[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-SUSE-SU-2018:1173-1":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":32,"duplicates":33,"related":34,"reserved_at":9,"published_at":44,"modified_at":45,"state":9,"summary":46,"references_raw":48,"kevs":237,"epss":9,"epss_history":238,"metrics":239,"affected":240},"SUSE-SU-2018:1173-1","Security update for the Linux Kernel\n\n\n\nThe SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to 4.4.121 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability that allowed local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bnc#1090643).\n- CVE-2018-10124: The kill_something_info function in kernel/signal.c might have allowed local users to cause a denial of service via an INT_MIN argument (bnc#1089752).\n- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might have allowed local users to cause a denial of service by triggering an attempted use of the -INT_MIN value (bnc#1089608).\n- CVE-2017-18257: The __get_data_block function in fs/f2fs/data.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl. (bnc#1088241)\n- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).\n- CVE-2018-8043: The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c did not validate certain resource availability, which allowed local users to cause a denial of service (NULL pointer dereference) (bnc#1084829).\n- CVE-2018-7740: The resv_map_release function in mm/hugetlb.c allowed local users to cause a denial of service (BUG) via a crafted application that made mmap system calls and has a large pgoff argument to the remap_file_pages system call (bnc#1084353).\n- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)\n- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)\n\nThe following non-security bugs were fixed:\n\n- alsa: hda/realtek - Fix speaker no sound after system resume (bsc#1031717).\n- alsa: hda: Add a power_save blacklist (bnc#1012382).\n- alsa: usb-audio: Add a quirck for B&W PX headphones (bnc#1012382).\n- arm: dts: LogicPD Torpedo: Fix I2C1 pinmux (bnc#1012382).\n- arm: mvebu: Fix broken PL310_ERRATA_753970 selects (bnc#1012382).\n- kvm: mmu: Fix overlap between public and private memslots (bnc#1012382).\n- Partial revert 'e1000e: Avoid receiver overrun interrupt bursts' (bsc#1075428).\n- Revert 'e1000e: Separate signaling for link check/link up' (bsc#1075428).\n- Revert 'led: core: Fix brightness setting when setting delay_off=0' (bnc#1012382).\n- Revert 'watchdog: hpwdt: Remove legacy NMI sourcing (bsc#1085185).' This reverts commit 5d4a2355a2a1c2ec6fdf9d18b68ca0a04ff73c70.\n- bpf, x64: implement retpoline for tail call (bnc#1012382).\n- bridge: check brport attr show in brport_show (bnc#1012382).\n- btrfs: Only check first key for committed tree blocks (bsc#1084721).\n- btrfs: Validate child tree block's level and first key (bsc#1084721).\n- btrfs: preserve i_mode if __btrfs_set_acl() fails (bnc#1012382).\n- ch9200: use skb_cow_head() to deal with cloned skbs (bsc#1088684).\n- cpufreq: s3c24xx: Fix broken s3c_cpufreq_init() (bnc#1012382).\n- dcache: Add cond_resched in shrink_dentry_list (bsc#1086194).\n- dm io: fix duplicate bio completion due to missing ref count (bnc#1012382).\n- drm/i915/cmdparser: Do not check past the cmd length (bsc#1031717).\n- drm/i915/psr: Check for the specific AUX_FRAME_SYNC cap bit (bsc#1031717).\n- e1000e: Avoid missed interrupts following ICR read (bsc#1075428).\n- e1000e: Avoid receiver overrun interrupt bursts (bsc#1075428).\n- e1000e: Fix check_for_link return value with autoneg off (bsc#1075428).\n- e1000e: Fix link check race condition (bsc#1075428).\n- e1000e: Fix queue interrupt re-raising in Other interrupt (bsc#1075428).