Bugzilla – Bug 958463
VUL-0: CVE-2015-8539: kernel: Fix handling of stored error in a negatively instantiated user key
Last modified: 2020-06-16 22:06:03 UTC
via oss-sec, no cve yet. From: Wade Mealing <wmealing@redhat.com> Subject: [oss-security] CVE request - Linux kernel - Fix handling of stored error in a negatively instantiated user key Date: Tue, 8 Dec 2015 20:32:03 -0500 (EST) Gday, A bug was found by Dmitry Vyukov (of Google engineering) in the Linux kernel key management code. A malicious user with a local account may be able to escalate privileges and take control of local system by abusing the user key subsystem. From the patch: -- If a user key gets negatively instantiated, an error code is cached in the payload area. A negatively instantiated key may be then be positively instantiated by updating it with valid data. However, the ->update key type method must be aware that the error code may be there. -- The paging address is predictable and mappable as userspace memory and can be used by abused by an attacker to escalate privileges. This is not the same issue as CVE-2015-7872, this issue persists after the fix is applied. I have only seen this affected on the 4.4 release candidates. Thanks, Wade Mealing Upstream fix ------------ - https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=096fe9eaea40a17e125569f9e657e34cdb6d73bd Red Hat Bugzilla: - https://bugzilla.redhat.com/show_bug.cgi?id=1284450
CVE-2015-8539 was assigned
QA REPRODUCER: keyctl request2 user user "" @u keyctl add user user "a" @u and keyctl request2 trusted user "" @u keyctl add trusted user "a" @u This should also affect encrypted keys - but that has to be correctly parameterised or it will fail with EINVAL before getting to the bit that will crashes.
even sles10 sp3 looks affected.
Created attachment 659363 [details] 0001-KEYS-Fix-handling-of-stored-error-in-a-negatively-in.patch Backported patch 096fe9ea to SLE12/SLE12 SP1 kernel.
Created attachment 659376 [details] 0001-KEYS-Fix-handling-of-stored-error-in-a-negatively-in-sle12.patch Backported patch for SLE12/SLE12 SP1.
Created attachment 659379 [details] 0001-KEYS-Fix-handling-of-stored-error-in-a-negatively-in-sle11.patch Backported patch to SLE-11 SP3/SP4 kernel.
I can not reproduce issue after applied patch to SLE12-SP1 kernel. It works.
Ok, please queue the fix for all relevant trees then. Thanks.
Backported patch be merged to cve/linux-3.0 branch: commit 037884fb929e5b2831471b6237bc60f1a282077a Author: Lee, Chun-Yi <jlee@suse.com> Date: Thu Dec 17 05:42:46 2015 +0800 KEYS: Fix handling of stored error in a negatively instantiated user key (bnc#958463, CVE-2015-8539). I also sent patch to SLE12, waiting merge.
SLE11 SP3/SLE11 SP4: commit 037884fb929e5b2831471b6237bc60f1a282077a Author: Lee, Chun-Yi <jlee@suse.com> Date: Thu Dec 17 05:42:46 2015 +0800 KEYS: Fix handling of stored error in a negatively instantiated user key (bnc#958463, CVE-2015-8539). SLE12/SLE12 SP1: commit 96706a00bb7db6126fc0f833f7dda4fca44c5da2 Author: Lee, Chun-Yi <jlee@suse.com> Date: Mon Dec 21 19:25:17 2015 +0800 KEYS: Fix handling of stored error in a negatively instantiated user key (bnc#958463, CVE-2015-8539).
I also sent patch to openSUSE 42.1 and stable kernel, waiting merge.
(In reply to Joey Lee from comment #17) > I also sent patch to openSUSE 42.1 and stable kernel, waiting merge. Merged to openSUSE kernel: openSUSE 42.1: commit 5ade12eb8738dc4792f48539686ee2082c5ed5ab Author: Lee, Chun-Yi <jlee@suse.com> Date: Wed Dec 30 16:59:10 2015 +0800 KEYS: Fix handling of stored error in a negatively instantiated user key (bnc#958463, CVE-2015-8539OD). Stable: commit 008195af0bd30b4154392c382ad19eb6248fdeb1 Author: Lee, Chun-Yi <jlee@suse.com> Date: Wed Dec 30 17:32:09 2015 +0800 KEYS: Fix handling of stored error in a negatively instantiated user key (bnc#958463, CVE-2015-8539OD).
Backported patch got merged to SLE and openSUSE. Set this issue to FIXED.
