955354 – (CVE-2015-8215) VUL-1: CVE-2015-8215: kernel: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does notvalidate attempted cha...

Bug 955354 (CVE-2015-8215) - VUL-1: CVE-2015-8215: kernel: net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does notvalidate attempted cha...

Summary: VUL-1: CVE-2015-8215: kernel: net/ipv6/addrconf.c in the IPv6 stack in the Li...

Status:	RESOLVED FIXED

Alias:	CVE-2015-8215

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Deadline:	2016-01-26
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/158876/
Whiteboard:	CVSSv2:SUSE:CVE-2015-8215:3.3:(AV:A/A...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2015-11-17 09:09 UTC by Sebastian Krahmer
Modified:	2016-10-26 16:13 UTC (History)
CC List:	6 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sebastian Krahmer 2015-11-17 09:09:14 UTC

CVE-2015-8215

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not
validate attempted changes to the MTU value, which allows context-dependent
attackers to cause a denial of service (packet loss) via a value that is (1)
smaller than the minimum compliant value or (2) larger than the MTU of an
interface, as demonstrated by a Router Advertisement (RA) message that is not
validated by a daemon, a different vulnerability than CVE-2015-0272.  NOTE: the
scope of CVE-2015-0272 is limited to the NetworkManager product.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8215
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77751427a1ff25b27d47a4c36b12c3c8667855ac
https://bugs.launchpad.net/bugs/1500810
https://github.com/torvalds/linux/commit/77751427a1ff25b27d47a4c36b12c3c8667855ac

Comment 2 Swamp Workflow Management 2015-11-17 23:00:53 UTC

bugbot adjusting priority

Comment 3 Michal Kubeček 2015-11-18 06:11:27 UTC

I'm a bit confused here. We already added the MTU sanity check to all our
maintained kernel branches in bsc#944296 (a.k.a. CVE-2015-0272) so that there
is nothing left to be done in kernel. And if you opened another bug to fix
userspace daemons (which NetworkManager maintainer refused to do in his
package, BtW), why does this bug have "Kernel" component and is assigned to
kernel-maintainers?

Comment 4 Sebastian Krahmer 2015-11-18 13:19:12 UTC

No, its a kernel patch as can be seen from the git url (but
my own opinion is that NM is broken if it doesnt
check MTU itself and blindly passes it to sysctl). Nevertheless
upstream tracks this as a kernel bug.

And its also different from CVE-2015-0272, as it reads in the NVD
info text. But that might be misleading because of their "scoping".

I dont know if we already included the sysctl patch along with bsc#944296 (The gmane link shows the same patch as the torvalds git). If we already included that, it should all be fixed and it can be closed as INVALID.

Comment 5 Michal Kubeček 2015-11-18 19:41:44 UTC

I'll add the references to this bug and CVE-2015-8215 to the (kernel) patch
added for bsc#944296 and close as duplicate of bsc#944296 (unless Security
team preferes otherwise).

(In reply to Sebastian Krahmer from comment #4)
> but my own opinion is that NM is broken if it doesnt check MTU itself and
> blindly passes it to sysctl).

I wrote in bug 944296 comment 12 that I believed both NetworkManager and
kernel should be patched - and I still do. Not my call, however.

Comment 6 Marcus Meissner 2015-11-18 20:19:07 UTC

I think the older CVE was assnigned to NetworkManager and this is for the Kernel.

We were originally confused which was which I remember. :/

Comment 9 Swamp Workflow Management 2015-12-17 15:21:37 UTC

SUSE-SU-2015:2292-1: An update that solves 7 vulnerabilities and has 54 fixes is now available.

Category: security (important)
Bug References: 758040,814440,904348,921949,924493,926238,933514,936773,939826,939926,940776,941113,941202,943959,944296,947241,947478,949100,949192,949706,949744,949936,950013,950580,950750,950998,951110,951165,951440,951638,951864,952384,952666,953717,953826,953830,953971,953980,954635,954986,955136,955148,955224,955354,955422,955533,955644,956047,956053,956147,956284,956703,956711,956717,956801,956876,957395,957546,958504,958510,958647
CVE References: CVE-2015-0272,CVE-2015-2925,CVE-2015-5156,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8215
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    kernel-default-3.12.51-60.20.2
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    kernel-docs-3.12.51-60.20.2, kernel-obs-build-3.12.51-60.20.1
SUSE Linux Enterprise Server 12-SP1 (src):    kernel-default-3.12.51-60.20.2, kernel-source-3.12.51-60.20.2, kernel-syms-3.12.51-60.20.2, kernel-xen-3.12.51-60.20.2
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.51-60.20.2
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP1_Update_1-1-4.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    kernel-default-3.12.51-60.20.2, kernel-source-3.12.51-60.20.2, kernel-syms-3.12.51-60.20.2, kernel-xen-3.12.51-60.20.2

Comment 10 Michal Kubeček 2015-12-18 13:47:47 UTC

References update submitted to (hopefully) all affected branches. Closing
and reassigning to Security team.