\n- e1000e: Remove Other from EIAC (bsc#1075428).\n- fib_semantics: Do not match route with mismatching tclassid (bnc#1012382).\n- fs/hugetlbfs/inode.c: change put_page/unlock_page order in hugetlbfs_fallocate() (git-fixes, bsc#1083745).\n- hdlc_ppp: carrier detect ok, do not turn off negotiation (bnc#1012382).\n- hugetlbfs: fix offset overflow in hugetlbfs mmap (bnc#1084353).\n- ibmvfc: Avoid unnecessary port relogin (bsc#1085404).\n- ibmvnic: Clear pending interrupt after device reset (bsc#1089644).\n- ibmvnic: Define vnic_login_client_data name field as unsized array (bsc#1089198).\n- ibmvnic: Disable irqs before exiting reset from closed state (bsc#1084610).\n- ibmvnic: Do not notify peers on parameter change resets (bsc#1089198).\n- ibmvnic: Do not reset CRQ for Mobility driver resets (bsc#1088600).\n- ibmvnic: Fix DMA mapping mistakes (bsc#1088600).\n- ibmvnic: Fix failover case for non-redundant configuration (bsc#1088600).\n- ibmvnic: Fix reset return from closed state (bsc#1084610).\n- ibmvnic: Fix reset scheduler error handling (bsc#1088600).\n- ibmvnic: Handle all login error conditions (bsc#1089198).\n- ibmvnic: Potential NULL dereference in clean_one_tx_pool() (bsc#1085224, git-fixes).\n- ibmvnic: Remove unused TSO resources in TX pool structure (bsc#1085224).\n- ibmvnic: Update TX pool cleaning routine (bsc#1085224).\n- ibmvnic: Zero used TX descriptor counter on reset (bsc#1088600).\n- ipv6 sit: work around bogus gcc-8 -Wrestrict warning (bnc#1012382).\n- kGraft: fix small race in reversion code (bsc#1083125).\n- kabi/severities: Ignore kgr_shadow_* kABI changes\n- kvm/x86: fix icebp instruction handling (bnc#1012382).\n- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).\n- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).\n- mac80211: do not WARN on bad WMM parameters from buggy APs (bsc#1031717).\n- md-cluster: fix wrong condition check in raid1_write_request (bsc#1085402).\n- media: au0828: fix VIDEO_V4L2 dependency (bsc#1031717).\n- media: cx25821: prevent out-of-bounds read on array card (bsc#1031717).\n- media: m88ds3103: do not call a non-initalized function (bnc#1012382).\n- media: s3c-camif: fix out-of-bounds array access (bsc#1031717).\n- mm/hugetlb.c: do not call region_abort if region_chg fails (bnc#1084353).\n- mpls, nospec: Sanitize array index in mpls_label_ok() (bnc#1012382).\n- net: fix race on decreasing number of TX queues (bnc#1012382).\n- net: ipv4: avoid unused variable warning for sysctl (git-fixes).\n- net: ipv4: do not allow setting net.ipv4.route.min_pmtu below 68 (bnc#1012382).\n- net: mpls: Pull common label check into helper (bnc#1012382).\n- netlink: ensure to loop over all netns in genlmsg_multicast_allns() (bnc#1012382).\n- nospec: Allow index argument to have const-qualified type (bnc#1012382).\n- perf/x86/intel: Add model number for Skylake Server to perf (FATE#321269).\n- powerpc/crash: Remove the test for cpu_online in the IPI callback (bsc#1088242).\n- powerpc: Do not send system reset request through the oops path (bsc#1088242).\n- powerpc: System reset avoid interleaving oops using die synchronisation (bsc#1088242).\n- ppp: prevent unregistered channels from connecting to PPP units (bnc#1012382).\n- regmap-i2c: Off by one in regmap_i2c_smbus_i2c_read/write() (bsc#1031717).\n- regmap: Do not use format_val in regmap_bulk_read (bsc#1031717).\n- regmap: Fix reversed bounds check in regmap_raw_write() (bsc#1031717).\n- regmap: Format data for raw write in regmap_bulk_write (bsc#1031717).\n- rpm/config.sh: ensure sorted patches.\n- s390/cpuinfo: show facilities as reported by stfle (bnc#1076847, LTC#163740).