SUSE-SU-2016:0168-1: An update that solves 8 vulnerabilities and has 26 fixes is now available. Category: security (important) Bug References: 758040,902606,924919,935087,937261,943959,945649,949440,951155,951199,951392,951615,951638,952579,952976,956708,956801,956876,957395,957546,957988,957990,958463,958504,958510,958647,958886,958951,959190,959364,959399,959436,959705,960300 CVE References: CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575 Sources used: SUSE Linux Enterprise Workstation Extension 12 (src): kernel-default-3.12.51-52.34.1 SUSE Linux Enterprise Software Development Kit 12 (src): kernel-docs-3.12.51-52.34.3, kernel-obs-build-3.12.51-52.34.1 SUSE Linux Enterprise Server 12 (src): kernel-default-3.12.51-52.34.1, kernel-source-3.12.51-52.34.1, kernel-syms-3.12.51-52.34.1, kernel-xen-3.12.51-52.34.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.51-52.34.1 SUSE Linux Enterprise Live Patching 12 (src): kgraft-patch-SLE12_Update_10-1-2.1 SUSE Linux Enterprise Desktop 12 (src): kernel-default-3.12.51-52.34.1, kernel-source-3.12.51-52.34.1, kernel-syms-3.12.51-52.34.1, kernel-xen-3.12.51-52.34.1
openSUSE-SU-2016:0280-1: An update that solves 10 vulnerabilities and has 18 fixes is now available. Category: security (important) Bug References: 865096,865259,913996,950178,950998,952621,954324,954532,954647,955422,956708,957152,957988,957990,958439,958463,958504,958510,958886,958951,959190,959399,960021,960710,961263,961509,962075,962597 CVE References: CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728 Sources used: openSUSE Leap 42.1 (src): kernel-debug-4.1.15-8.1, kernel-default-4.1.15-8.1, kernel-docs-4.1.15-8.3, kernel-ec2-4.1.15-8.1, kernel-obs-build-4.1.15-8.2, kernel-obs-qa-4.1.15-8.1, kernel-obs-qa-xen-4.1.15-8.1, kernel-pae-4.1.15-8.1, kernel-pv-4.1.15-8.1, kernel-source-4.1.15-8.1, kernel-syms-4.1.15-8.1, kernel-vanilla-4.1.15-8.1, kernel-xen-4.1.15-8.1
SUSE-SU-2016:0585-1: An update that solves 17 vulnerabilities and has 54 fixes is now available. Category: security (important) Bug References: 812259,855062,867583,899908,902606,924919,935087,937261,937444,938577,940338,940946,941363,942476,943989,944749,945649,947953,949440,949936,950292,951199,951392,951615,952579,952976,954992,955118,955354,955654,956514,956708,957525,957988,957990,958463,958886,958951,959090,959146,959190,959257,959364,959399,959436,959463,959629,960221,960227,960281,960300,961202,961257,961500,961509,961516,961588,961971,962336,962356,962788,962965,963449,963572,963765,963767,963825,964230,964821,965344,965840 CVE References: CVE-2013-7446,CVE-2015-0272,CVE-2015-5707,CVE-2015-7550,CVE-2015-7799,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8569,CVE-2015-8575,CVE-2015-8660,CVE-2015-8767,CVE-2015-8785,CVE-2016-0723,CVE-2016-2069 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP1 (src): kernel-default-3.12.53-60.30.1 SUSE Linux Enterprise Software Development Kit 12-SP1 (src): kernel-docs-3.12.53-60.30.2, kernel-obs-build-3.12.53-60.30.2 SUSE Linux Enterprise Server 12-SP1 (src): kernel-default-3.12.53-60.30.1, kernel-source-3.12.53-60.30.1, kernel-syms-3.12.53-60.30.1, kernel-xen-3.12.53-60.30.1, lttng-modules-2.7.0-3.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.53-60.30.1 SUSE Linux Enterprise Live Patching 12 (src): kgraft-patch-SLE12-SP1_Update_3-1-2.1 SUSE Linux Enterprise Desktop 12-SP1 (src): kernel-default-3.12.53-60.30.1, kernel-source-3.12.53-60.30.1, kernel-syms-3.12.53-60.30.1, kernel-xen-3.12.53-60.30.1
SUSE-SU-2016:0911-1: An update that solves 23 vulnerabilities and has 42 fixes is now available. Category: security (important) Bug References: 758040,904035,912738,915183,924919,933782,937444,940017,940946,942082,947128,948330,949298,951392,951815,952976,953369,954992,955308,955654,955837,955925,956084,956375,956514,956708,956949,957986,957988,957990,958000,958463,958886,958906,958912,958951,959190,959312,959399,959649,959705,961500,961509,961516,961658,962965,963276,963561,963765,963767,964201,964818,966094,966137,966437,966693,967042,967972,967973,967974,967975,968011,968012,968013,969307 CVE References: CVE-2013-7446,CVE-2015-7515,CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2016-0723,CVE-2016-2069,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): kernel-docs-3.0.101-71.2 SUSE Linux Enterprise Server 11-SP4 (src): kernel-default-3.0.101-71.1, kernel-ec2-3.0.101-71.1, kernel-pae-3.0.101-71.1, kernel-ppc64-3.0.101-71.1, kernel-source-3.0.101-71.1, kernel-syms-3.0.101-71.1, kernel-trace-3.0.101-71.1, kernel-xen-3.0.101-71.