{"id":"SUSE-SU-2016:3146-1","summary":"Security update for the Linux Kernel","details":"\nThe SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues.\n\nThe following security bugs were fixed:\n\n- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).\n- CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).\n","modified":"2026-02-04T04:16:15.607609Z","published":"2016-12-13T21:35:47Z","related":["CVE-2016-9576","CVE-2016-9794"],"upstream":["CVE-2016-9576","CVE-2016-9794"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20163146-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1013533"},{"type":"REPORT","url":"https://bugzilla.suse.com/1013604"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9576"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9794"}],"affected":[{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP2","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-devel":"4.4.21-90.1","kernel-default-extra":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-source","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP2","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-devel":"4.4.21-90.1","kernel-default-extra":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-syms","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP2","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-devel":"4.4.21-90.1","kernel-default-extra":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise High Availability Extension 12 SP2","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"dlm-kmp-default":"4.4.21-90.1","cluster-md-kmp-default":"4.4.21-90.1","ocfs2-kmp-default":"4.4.21-90.1","cluster-network-kmp-default":"4.4.21-90.1","gfs2-kmp-default":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kgraft-patch-SLE12-SP2_Update_3","ecosystem":"SUSE:Linux Enterprise Live Patching 12","purl":"pkg:rpm/suse/kgraft-patch-SLE12-SP2_Update_3&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1-2.3"}]}],"ecosystem_specific":{"binaries":[{"kgraft-patch-4_4_21-90-default":"1-2.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-devel":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-source","ecosystem":"SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-devel":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-syms","ecosystem":"SUSE:Linux Enterprise Server for Raspberry Pi 12 SP2","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-devel":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-docs","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP2","purl":"pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.3"}]}],"ecosystem_specific":{"binaries":[{"kernel-obs-build":"4.4.21-90.1","kernel-docs":"4.4.21-90.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-obs-build","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP2","purl":"pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-obs-build":"4.4.21-90.1","kernel-docs":"4.4.21-90.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Server 12 SP2","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-devel":"4.4.21-90.1","kernel-default-man":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-default-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-source","ecosystem":"SUSE:Linux Enterprise Server 12 SP2","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-devel":"4.4.21-90.1","kernel-default-man":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-default-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-syms","ecosystem":"SUSE:Linux Enterprise Server 12 SP2","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-devel":"4.4.21-90.1","kernel-default-man":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-default-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-devel":"4.4.21-90.1","kernel-default-man":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-default-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-source","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-devel":"4.4.21-90.1","kernel-default-man":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-default-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-syms","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP2","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-devel":"4.4.21-90.1","kernel-default-man":"4.4.21-90.1","kernel-source":"4.4.21-90.1","kernel-default-base":"4.4.21-90.1","kernel-macros":"4.4.21-90.1","kernel-syms":"4.4.21-90.1","kernel-default":"4.4.21-90.1","kernel-default-devel":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}},{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Workstation Extension 12 SP2","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.21-90.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-extra":"4.4.21-90.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3146-1.json"}}],"schema_version":"1.7.3"}