Lucene search

K
suse
SuseOPENSUSE-SU-2016:3021-1
HistoryDec 06, 2016 - 1:08 p.m.

Security update for the Linux Kernel (important)

2016-12-0613:08:43
lists.opensuse.org
45

0.004 Low

EPSS

Percentile

72.1%

The openSUSE 13.1 kernel was updated to 3.12.67 to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2013-5634: arch/arm/kvm/arm.c in the Linux kernel on the ARM
    platform, when KVM is used, allowed host OS users to cause a denial of
    service (NULL pointer dereference, OOPS, and host OS crash) or possibly
    have unspecified other impact by omitting vCPU initialization before a
    KVM_GET_REG_LIST ioctl call. (bsc#994758)
  • CVE-2016-2069: Race condition in arch/x86/mm/tlb.c in the Linux kernel
    allowed local users to gain privileges by triggering access to a paging
    structure by a different CPU (bnc#963767).
  • CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in
    the Linux kernel used an incorrect buffer size for certain timeout data,
    which allowed local users to cause a denial of service (stack memory
    corruption and panic) by reading the /proc/keys file (bnc#1004517).
  • CVE-2016-7097: The filesystem implementation in the Linux kernel
    preserved the setgid bit during a setxattr call, which allowed local
    users to gain group privileges by leveraging the existence of a setgid
    program with restrictions on execute permissions (bnc#995968).
  • CVE-2015-8956: The rfcomm_sock_bind function in
    net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to
    obtain sensitive information or cause a denial of service (NULL pointer
    dereference) via vectors involving a bind system call on a Bluetooth
    RFCOMM socket (bnc#1003925).
  • CVE-2016-8658: Stack-based buffer overflow in the
    brcmf_cfg80211_start_ap function in
    drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux
    kernel allowed local users to cause a denial of service (system crash)
    or possibly have unspecified other impact via a long SSID Information
    Element in a command to a Netlink socket (bnc#1004462).
  • CVE-2016-7425: The arcmsr_iop_message_xfer function in
    drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a
    certain length field, which allowed local users to gain privileges or
    cause a denial of service (heap-based buffer overflow) via an
    ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).
  • CVE-2016-6327: drivers/infiniband/ulp/srpt/ib_srpt.c in the Linux kernel
    allowed local users to cause a denial of service (NULL pointer
    dereference and system crash) by using an ABORT_TASK command to abort a
    device write operation (bnc#994748).
  • CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in
    the Linux kernel did not properly maintain certain SACK state after a
    failed data copy, which allowed local users to cause a denial of service
    (tcp_xmit_retransmit_queue use-after-free and system crash) via a
    crafted SACK option (bnc#994296).
  • CVE-2016-5696: net/ipv4/tcp_input.c in the Linux kernel did not properly
    determine the rate of challenge ACK segments, which made it easier for
    remote attackers to hijack TCP sessions via a blind in-window attack
    (bnc#989152).
  • CVE-2016-6130: Race condition in the sclp_ctl_ioctl_sccb function in
    drivers/s390/char/sclp_ctl.c in the Linux kernel allowed local users to
    obtain sensitive information from kernel memory by changing a certain
    length value, aka a "double fetch" vulnerability (bnc#987542).
  • CVE-2016-6480: Race condition in the ioctl_send_fib function in
    drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users
    to cause a denial of service (out-of-bounds access or system crash) by
    changing a certain size value, aka a "double fetch" vulnerability
    (bnc#991608).

The following non-security bugs were fixed:

  • aacraid: Fix RRQ overload (bsc#1003079).
  • acpi / pm: Ignore wakeup setting if the ACPI companion can’t wake up
    (FATE#315621).
  • af_vsock: Shrink the area influenced by prepare_to_wait (bsc#994520).
  • apparmor: add missing id bounds check on dfa verification (bsc#1000304).
  • apparmor: check that xindex is in trans_table bounds (bsc#1000304).
  • apparmor: do not check for vmalloc_addr if kvzalloc() failed
    (bsc#1000304).
  • apparmor: do not expose kernel stack (bsc#1000304).
  • apparmor: ensure the target profile name is always audited (bsc#1000304).
  • apparmor: exec should not be returning ENOENT when it denies
    (bsc#1000304).
  • apparmor: fix arg_size computation for when setprocattr is null
    terminated (bsc#1000304).
  • apparmor: fix audit full profile hname on successful load (bsc#1000304).
  • apparmor: fix change_hat not finding hat after policy replacement
    (bsc#1000287).
  • apparmor: fix disconnected bind mnts reconnection (bsc#1000304).
  • apparmor: fix log failures for all profiles in a set (bsc#1000304).
  • apparmor: fix module parameters can be changed after policy is locked
    (bsc#1000304).
  • apparmor: fix oops in profile_unpack() when policy_db is not present
    (bsc#1000304).
  • apparmor: fix oops, validate buffer size in apparmor_setprocattr()
    (bsc#1000304).
  • apparmor: fix put() parent ref after updating the active ref
    (bsc#1000304).
  • apparmor: fix refcount bug in profile replacement (bsc#1000304).
  • apparmor: fix refcount race when finding a child profile (bsc#1000304).
  • apparmor: fix replacement bug that adds new child to old parent
    (bsc#1000304).
  • apparmor: fix uninitialized lsm_audit member (bsc#1000304).
  • apparmor: fix update the mtime of the profile file on replacement
    (bsc#1000304).
  • apparmor: internal paths should be treated as disconnected (bsc#1000304).
  • apparmor: use list_next_entry instead of list_entry_next (bsc#1000304).
  • arm64: Ensure pmd_present() returns false after pmd_mknotpresent()
    (Automatic NUMA Balancing (fate#315482)).
  • arm64: mm: remove broken &= operator from pmd_mknotpresent (Automatic
    NUMA Balancing (fate#315482)).
  • avoid dentry crash triggered by NFS (bsc#984194).
  • be2net: Do not leak iomapped memory on removal (bsc#921784 FATE#318561).
  • be2net: fix BE3-R FW download compatibility check (bsc#921784
    FATE#318561).
  • be2net: fix wrong return value in be_check_ufi_compatibility()
    (bsc#921784 FATE#318561).
  • be2net: remove vlan promisc capability from VF’s profile descriptors
    (bsc#921784 FATE#318561).
  • blacklist.conf:
  • blacklist.conf: 78f3d050c34b We do not support fsl hardware
  • blacklist.conf: add 5195c14c8b27 (reverted and superseded by a commit we
    already have)
  • blacklist.conf: Add entry for 7bf52fb891b64b8d61caf0b82060adb9db761aec
    The commit 7bf52fb891b6 ("mm: vmscan: reclaim highmem zone if
    buffer_heads is over limit") is unnecessary as the fix is also available
    from commit d4debc66d1fc ("vmscan: remove unnecessary temporary vars in
    do_try_to_free_pages").
  • blacklist.conf: add pointless networking follow-up fixes
  • blacklist.conf: Add two fanotify commits which we do not need (fixes tag
    was not quite accurate)
  • blacklist.conf: Blacklist unsupported architectures
  • blkfront: fix an error path memory leak (luckily none so far).
  • blk-mq: fix undefined behaviour in order_to_size() (fate#315209).
  • blktap2: eliminate deadlock potential from shutdown path (bsc#909994).
  • blktap2: eliminate race from deferred work queue handling (bsc#911687).
  • bond: Check length of IFLA_BOND_ARP_IP_TARGET attributes (fate#316924).
  • bonding: always set recv_probe to bond_arp_rcv in arp monitor