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-default-3.0.101-71.1, kernel-pae-3.0.101-71.1, kernel-ppc64-3.0.101-71.1, kernel-trace-3.0.101-71.1, kernel-xen-3.0.101-71.1 SUSE Linux Enterprise Desktop 11-SP4 (src): kernel-default-3.0.101-71.1, kernel-pae-3.0.101-71.1, kernel-source-3.0.101-71.1, kernel-syms-3.0.101-71.1, kernel-trace-3.0.101-71.1, kernel-xen-3.0.101-71.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-default-3.0.101-71.1, kernel-ec2-3.0.101-71.1, kernel-pae-3.0.101-71.1, kernel-ppc64-3.0.101-71.1, kernel-trace-3.0.101-71.1, kernel-xen-3.0.101-71.1 Product List: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-EXTRA SUSE Linux Enterprise Desktop 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4
openSUSE-SU-2016:1008-1: An update that solves 15 vulnerabilities and has 26 fixes is now available. Category: security (important) Bug References: 814440,884701,949936,951440,951542,951626,951638,953527,954018,954404,954405,954876,958439,958463,958504,959709,960561,960563,960710,961263,961500,961509,962257,962866,962977,963746,963765,963767,963931,965125,966137,966179,966259,966437,966684,966693,968018,969356,969582,970845,971125 CVE References: CVE-2015-1339,CVE-2015-7799,CVE-2015-7872,CVE-2015-7884,CVE-2015-8104,CVE-2015-8709,CVE-2015-8767,CVE-2015-8785,CVE-2015-8787,CVE-2015-8812,CVE-2016-0723,CVE-2016-2069,CVE-2016-2184,CVE-2016-2383,CVE-2016-2384 Sources used: openSUSE Leap 42.1 (src): kernel-debug-4.1.20-11.1, kernel-default-4.1.20-11.1, kernel-docs-4.1.20-11.3, kernel-ec2-4.1.20-11.1, kernel-obs-build-4.1.20-11.2, kernel-obs-qa-4.1.20-11.1, kernel-obs-qa-xen-4.1.20-11.1, kernel-pae-4.1.20-11.1, kernel-pv-4.1.20-11.1, kernel-source-4.1.20-11.1, kernel-syms-4.1.20-11.1, kernel-vanilla-4.1.20-11.1, kernel-xen-4.1.20-11.1
SUSE-SU-2016:1102-1: An update that solves 23 vulnerabilities and has 43 fixes is now available. Category: security (important) Bug References: 758040,904035,912738,915183,924919,933782,937444,940017,940946,942082,947128,948330,949298,951392,951815,952976,953369,954992,955308,955654,955837,955925,956084,956375,956514,956708,956949,957986,957988,957990,958000,958463,958886,958906,958912,958951,959190,959312,959399,959649,959705,961500,961509,961516,961658,962965,963276,963561,963765,963767,964201,964818,966094,966137,966437,966693,967042,967972,967973,967974,967975,968011,968012,968013,969307,969571 CVE References: CVE-2013-7446,CVE-2015-7515,CVE-2015-7550,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2016-0723,CVE-2016-2069,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549 Sources used: SUSE Linux Enterprise Real Time Extension 11-SP4 (src): kernel-rt-3.0.101.rt130-51.1, kernel-rt_trace-3.0.101.rt130-51.1, kernel-source-rt-3.0.101.rt130-51.1, kernel-syms-rt-3.0.101.rt130-51.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-rt-3.0.101.rt130-51.1, kernel-rt_debug-3.0.101.rt130-51.1, kernel-rt_trace-3.0.101.rt130-51.1
SUSE-SU-2016:1203-1: An update that solves 41 vulnerabilities and has 49 fixes is now available. Category: security (important) Bug References: 758040,781018,879378,879381,904035,924919,934787,935123,937444,939955,940017,940413,940913,940946,941514,942082,946122,947128,948330,949298,949752,949936,950750,950998,951392,952976,954628,955308,955354,955654,955673,956375,956514,956707,956708,956709,956852,956949,957988,957990,958463,958886,958906,958912,958951,959190,959312,959399,959705,960857,961500,961509,961512,961516,961518,963276,963765,963767,963998,964201,965319,965923,966437,966693,967863,967972,967973,967974,967975,968010,968011,968012,968013,968141,968670,969307,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971360,973570,974646,975945 