{"id":"SUSE-SU-2016:3188-1","summary":"Security update for the Linux Kernel","details":"\nThe SUSE Linux Enterprise 12 SP 2 kernel was updated to fix two security issues.\n\nThe following security bugs were fixed:\n\n- CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).\n- CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).\n","modified":"2026-02-04T03:17:42.594484Z","published":"2016-12-16T16:05:14Z","related":["CVE-2016-9576","CVE-2016-9794"],"upstream":["CVE-2016-9576","CVE-2016-9794"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2016/suse-su-20163188-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1013533"},{"type":"REPORT","url":"https://bugzilla.suse.com/1013604"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9576"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2016-9794"}],"affected":[{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-source":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-extra":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-source","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-source":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-extra":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-syms","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-source":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-extra":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-xen","ecosystem":"SUSE:Linux Enterprise Desktop 12 SP1","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-source":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-extra":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kgraft-patch-SLE12-SP1_Update_11","ecosystem":"SUSE:Linux Enterprise Live Patching 12","purl":"pkg:rpm/suse/kgraft-patch-SLE12-SP1_Update_11&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2012"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1-2.1"}]}],"ecosystem_specific":{"binaries":[{"kgraft-patch-3_12_67-60_64_24-xen":"1-2.1","kgraft-patch-3_12_67-60_64_24-default":"1-2.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-ec2","ecosystem":"SUSE:Linux Enterprise Module for Public Cloud 12","purl":"pkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-ec2-extra":"3.12.67-60.64.24.1","kernel-ec2":"3.12.67-60.64.24.1","kernel-ec2-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-docs","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP1","purl":"pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.3"}]}],"ecosystem_specific":{"binaries":[{"kernel-obs-build":"3.12.67-60.64.24.1","kernel-docs":"3.12.67-60.64.24.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-obs-build","ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP1","purl":"pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-obs-build":"3.12.67-60.64.24.1","kernel-docs":"3.12.67-60.64.24.3"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Server 12 SP1","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-man":"3.12.67-60.64.24.1","kernel-source":"3.12.67-60.64.24.1","kernel-default-base":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-base":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-source","ecosystem":"SUSE:Linux Enterprise Server 12 SP1","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-man":"3.12.67-60.64.24.1","kernel-source":"3.12.67-60.64.24.1","kernel-default-base":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-base":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-syms","ecosystem":"SUSE:Linux Enterprise Server 12 SP1","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-man":"3.12.67-60.64.24.1","kernel-source":"3.12.67-60.64.24.1","kernel-default-base":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-base":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-xen","ecosystem":"SUSE:Linux Enterprise Server 12 SP1","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-man":"3.12.67-60.64.24.1","kernel-source":"3.12.67-60.64.24.1","kernel-default-base":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-base":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-man":"3.12.67-60.64.24.1","kernel-source":"3.12.67-60.64.24.1","kernel-default-base":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-base":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-source","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","purl":"pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-man":"3.12.67-60.64.24.1","kernel-source":"3.12.67-60.64.24.1","kernel-default-base":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-base":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-syms","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","purl":"pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-man":"3.12.67-60.64.24.1","kernel-source":"3.12.67-60.64.24.1","kernel-default-base":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-base":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-xen","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","purl":"pkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-man":"3.12.67-60.64.24.1","kernel-source":"3.12.67-60.64.24.1","kernel-default-base":"3.12.67-60.64.24.1","kernel-xen":"3.12.67-60.64.24.1","kernel-xen-base":"3.12.67-60.64.24.1","kernel-macros":"3.12.67-60.64.24.1","kernel-syms":"3.12.67-60.64.24.1","kernel-default-devel":"3.12.67-60.64.24.1","kernel-default":"3.12.67-60.64.24.1","kernel-xen-devel":"3.12.67-60.64.24.1","kernel-devel":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}},{"package":{"name":"kernel-default","ecosystem":"SUSE:Linux Enterprise Workstation Extension 12 SP1","purl":"pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.67-60.64.24.1"}]}],"ecosystem_specific":{"binaries":[{"kernel-default-extra":"3.12.67-60.64.24.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2016:3188-1.json"}}],"schema_version":"1.7.3"}