    (bsc#977687).
  • bonding: fix curr_active_slave/carrier with loadbalance arp monitoring
    (fate#316924).
  • bonding: Prevent IPv6 link local address on enslaved devices
    (fate#316924).
  • bonding: prevent out of bound accesses (fate#316924).
  • bonding: set carrier off for devices created through netlink
    (bsc#999577).
  • btrfs: account for non-CoW’d blocks in btrfs_abort_transaction
    (bsc#983619).
  • btrfs: add missing discards when unpinning extents with -o discard
    (bsc#904489).
  • btrfs: btrfs_issue_discard ensure offset/length are aligned to sector
    boundaries (bsc#904489).
  • btrfs: do not create or leak aliased root while cleaning up orphans
    (bsc#904489).
  • btrfs: ensure that file descriptor used with subvol ioctls is a dir
    (bsc#999600).
  • btrfs: explictly delete unused block groups in close_ctree and
    ro-remount (bsc#904489).
  • btrfs: Fix a data space underflow warning (bsc#985562, bsc#975596,
    bsc#984779)
  • btrfs: fix fitrim discarding device area reserved for boot loader’s use
    (bsc#904489).
  • btrfs: handle quota reserve failure properly (bsc#1005666).
  • btrfs: iterate over unused chunk space in FITRIM (bsc#904489).
  • btrfs: make btrfs_issue_discard return bytes discarded (bsc#904489).
  • btrfs: properly track when rescan worker is running (bsc#989953).
  • btrfs: remove unnecessary locking of cleaner_mutex to avoid deadlock
    (bsc#904489).
  • btrfs: reorder patches to place local patches back at the end of the
    series
  • btrfs: skip superblocks during discard (bsc#904489).
  • btrfs: test_check_exists: Fix infinite loop when searching for free
    space entries (bsc#987192).
  • btrfs: waiting on qgroup rescan should not always be interruptible
    (bsc#992712).
  • cdc-acm: added sanity checking for probe() (bsc#993891).
  • cephfs: ignore error from invalidate_inode_pages2_range() in direct
    write (bsc#995153).
  • cephfs: remove warning when ceph_releasepage() is called on dirty page
    (bsc#995153).
  • clockevents: export clockevents_unbind_device instead of
    clockevents_unbind (bnc#937888).
  • conntrack: RFC5961 challenge ACK confuse conntrack LAST-ACK transition
    (bsc#966864).
  • cpumask, nodemask: implement cpumask/nodemask_pr_args() (bnc1003866).
  • cxgbi: fix uninitialized flowi6 (bsc#924384 FATE#318570 bsc#921338).
  • dm: fix AB-BA deadlock in __dm_destroy(). (bsc#970943)
  • drivers/hv: share Hyper-V SynIC constants with userspace (bnc#937888).
  • drivers: hv: vmbus: avoid scheduling in interrupt context in
    vmbus_initiate_unload() (bnc#937888).
  • drivers: hv: vmbus: avoid unneeded compiler optimizations in
    vmbus_wait_for_unload() (bnc#937888).
  • drivers: hv: vmbus: avoid wait_for_completion() on crash (bnc#937888).
  • drivers: hv: vmbus: Cleanup vmbus_set_event() (bnc#937888).
  • drivers: hv: vmbus: do not loose HVMSG_TIMER_EXPIRED messages
    (bnc#937888).
  • drivers: hv: vmbus: do not manipulate with clocksources on crash
    (bnc#937888).
  • drivers: hv: vmbus: Force all channel messages to be delivered on CPU 0
    (bnc#937888).
  • drivers: hv: vmbus: Get rid of the unused irq variable (bnc#937888).
  • drivers: hv: vmbus: handle various crash scenarios (bnc#937888).
  • drivers: hv: vmbus: remove code duplication in message handling
    (bnc#937888).
  • drivers: hv: vmbus: Support handling messages on multiple CPUs
    (bnc#937888).
  • drivers: hv: vmbus: Support kexec on ws2012 r2 and above (bnc#937888).
  • efi: Small leak on error in runtime map code (fate#315019).
  • ext2: Enable ext2 driver in config files (bsc#976195, fate#320805)
  • ext4: Add parameter for tuning handling of ext2 (bsc#976195).