CVE References: CVE-2013-7446,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-3955 Sources used: SUSE OpenStack Cloud 5 (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Manager Proxy 2.1 (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Manager 2.1 (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-ppc64-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE-SU-2016:1937-1: An update that solves 24 vulnerabilities and has 76 fixes is now available. Category: security (important) Bug References: 662458,676471,897662,928547,944309,945345,947337,950998,951844,953048,953233,954847,956491,957805,957986,957990,958390,958463,960857,962742,962846,963762,964727,965087,966245,967640,968667,969016,970114,970506,970604,970609,970948,971049,971770,971947,972124,972933,973378,973499,973570,974165,974308,974620,974646,974692,975533,975772,975788,976739,976821,976868,977417,977582,977685,978401,978469,978527,978822,979169,979213,979347,979419,979485,979489,979521,979548,979867,979879,979922,980246,980348,980371,980706,981038,981143,981344,982282,982354,982544,982698,983143,983213,983318,983394,983721,983904,983977,984148,984456,984755,985232,985978,986362,986569,986572,986811,988215,988498,988552 CVE References: CVE-2014-9717,CVE-2014-9904,CVE-2015-7833,CVE-2015-8539,CVE-2015-8551,CVE-2015-8552,CVE-2015-8845,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-2847,CVE-2016-3672,CVE-2016-3707,CVE-2016-4470,CVE-2016-4482,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4805,CVE-2016-4997,CVE-2016-5244,CVE-2016-5828,CVE-2016-5829 Sources used: SUSE Linux Enterprise Real Time Extension 12-SP1 (src): kernel-compute-3.12.61-60.18.1, kernel-compute_debug-3.12.61-60.18.1, kernel-rt-3.12.61-60.18.1, kernel-rt_debug-3.12.61-60.18.1, kernel-source-rt-3.12.61-60.18.1, kernel-syms-rt-3.12.61-60.18.1
SUSE-SU-2016:2074-1: An update that solves 48 vulnerabilities and has 13 fixes is now available. Category: security (important) Bug References: 816446,861093,928130,935757,939826,942367,945825,946117,946309,948562,949744,949936,951440,952384,953527,954404,955354,955654,956708,956709,958463,958886,958951,959190,959399,961500,961509,961512,963765,963767,964201,966437,966460,966662,966693,967972,967973,967974,967975,968010,968011,968012,968013,968670,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971126,971360,972510,973570,975945,977847,978822 CVE References: CVE-2013-2015,CVE-2013-7446,CVE-2015-0272,CVE-2015-3339,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-4486 Sources used: SUSE Linux Enterprise Server 11-SP2-LTSS (src): kernel-default-3.0.101-0.7.40.1, kernel-ec2-3.0.101-0.7.40.1, kernel-pae-3.0.101-0.7.40.1, kernel-source-3.0.101-0.7.40.1, kernel-syms-3.0.101-0.7.40.1, kernel-trace-3.0.101-0.7.40.1, kernel-xen-3.0.101-0.7.40.1 SUSE Linux Enterprise Debuginfo 11-SP2 (src): kernel-default-3.0.101-0.7.40.1, kernel-ec2-3.0.101-0.7.40.1, kernel-pae-3.0.101-0.7.40.1, kernel-trace-3.0.101-0.7.40.1, kernel-xen-3.0.101-0.7.40.1
openSUSE-SU-2016:2649-1: An update that solves 49 vulnerabilities and has 17 fixes is now available. Category: security (important) Bug References: 1004418,758540,816446,861093,917648,928130,935757,939826,942367,944296,945825,946117,946309,948562,949744,949936,951440,952384,953527,954404,955354,955654,956708,956709,958463,958886,958951,959190,959399,961500,961509,961512,963765,963767,964201,966437,966460,966662,966693,967972,967973,967974,967975,968010,968011,968012,968013,968670,969356,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971126,971360,972510,973570,975945,977847,978822 CVE References: CVE-2013-7446,CVE-2015-0272,CVE-2015-1339,CVE-2015-3339,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-4486,CVE-2016-5195 Sources used: openSUSE Evergreen 11.4 (src): kernel-debug-3.0.101-105.1, kernel-default-3.0.101-105.1, kernel-desktop-3.0.101-105.1, kernel-docs-3.0.101-105.2, kernel-ec2-3.0.101-105.1, kernel-pae-3.0.101-105.1, kernel-source-3.0.101-105.1, kernel-syms-3.0.101-105.1, kernel-trace-3.0.101-105.1, kernel-vanilla-3.0.101-105.1, kernel-vmi-3.0.101-105.1, kernel-xen-3.0.101-105.1, preload-1.2-6.83.1