\n- s390/qeth: fix IPA command submission race (bnc#1012382).\n- s390/qeth: fix SETIP command handling (bnc#1012382).\n- sctp: fix dst refcnt leak in sctp_v4_get_dst (bnc#1012382).\n- sctp: fix dst refcnt leak in sctp_v6_get_dst() (bnc#1012382).\n- sctp: verify size of a new chunk in _sctp_make_chunk() (bnc#1012382).\n- storvsc: do not schedule work elements during host reset (bsc#1070536, bsc#1057734).\n- storvsc_drv: use embedded work structure for host rescan (bsc#1070536, bsc#1057734).\n- storvsc_drv: use separate workqueue for rescan (bsc#1070536, bsc#1057734).\n- swap: divide-by-zero when zero length swap file on ssd (bsc#1082153).\n- tpm: st33zp24: fix potential buffer overruns caused by bit glitches on the bus (bnc#1012382).\n- tpm_i2c_infineon: fix potential buffer overruns caused by bit glitches on the bus (bnc#1012382).\n- tpm_i2c_nuvoton: fix potential buffer overruns caused by bit glitches on the bus (bnc#1012382).\n- udplite: fix partial checksum initialization (bnc#1012382).\n- watchdog: hpwdt: Remove legacy NMI sourcing (bsc#1085185).\n- x86/apic/vector: Handle legacy irq data correctly (bnc#1012382).\n- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).\n- x86/kaiser: Duplicate cpu_tss for an entry trampoline usage (bsc#1077560 bsc#1083836).\n- x86/kaiser: Remove a user mapping of cpu_tss structure (bsc#1077560 bsc#1083836).\n- x86/kaiser: Use a per-CPU trampoline stack for kernel entry (bsc#1077560).\n- x86/kaiser: enforce trampoline stack alignment (bsc#1087260).\n- x86/speculation: Remove Skylake C2 from Speculation Control microcode blacklist (bsc#1087845).\n- xen-blkfront: fix mq start/stop race (bsc#1085042).\n- xen-netback: use skb to determine number of required guest Rx requests (bsc#1046610).\n",null,[],[],[],[14,16,18,20,22,24,26,28,30],{"_key":15},"CVE-2017-18257",{"_key":17},"CVE-2018-10087",{"_key":19},"CVE-2018-10124",{"_key":21},"CVE-2018-1087",{"_key":23},"CVE-2018-7740",{"_key":25},"CVE-2018-8043",{"_key":27},"CVE-2018-8781",{"_key":29},"CVE-2018-8822",{"_key":31},"CVE-2018-8897",[],[],[35,36,37,38,39,40,41,42,43],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},"2018-05-08T17:34:59Z","2026-02-04T04:21:59.703236Z",{"cisa_kev":47,"cisa_ransomware":47,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[49,55,60,64,68,72,76,80,84,88,92,96,100,104,108,112,116,120,124,128,132,136,140,144,148,152,156,160,164,168,172,176,180,184,188,192,196,200,205,209,213,217,221,225,229,233],{"url":50,"sources":51,"tags":53},"https://www.suse.com/support/update/announcement/2018/suse-su-20181173-1/",[52],"osv_suse",[54],"Advisory",{"url":56,"sources":57,"tags":58},"https://bugzilla.suse.com/1012382",[52],[59],"REPORT",{"url":61,"sources":62,"tags":63},"https://bugzilla.suse.com/1031717",[52],[59],{"url":65,"sources":66,"tags":67},"https://bugzilla.suse.com/1046610",[52],[59],{"url":69,"sources":70,"tags":71},"https://bugzilla.suse.com/1057734",[52],[59],{"url":73,"sources":74,"tags":75},"https://bugzilla.suse.com/1070536",[52],[59],{"url":77,"sources":78,"tags":79},"https://bugzilla.suse.com/1075428",[52],[59],{"url":81,"sources":82,"tags":83},"https://bugzilla.suse.com/1076847",[52],[59],{"url":85,"sources":86,"tags":87},"https://bugzilla.suse.com/1077560",[52],[59],{"url":89,"sources":90,"tags":91},"https://bugzilla.suse.com/1082153",[52],[59],{"url":93,"sources":94,"tags":95},"https://bugzilla.suse.com/1082299",[52],[59],{"url":97,"sources":98,"tags":99},"https://bugzilla.suse.com/1083125",[52],[59],{"url":101,"sources":102,"tags":103},"https://bugzilla.suse.com/1083745",[52],[59],{"url":105,"sources":106,"tags":107},"https://bugzilla.suse.com/1083836",[52],[59],{"url":109,"sources":110,"tags":111