  • Fix kabi change cause by adding flock_owner to open_context (bsc#998689).
  • fix pCPU handling (luckily none so far).
  • fix xfs-handle-dquot-buffer-readahead-in-log-recovery-co.patch
    (bsc#1003153).
  • fs/cifs: cifs_get_root shouldn’t use path with tree name (bsc#963655,
    bsc#979681).
  • fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).
  • fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).
  • fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).
  • fs/cifs: make share unaccessible at root level mountable (bsc#799133).
  • fs/cifs: Move check for prefix path to within cifs_get_root()
    (bsc#799133).
  • fs/cifs: REVERT fix wrongly prefixed path to root (bsc#963655,
    bsc#979681)
  • fs/select: add vmalloc fallback for select(2) (bsc#1000189).
  • ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short
    jumps to it (bsc#984419).
  • hyperv: enable call to clockevents_unbind_device in kexec/kdump path
  • hyperv: replace KEXEC_CORE by plain KEXEC because we lack 2965faa5e0 in
    the base kernel
  • i40e: fix an uninitialized variable bug (bnc#857397 FATE#315659).
  • ib/IWPM: Fix a potential skb leak (bsc#924381 FATE#318568 bsc#921338).
  • ib/mlx5: Fix RC transport send queue overhead computation (bnc#865545
    FATE#316891).
  • introduce NETIF_F_GSO_ENCAP_ALL helper mask (bsc#1001486).
  • iommu/amd: Update Alias-DTE in update_device_table() (bsc#975772).
  • ipv6: fix multipath route replace error recovery (bsc#930399).
  • ipv6: KABI workaround for ipv6: add complete rcu protection around
    np->opt.
  • ipv6: send NEWLINK on RA managed/otherconf changes (bsc#934067).
  • ipv6: send only one NEWLINK when RA causes changes (bsc#934067).
  • iscsi: Add a missed complete in iscsit_close_connection (bsc#992555,
    bsc#987805).
  • iwlwifi: dvm: fix flush support for old firmware (bsc#940545).
  • kabi: clockevents: export clockevents_unbind again.
  • kabi: hide harmless change in struct inet_connection_sock (fate#318553).
  • kABI: protect backing-dev include in mm/migrate.
  • kABI: protect enum usb_device_speed.
  • kABI: protect struct mlx5_modify_qp_mbox_in.
  • kABI: protect struct mmc_packed (kabi).
  • kabi: work around kabi changes from commit 53f9ff48f636 (bsc#988617).
  • kaweth: fix firmware download (bsc#993890).
  • kaweth: fix oops upon failed memory allocation (bsc#993890).
  • kernel/fork: fix CLONE_CHILD_CLEARTID regression in nscd (bnc#941420).
  • kernel/printk/printk.c: fix faulty logic in the case of recursive printk
    (bnc#744692, bnc#789311).
  • kvm: do not handle APIC access page if in-kernel irqchip is not in use
    (bsc#959463).
  • kvm: vmx: defer load of APIC access page address during reset
    (bsc#959463).
  • libceph: enable large, variable-sized OSD requests (bsc#988715).
  • libceph: make r_request msg_size calculation clearer (bsc#988715).
  • libceph: move r_reply_op_{len,result} into struct ceph_osd_req_op
    (bsc#988715).
  • libceph: osdc->req_mempool should be backed by a slab pool (bsc#988715).
  • libceph: rename ceph_osd_req_op::payload_len to indata_len (bsc#988715).
  • libfc: do not send ABTS when resetting exchanges (bsc#962846).
  • libfc: Do not take rdata->rp_mutex when processing a -FC_EX_CLOSED ELS
    response (bsc#962846).
  • libfc: Fixup disc_mutex handling (bsc#962846).
  • libfc: fixup locking of ptp_setup() (bsc#962846).
  • libfc: Issue PRLI after a PRLO has been received (bsc#962846).
  • libfc: reset exchange manager during LOGO handling (bsc#962846).
  • libfc: Revisit kref handling (bnc#990245).
  • libfc: sanity check cpu number extracted from xid (bsc#988440).
  • libfc: send LOGO for PLOGI failure (bsc#962846).
  • lib/vsprintf: implement bitmap printing through ‘%*pb[l]’ (bnc#1003866).
