/cve/CVE-2017-16913",[82],[214],{"url":244,"sources":245,"tags":246},"https://www.suse.com/security/cve/CVE-2017-16914",[82],[214],{"url":248,"sources":249,"tags":250},"https://www.suse.com/security/cve/CVE-2017-18017",[82],[214],{"url":252,"sources":253,"tags":254},"https://www.suse.com/security/cve/CVE-2017-18204",[82],[214],{"url":256,"sources":257,"tags":258},"https://www.suse.com/security/cve/CVE-2017-18208",[82],[214],{"url":260,"sources":261,"tags":262},"https://www.suse.com/security/cve/CVE-2017-18221",[82],[214],{"url":264,"sources":265,"tags":266},"https://www.suse.com/security/cve/CVE-2018-1066",[82],[214],{"url":268,"sources":269,"tags":270},"https://www.suse.com/security/cve/CVE-2018-1068",[82],[214],{"url":272,"sources":273,"tags":274},"https://www.suse.com/security/cve/CVE-2018-5332",[82],[214],{"url":276,"sources":277,"tags":278},"https://www.suse.com/security/cve/CVE-2018-5333",[82],[214],{"url":280,"sources":281,"tags":282},"https://www.suse.com/security/cve/CVE-2018-6927",[82],[214],{"url":284,"sources":285,"tags":286},"https://www.suse.com/security/cve/CVE-2018-7566",[82],[214],[],[],[],[291,304,309,314,319,324],{"ecosystem":292,"name":293,"vendor":294,"product":295,"cpe_part":9,"purl_type":296,"purl_namespace":294,"purl_name":295,"source":9,"versions":297},"SUSE Linux Enterprise","kernel-default","suse","kernel-default&distro=SUSE Linux Enterprise Server 12-LTSS","rpm",[298],{"version":299,"is_range":300,"range_type":301,"version_start":9,"version_start_type":9,"version_end":302,"version_end_type":303,"fixed_in":9},"lt3_12_61_52_125_1",true,"ecosystem","3.12.61-52.125.1","excluding",{"ecosystem":292,"name":305,"vendor":294,"product":306,"cpe_part":9,"purl_type":296,"purl_namespace":294,"purl_name":306,"source":9,"versions":307},"kernel-ec2","kernel-ec2&distro=SUSE Linux Enterprise Module for Public Cloud 12",[308],{"version":299,"is_range":300,"range_type":301,"version_start":9,"version_start_type":9,"version_end":302,"version_end_type":303,"fixed_in":9},{"ecosystem":292,"name":310,"vendor":294,"product":311,"cpe_part":9,"purl_type":296,"purl_namespace":294,"purl_name":311,"source":9,"versions":312},"kernel-source","kernel-source&distro=SUSE Linux Enterprise Server 12-LTSS",[313],{"version":299,"is_range":300,"range_type":301,"version_start":9,"version_start_type":9,"version_end":302,"version_end_type":303,"fixed_in":9},{"ecosystem":292,"name":315,"vendor":294,"product":316,"cpe_part":9,"purl_type":296,"purl_namespace":294,"purl_name":316,"source":9,"versions":317},"kernel-syms","kernel-syms&distro=SUSE Linux Enterprise Server 12-LTSS",[318],{"version":299,"is_range":300,"range_type":301,"version_start":9,"version_start_type":9,"version_end":302,"version_end_type":303,"fixed_in":9},{"ecosystem":292,"name":320,"vendor":294,"product":321,"cpe_part":9,"purl_type":296,"purl_namespace":294,"purl_name":321,"source":9,"versions":322},"kernel-xen","kernel-xen&distro=SUSE Linux Enterprise Server 12-LTSS",[323],{"version":299,"is_range":300,"range_type":301,"version_start":9,"version_start_type":9,"version_end":302,"version_end_type":303,"fixed_in":9},{"ecosystem":292,"name":325,"vendor":294,"product":326,"cpe_part":9,"purl_type":296,"purl_namespace":294,"purl_name":326,"source":9,"versions":327},"kgraft-patch-SLE12_Update_33","kgraft-patch-SLE12_Update_33&distro=SUSE Linux Enterprise Server 12-LTSS",[328],{"version":329,"is_range":300,"range_type":301,"version_start":9,"version_start_type":9,"version_end":330,"version_end_type":303,"fixed_in":9},"lt1_1_3_1","1-1.3.1"]