Comment 11 Swamp Workflow Management 2015-12-23 17:28:39 UTC

SUSE-SU-2015:2350-1: An update that solves 10 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 814440,879378,879381,900610,904348,904965,921081,926709,926774,930145,930770,930788,930835,932805,935053,935123,935757,937256,937444,937969,937970,938706,939207,939826,939926,939955,940017,940913,940946,941202,942938,943786,944677,944831,944837,944989,944993,945691,945825,945827,946078,946214,946309,947957,948330,948347,948521,949100,949298,949502,949706,949744,949936,949981,950298,950750,950998,951440,952084,952384,952579,952976,953527,953799,953980,954404,954628,954950,954984,955354,955673,956709
CVE References: CVE-2015-0272,CVE-2015-5157,CVE-2015-5307,CVE-2015-6937,CVE-2015-7509,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-48.1, kernel-rt_trace-3.0.101.rt130-48.1, kernel-source-rt-3.0.101.rt130-48.1, kernel-syms-rt-3.0.101.rt130-48.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-48.1, kernel-rt_debug-3.0.101.rt130-48.1, kernel-rt_trace-3.0.101.rt130-48.1

Comment 14 Swamp Workflow Management 2016-01-19 15:16:47 UTC

An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2016-01-26.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/62452

Comment 17 Swamp Workflow Management 2016-02-01 15:26:11 UTC

openSUSE-SU-2016:0301-1: An update that solves 57 vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 814440,851610,869564,873385,906545,907818,909077,909477,911326,912202,915517,915577,917830,918333,919007,919018,919463,919596,921313,921949,922583,922936,922944,926238,926240,927780,927786,928130,929525,930399,931988,932348,933896,933904,933907,933934,935542,935705,936502,936831,937032,937033,937969,938706,940338,944296,945825,947155,949936,950998,951194,951440,951627,952384,952579,952976,953052,953527,954138,954404,955224,955354,955422,956708,956934,957988,957990,958504,958510,958886,958951,959190,959399,959568,960839,961509,961739,962075
CVE References: CVE-2014-2568,CVE-2014-8133,CVE-2014-8989,CVE-2014-9090,CVE-2014-9419,CVE-2014-9529,CVE-2014-9683,CVE-2014-9715,CVE-2014-9728,CVE-2014-9729,CVE-2014-9730,CVE-2014-9731,CVE-2015-0272,CVE-2015-0777,CVE-2015-1420,CVE-2015-1421,CVE-2015-2041,CVE-2015-2042,CVE-2015-2150,CVE-2015-2666,CVE-2015-2830,CVE-2015-2922,CVE-2015-2925,CVE-2015-3212,CVE-2015-3339,CVE-2015-3636,CVE-2015-4001,CVE-2015-4002,CVE-2015-4003,CVE-2015-4004,CVE-2015-4036,CVE-2015-4167,CVE-2015-4692,CVE-2015-4700,CVE-2015-5157,CVE-2015-5283,CVE-2015-5307,CVE-2015-5364,CVE-2015-5366,CVE-2015-5707,CVE-2015-6937,CVE-2015-7550,CVE-2015-7799,CVE-2015-7833,CVE-2015-7872,CVE-2015-7885,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.22.2, crash-7.0.2-2.22.2, hdjmod-1.28-16.22.2, ipset-6.21.1-2.26.2, iscsitarget-1.4.20.3-13.22.2, kernel-debug-3.11.10-32.1, kernel-default-3.11.10-32.1, kernel-desktop-3.11.10-32.1, kernel-docs-3.11.10-32.3, kernel-ec2-3.11.10-32.1, kernel-pae-3.11.10-32.1, kernel-source-3.11.10-32.1, kernel-syms-3.11.10-32.1, kernel-trace-3.11.10-32.1, kernel-vanilla-3.11.10-32.1, kernel-xen-3.11.10-32.1, ndiswrapper-1.58-22.1, pcfclock-0.44-258.22.1, vhba-kmp-20130607-2.23.1, virtualbox-4.2.36-2.55.1, xen-4.3.4_10-56.1, xtables-addons-2.3-2.22.1