},"https://bugzilla.suse.com/1084353",[52],[59],{"url":113,"sources":114,"tags":115},"https://bugzilla.suse.com/1084610",[52],[59],{"url":117,"sources":118,"tags":119},"https://bugzilla.suse.com/1084721",[52],[59],{"url":121,"sources":122,"tags":123},"https://bugzilla.suse.com/1084829",[52],[59],{"url":125,"sources":126,"tags":127},"https://bugzilla.suse.com/1085042",[52],[59],{"url":129,"sources":130,"tags":131},"https://bugzilla.suse.com/1085185",[52],[59],{"url":133,"sources":134,"tags":135},"https://bugzilla.suse.com/1085224",[52],[59],{"url":137,"sources":138,"tags":139},"https://bugzilla.suse.com/1085402",[52],[59],{"url":141,"sources":142,"tags":143},"https://bugzilla.suse.com/1085404",[52],[59],{"url":145,"sources":146,"tags":147},"https://bugzilla.suse.com/1086162",[52],[59],{"url":149,"sources":150,"tags":151},"https://bugzilla.suse.com/1086194",[52],[59],{"url":153,"sources":154,"tags":155},"https://bugzilla.suse.com/1087088",[52],[59],{"url":157,"sources":158,"tags":159},"https://bugzilla.suse.com/1087260",[52],[59],{"url":161,"sources":162,"tags":163},"https://bugzilla.suse.com/1087845",[52],[59],{"url":165,"sources":166,"tags":167},"https://bugzilla.suse.com/1088241",[52],[59],{"url":169,"sources":170,"tags":171},"https://bugzilla.suse.com/1088242",[52],[59],{"url":173,"sources":174,"tags":175},"https://bugzilla.suse.com/1088600",[52],[59],{"url":177,"sources":178,"tags":179},"https://bugzilla.suse.com/1088684",[52],[59],{"url":181,"sources":182,"tags":183},"https://bugzilla.suse.com/1089198",[52],[59],{"url":185,"sources":186,"tags":187},"https://bugzilla.suse.com/1089608",[52],[59],{"url":189,"sources":190,"tags":191},"https://bugzilla.suse.com/1089644",[52],[59],{"url":193,"sources":194,"tags":195},"https://bugzilla.suse.com/1089752",[52],[59],{"url":197,"sources":198,"tags":199},"https://bugzilla.suse.com/1090643",[52],[59],{"url":201,"sources":202,"tags":203},"https://www.suse.com/security/cve/CVE-2017-18257",[52],[204],"WEB",{"url":206,"sources":207,"tags":208},"https://www.suse.com/security/cve/CVE-2018-10087",[52],[204],{"url":210,"sources":211,"tags":212},"https://www.suse.com/security/cve/CVE-2018-10124",[52],[204],{"url":214,"sources":215,"tags":216},"https://www.suse.com/security/cve/CVE-2018-1087",[52],[204],{"url":218,"sources":219,"tags":220},"https://www.suse.com/security/cve/CVE-2018-7740",[52],[204],{"url":222,"sources":223,"tags":224},"https://www.suse.com/security/cve/CVE-2018-8043",[52],[204],{"url":226,"sources":227,"tags":228},"https://www.suse.com/security/cve/CVE-2018-8781",[52],[204],{"url":230,"sources":231,"tags":232},"https://www.suse.com/security/cve/CVE-2018-8822",[52],[204],{"url":234,"sources":235,"tags":236},"https://www.suse.com/security/cve/CVE-2018-8897",[52],[204],[],[],[],[241,254,258,262,266,271,275,279,283,288,292,296,300,307,311,315],{"ecosystem":242,"name":243,"vendor":244,"product":245,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":245,"source":9,"versions":247},"SUSE Linux Enterprise","kernel-default","suse","kernel-default&distro=SUSE Enterprise Storage 4","rpm",[248],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},"lt4_4_121_92_73_1",true,"ecosystem","4.4.121-92.73.1","excluding",{"ecosystem":242,"name":243,"vendor":244,"product":255,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":255,"source":9,"versions":256},"kernel-default&distro=SUSE Linux Enterprise Server 12 SP2-LTSS",[257],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":243,"vendor":244,"product":259,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":259,"source":9,"versions":260},"kernel-default&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2",[261],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":243,"vendor":244,"product":263,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":263,"source":9,"versions":264},"kernel-default&distro=SUSE