{"affected":[{"ecosystem_specific":{"binaries":[{"kernel-firmware":"20140807git-5.8.1","ucode-amd":"20140807git-5.8.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12-LTSS","name":"kernel-firmware","purl":"pkg:rpm/suse/kernel-firmware&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"20140807git-5.8.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for kernel-firmware fixes the following issues:\n\n- CVE-2015-1142857: Add 7.13.1.0 bnx2x firmware files for ethernet flow control\n  vulnerability in SRIOV devices (bsc#1077355)\n- CVE-2017-5715: Prevent unauthorized disclosure of information to an attacker\n  with local user access caused by speculative execution and indirect branch\n  prediction (bsc#1095735).\n","id":"SUSE-SU-2018:1567-1","modified":"2018-06-07T11:43:17Z","published":"2018-06-07T11:43:17Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2018/suse-su-20181567-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1077355"},{"type":"REPORT","url":"https://bugzilla.suse.com/1095735"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2015-1142857"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2017-5715"}],"related":["CVE-2015-1142857","CVE-2017-5715"],"summary":"Security update for kernel-firmware","upstream":["CVE-2015-1142857","CVE-2017-5715"]}