Comment 18 Swamp Workflow Management 2016-02-03 14:16:54 UTC

openSUSE-SU-2016:0318-1: An update that solves 19 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 814440,906545,912202,921949,937969,937970,938706,944296,945825,949936,950998,951627,951638,952384,952579,952976,953527,954138,954404,955224,955354,955422,956708,956934,957988,957990,958504,958510,958886,958951,959190,959399,959568,960839,961509,961739,962075
CVE References: CVE-2014-8989,CVE-2014-9529,CVE-2015-5157,CVE-2015-5307,CVE-2015-6937,CVE-2015-7550,CVE-2015-7799,CVE-2015-7885,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2016-0728
Sources used:
openSUSE 13.2 (src):    bbswitch-0.8-3.15.1, cloop-2.639-14.15.1, crash-7.0.8-15.1, hdjmod-1.28-18.16.1, ipset-6.23-15.1, kernel-debug-3.16.7-32.1, kernel-default-3.16.7-32.1, kernel-desktop-3.16.7-32.1, kernel-docs-3.16.7-32.2, kernel-ec2-3.16.7-32.1, kernel-obs-build-3.16.7-32.2, kernel-obs-qa-3.16.7-32.1, kernel-obs-qa-xen-3.16.7-32.1, kernel-pae-3.16.7-32.1, kernel-source-3.16.7-32.1, kernel-syms-3.16.7-32.1, kernel-vanilla-3.16.7-32.1, kernel-xen-3.16.7-32.1, pcfclock-0.44-260.15.1, vhba-kmp-20140629-2.15.1, virtualbox-4.3.34-37.1, xen-4.4.3_08-38.1, xtables-addons-2.6-15.1

Comment 19 Swamp Workflow Management 2016-02-05 20:27:30 UTC

SUSE-SU-2016:0354-1: An update that solves 9 vulnerabilities and has 54 fixes is now available.

Category: security (important)
Bug References: 777565,814440,900610,904348,904965,920016,923002,926007,926709,926774,930145,930788,932350,932805,933721,935053,935757,936118,937969,937970,938706,939207,939826,939926,939955,940017,940925,941202,942204,942305,942367,942605,942688,942938,943786,944296,944831,944837,944989,944993,945691,945825,945827,946078,946309,947957,948330,948347,948521,949100,949298,949502,949706,949744,949981,951440,952084,952384,952579,953527,953980,954404,955354
CVE References: CVE-2015-0272,CVE-2015-5157,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP3 (src):    kernel-rt-3.0.101.rt130-0.33.44.2, kernel-rt_trace-3.0.101.rt130-0.33.44.2, kernel-source-rt-3.0.101.rt130-0.33.44.2, kernel-syms-rt-3.0.101.rt130-0.33.44.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-rt-3.0.101.rt130-0.33.44.2, kernel-rt_trace-3.0.101.rt130-0.33.44.2

Comment 20 Swamp Workflow Management 2016-02-25 20:18:16 UTC

SUSE-SU-2016:0585-1: An update that solves 17 vulnerabilities and has 54 fixes is now available.

Category: security (important)
Bug References: 812259,855062,867583,899908,902606,924919,935087,937261,937444,938577,940338,940946,941363,942476,943989,944749,945649,947953,949440,949936,950292,951199,951392,951615,952579,952976,954992,955118,955354,955654,956514,956708,957525,957988,957990,958463,958886,958951,959090,959146,959190,959257,959364,959399,959436,959463,959629,960221,960227,960281,960300,961202,961257,961500,961509,961516,961588,961971,962336,962356,962788,962965,963449,963572,963765,963767,963825,964230,964821,965344,965840
CVE References: CVE-2013-7446,CVE-2015-0272,CVE-2015-5707,CVE-2015-7550,CVE-2015-7799,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8569,CVE-2015-8575,CVE-2015-8660,CVE-2015-8767,CVE-2015-8785,CVE-2016-0723,CVE-2016-2069
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    kernel-default-3.12.53-60.30.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    kernel-docs-3.12.53-60.30.2, kernel-obs-build-3.12.53-60.30.2
SUSE Linux Enterprise Server 12-SP1 (src):    kernel-default-3.12.53-60.30.1, kernel-source-3.12.53-60.30.1, kernel-syms-3.12.53-60.30.1, kernel-xen-3.12.53-60.30.1, lttng-modules-2.7.0-3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.53-60.30.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP1_Update_3-1-2.1
SUSE Linux Enterprise Desktop 12-SP1 (src):    kernel-default-3.12.53-60.30.1, kernel-source-3.12.53-60.30.1, kernel-syms-3.12.53-60.30.1, kernel-xen-3.12.53-60.30.1