OpenStack Cloud 7",[265],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":267,"vendor":244,"product":268,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":268,"source":9,"versions":269},"kernel-source","kernel-source&distro=SUSE Enterprise Storage 4",[270],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":267,"vendor":244,"product":272,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":272,"source":9,"versions":273},"kernel-source&distro=SUSE Linux Enterprise Server 12 SP2-LTSS",[274],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":267,"vendor":244,"product":276,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":276,"source":9,"versions":277},"kernel-source&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2",[278],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":267,"vendor":244,"product":280,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":280,"source":9,"versions":281},"kernel-source&distro=SUSE OpenStack Cloud 7",[282],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":284,"vendor":244,"product":285,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":285,"source":9,"versions":286},"kernel-syms","kernel-syms&distro=SUSE Enterprise Storage 4",[287],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":284,"vendor":244,"product":289,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":289,"source":9,"versions":290},"kernel-syms&distro=SUSE Linux Enterprise Server 12 SP2-LTSS",[291],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":284,"vendor":244,"product":293,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":293,"source":9,"versions":294},"kernel-syms&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2",[295],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":284,"vendor":244,"product":297,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":297,"source":9,"versions":298},"kernel-syms&distro=SUSE OpenStack Cloud 7",[299],{"version":249,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":252,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":301,"vendor":244,"product":302,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":302,"source":9,"versions":303},"kgraft-patch-SLE12-SP2_Update_21","kgraft-patch-SLE12-SP2_Update_21&distro=SUSE Enterprise Storage 4",[304],{"version":305,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":306,"version_end_type":253,"fixed_in":9},"lt1_3_3_1","1-3.3.1",{"ecosystem":242,"name":301,"vendor":244,"product":308,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":308,"source":9,"versions":309},"kgraft-patch-SLE12-SP2_Update_21&distro=SUSE Linux Enterprise Server 12 SP2-LTSS",[310],{"version":305,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":306,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":301,"vendor":244,"product":312,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":312,"source":9,"versions":313},"kgraft-patch-SLE12-SP2_Update_21&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP2",[314],{"version":305,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":306,"version_end_type":253,"fixed_in":9},{"ecosystem":242,"name":301,"vendor":244,"product":316,"cpe_part":9,"purl_type":246,"purl_namespace":244,"purl_name":316,"source":9,"versions":317},"kgraft-patch-SLE12-SP2_Update_21&distro=SUSE OpenStack Cloud 7",[318],{"version":305,"is_range":250,"range_type":251,"version_start":9,"version_start_type":9,"version_end":306,"version_end_type":253,"fixed_in":9}]