  • md: check command validity early in md_ioctl() (bsc#1004520).
  • md: Drop sending a change uevent when stopping (bsc#1003568).
  • md: lockless I/O submission for RAID1 (bsc#982783).
  • md/raid5: fix a recently broken BUG_ON() (bsc#1006691).
  • memcg: convert threshold to bytes (bnc#931454).
  • memcg: fix thresholds for 32b architectures (bnc#931454).
  • mm, cma: prevent nr_isolated_* counters from going negative (bnc#971975
    VM performance – git fixes).
  • mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED
    (VM Functionality, bnc#986445).
  • module: Issue warnings when tainting kernel (bsc#974406).
  • mpt2sas, mpt3sas: Fix panic when aer correct error occurred (bsc#997708).
  • mpt3sas: Update
    patches.drivers/mpt3sas-Fix-use-sas_is_tlr_enabled-API-before-enabli.patch
    (bsc#967640, bsc#992244).
  • msi-x: fix an error path (luckily none so far).
  • netback: fix flipping mode (bsc#996664).
  • netback: fix refounting (bsc#978094).
  • netfront: do not truncate grant references.
  • netfront: use correct linear area after linearizing an skb (bsc#1007886).
  • nfs4: reset states to use open_stateid when returning delegation
    voluntarily (bsc#1003400).
  • nfs: Add a stub for GETDEVICELIST (bnc#898675).
  • nfs: Do not write enable new pages while an invalidation is proceeding
    (bsc#999584).
  • nfsd: Use free_conn to free connection (bsc#979451).
  • nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).
  • nfs: Fix a regression in the read() syscall (bsc#999584).
  • nfs: fix BUG() crash in notify_change() with patch to chown_common()
    (bnc#876463).
  • nfs: fix pg_test page count calculation (bnc#898675).
  • nfs: nfs4_fl_prepare_ds must be careful about reporting success
    (bsc#1000776).
  • nfsv4: add flock_owner to open context (bnc#998689).
  • nfsv4: change nfs4_do_setattr to take an open_context instead of a
    nfs4_state (bnc#998689).
  • nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of
    lock_owner (bnc#998689).
  • nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is
    one (bnc#998689).
  • nfsv4: Ensure nfs_atomic_open set the dentry verifier on ENOENT
    (bnc#866130).
  • oom: print nodemask in the oom report (bnc#1003866).
  • packet: tpacket_snd(): fix signed/unsigned comparison (bsc#874131).
  • perf/x86/intel: Fix bug for "cycles:p" and "cycles:pp" on SLM
    (bsc#997896).
  • pm / hibernate: Fix 2G size issue of snapshot image verification
    (bsc#1004252).
  • pm / hibernate: Fix rtree_next_node() to avoid walking off list ends
    (bnc#860441).
  • powerpc: add kernel parameter iommu_alloc_quiet (bsc#998825).
  • printk: add kernel parameter to control writes to /dev/kmsg (bsc#979928).
  • qgroup: Prevent qgroup->reserved from going subzero (bsc#993841).
  • qlcnic: potential NULL dereference in
    qlcnic_83xx_get_minidump_template() (bsc#922064 FATE#318609)
  • radeon: avoid boot hang in Xen Dom0 (luckily none so far).
  • ratelimit: extend to print suppressed messages on release (bsc#979928).
  • ratelimit: fix bug in time interval by resetting right begin time
    (bsc#979928).
  • rbd: truncate objects on cmpext short reads (bsc#988715).
  • rcu: Fix improper use or RCU in
    patches.kabi/ipv6-add-complete-rcu-protection-around-np-opt.kabi.patch.
    (bsc#961257)
  • Refresh patches.suse/CFS-0259-ceph-Asynchronous-IO-support.patch. After
    a write, we must free the ‘request’, not the ‘response’. This error
    crept in during the backport. bsc#995153
  • Refresh patches.xen/xen3-patch-3.9 (bsc#991247).
  • Rename
    patches.xen/xen3-kgr-{0107,1003}-reserve-a-place-in-thread_struct-for-stori
    ng-RIP.patch to match its non-Xen counterpart.
  • Revert "can: dev: fix deadlock reported after bus-off".