Comment 21 Swamp Workflow Management 2016-05-03 17:14:15 UTC

SUSE-SU-2016:1203-1: An update that solves 41 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 758040,781018,879378,879381,904035,924919,934787,935123,937444,939955,940017,940413,940913,940946,941514,942082,946122,947128,948330,949298,949752,949936,950750,950998,951392,952976,954628,955308,955354,955654,955673,956375,956514,956707,956708,956709,956852,956949,957988,957990,958463,958886,958906,958912,958951,959190,959312,959399,959705,960857,961500,961509,961512,961516,961518,963276,963765,963767,963998,964201,965319,965923,966437,966693,967863,967972,967973,967974,967975,968010,968011,968012,968013,968141,968670,969307,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971360,973570,974646,975945
CVE References: CVE-2013-7446,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8550,CVE-2015-8551,CVE-2015-8552,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-3955
Sources used:
SUSE OpenStack Cloud 5 (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Manager Proxy 2.1 (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Manager 2.1 (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-source-3.0.101-0.47.79.1, kernel-syms-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-ppc64-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.79.1, kernel-default-3.0.101-0.47.79.1, kernel-ec2-3.0.101-0.47.79.1, kernel-pae-3.0.101-0.47.79.1, kernel-trace-3.0.101-0.47.79.1, kernel-xen-3.0.101-0.47.79.1

Comment 22 Swamp Workflow Management 2016-08-15 14:12:52 UTC

SUSE-SU-2016:2074-1: An update that solves 48 vulnerabilities and has 13 fixes is now available.

Category: security (important)
Bug References: 816446,861093,928130,935757,939826,942367,945825,946117,946309,948562,949744,949936,951440,952384,953527,954404,955354,955654,956708,956709,958463,958886,958951,959190,959399,961500,961509,961512,963765,963767,964201,966437,966460,966662,966693,967972,967973,967974,967975,968010,968011,968012,968013,968670,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971126,971360,972510,973570,975945,977847,978822
CVE References: CVE-2013-2015,CVE-2013-7446,CVE-2015-0272,CVE-2015-3339,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-4486
Sources used:
SUSE Linux Enterprise Server 11-SP2-LTSS (src):    kernel-default-3.0.101-0.7.40.1, kernel-ec2-3.0.101-0.7.40.1, kernel-pae-3.0.101-0.7.40.1, kernel-source-3.0.101-0.7.40.1, kernel-syms-3.0.101-0.7.40.1, kernel-trace-3.0.101-0.7.40.1, kernel-xen-3.0.101-0.7.40.1
SUSE Linux Enterprise Debuginfo 11-SP2 (src):    kernel-default-3.0.101-0.7.40.1, kernel-ec2-3.0.101-0.7.40.1, kernel-pae-3.0.101-0.7.40.1, kernel-trace-3.0.101-0.7.40.1, kernel-xen-3.0.101-0.7.40.1

Comment 23 Swamp Workflow Management 2016-10-26 16:13:40 UTC

openSUSE-SU-2016:2649-1: An update that solves 49 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1004418,758540,816446,861093,917648,928130,935757,939826,942367,944296,945825,946117,946309,948562,949744,949936,951440,952384,953527,954404,955354,955654,956708,956709,958463,958886,958951,959190,959399,961500,961509,961512,963765,963767,964201,966437,966460,966662,966693,967972,967973,967974,967975,968010,968011,968012,968013,968670,969356,970504,970892,970909,970911,970948,970956,970958,970970,971124,971125,971126,971360,972510,973570,975945,977847,978822
CVE References: CVE-2013-7446,CVE-2015-0272,CVE-2015-1339,CVE-2015-3339,CVE-2015-5307,CVE-2015-6252,CVE-2015-6937,CVE-2015-7509,CVE-2015-7515,CVE-2015-7550,CVE-2015-7566,CVE-2015-7799,CVE-2015-7872,CVE-2015-7990,CVE-2015-8104,CVE-2015-8215,CVE-2015-8539,CVE-2015-8543,CVE-2015-8569,CVE-2015-8575,CVE-2015-8767,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2016-0723,CVE-2016-2069,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-4486,CVE-2016-5195
Sources used:
openSUSE Evergreen 11.4 (src):    kernel-debug-3.0.101-105.1, kernel-default-3.0.101-105.1, kernel-desktop-3.0.101-105.1, kernel-docs-3.0.101-105.2, kernel-ec2-3.0.101-105.1, kernel-pae-3.0.101-105.1, kernel-source-3.0.101-105.1, kernel-syms-3.0.101-105.1, kernel-trace-3.0.101-105.1, kernel-vanilla-3.0.101-105.1, kernel-vmi-3.0.101-105.1, kernel-xen-3.0.101-105.1, preload-1.2-6.83.1