  • Revert "Input: i8042 - break load dependency between atkbd/psmouse and
    i8042".
  • Revert "Input: i8042 - set up shared ps2_cmd_mutex for AUX ports".
  • rpm/config.sh: do not prepend "60." to release string This is needed for
    SLE maintenance workflow, no need for that in evergreen-13.1.
  • rpm/config.sh: Set the SP1 release string to 60.<RELEASE> (bsc#997059)
  • rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059)
  • rtnetlink: avoid 0 sized arrays (fate#316924).
  • s390: add SMT support (bnc#994438, LTC#144756).
  • sched/core: Fix an SMP ordering race in try_to_wake_up() vs. schedule()
    (bnc#1001419).
  • sched/core: Fix a race between try_to_wake_up() and a woken up task
    (bsc#1002165, bsc#1001419).
  • scsi: ibmvfc: add FC Class 3 Error Recovery support (bsc#984992).
  • scsi: ibmvfc: Fix I/O hang when port is not mapped (bsc#971989)
  • scsi: ibmvfc: Set READ FCP_XFER_READY DISABLED bit in PRLI (bsc#984992).
  • sd: Fix memory leak caused by RESET_WP patch (bsc#999779).
  • squashfs3: properly handle dir_emit() failures (bsc#998795).
  • sunrpc: Add missing support for RPC_CLNT_CREATE_NO_RETRANS_TIMEOUT
    (bnc#868923).
  • sunrpc: Fix a regression when reconnecting (bsc#946309).
  • supported.conf: Add ext2
  • supported.conf: Add iscsi modules to -base (bsc#997299)
  • supported.conf: Add tun to -base (bsc#992593)
  • supported.conf: Add veth to -base (bsc#992591)
  • target: Fix missing complete during ABORT_TASK + CMD_T_FABRIC_STOP
    (bsc#987621).
  • target: Fix race between iscsi-target connection shutdown + ABORT_TASK
    (bsc#987621).
  • tcp: add proper TS val into RST packets (bsc#937086).
  • tcp: align tcp_xmit_size_goal() on tcp_tso_autosize() (bsc#937086).
  • tcp: fix child sockets to use system default congestion control if not
    set (fate#318553).
  • tcp: fix cwnd limited checking to improve congestion control
    (bsc#988617).
  • tcp: refresh skb timestamp at retransmit time (bsc#937086).
  • timers: Use proper base migration in add_timer_on() (bnc#993392).
  • tunnels: Do not apply GRO to multiple layers of encapsulation
    (bsc#1001486).
  • tunnels: Remove encapsulation offloads on decap (bsc#1001486).
  • Update patches.kabi/kabi.clockevents_unbind.patch (bnc#937888).
  • uprobes: Fix the memcg accounting (bnc#931454).
  • usb: fix typo in wMaxPacketSize validation (bsc#991665).
  • usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).
  • usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices
    (bsc#922634).
  • usb: validate wMaxPacketValue entries in endpoint descriptors
    (bnc#991665).
  • vmxnet3: Wake queue from reset work (bsc#999907).
  • x86/tlb/trace: Do not trace on CPU that is offline (TLB Performance
    git-fixes).
  • xenbus: do not invoke ->is_ready() for most device states (bsc#987333).
  • xenbus: inspect the correct type in xenbus_dev_request_and_reply().
  • xen: Linux 3.12.63.
  • xen: Linux 3.12.64.
  • xen/pciback: Fix conf_space read/write overlap check.
  • xen-pciback: return proper values during BAR sizing.
  • xen: x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
  • xfs: fixed signedness of error code in xfs_inode_buf_verify
    (bsc#1003153).
  • xfs: handle dquot buffer readahead in log recovery correctly
    (bsc#955446).
  • xfs: Silence warnings in xfs_vm_releasepage() (bnc#915183 bsc#987565).
  • xhci: silence warnings in switch (bnc#991665).

References

Use Vulners API to create your own security tool

API usage cases
  • Network scanning
  • Linux Patch management
  • Threat protection
  • No network audit solution

Ways of integration

Integrate Vulners API

0.004 Low

EPSS

Percentile

72.1%

Related for OPENSUSE-SU-2016:3021-1