Bug 1062604 (CVE-2017-12188)

Summary: VUL-0: CVE-2017-12188: kernel-source: kvm: MMU potential stack buffer overrun during page walks
Product: [Novell Products] SUSE Security Incidents Reporter: Alexander Bergmann <abergmann>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: brogers, jroedel, meissner, mhocko, smash_bz, tiwai
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/193097/
Whiteboard: CVSSv2:SUSE:CVE-2017-12188:6.5:(AV:A/AC:H/Au:S/C:C/I:C/A:C) CVSSv3:SUSE:CVE-2017-12188:7.6:(AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexander Bergmann 2017-10-10 16:15:51 UTC 
rh#1500380

Linux kernel built with the KVM virtualisation support(CONFIG_KVM), with
nested virtualisation(nVMX) feature enabled(nested=1), is vulnerable to a
stack buffer overflow issue. It could occur while traversing guest pagetable
entries to resolve guest virtual address(gva).

A L1 guest could use this flaw to crash the host kernel resulting in DoS.
OR potentially execute arbitrary code on the host to gain access to the
host system.

Upstream fixes:
https://patchwork.kernel.org/patch/9996579/
https://patchwork.kernel.org/patch/9996587/

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1500380
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12188
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12188
Comment 1 Marcus Meissner 2017-10-11 09:13:23 UTC 
bruce, can you take this?
Comment 6 Marcus Meissner 2018-07-07 09:09:59 UTC 
https://patchwork.kernel.org/patch/9996587/ has fixes:

6bb69c9b69c315200ddc2bc79aee14c0184cf5b2 is in 4.6 -> 4.11, so none are affected.


commit 829ee279aed43faa5cb1e4d65c0cad52f2426c53
Author: Ladi Prosek <lprosek@redhat.com>
Date:   Thu Oct 5 11:10:23 2017 +0200

    KVM: MMU: always terminate page walks at level 1
    
    is_last_gpte() is not equivalent to the pseudo-code given in commit
    6bb69c9b69c31 ("KVM: MMU: simplify last_pte_bitmap") because an incorrect
    value of last_nonleaf_level may override the result even if level == 1.
    
    It is critical for is_last_gpte() to return true on level == 1 to
    terminate page walks. Otherwise memory corruption may occur as level
    is used as an index to various data structures throughout the page
    walking code.  Even though the actual bug would be wherever the MMU is
    initialized (as in the previous patch), be defensive and ensure here
    that is_last_gpte() returns the correct value.
    
    This patch is also enough to fix CVE-2017-12188.
    
    Fixes: 6bb69c9b69c315200ddc2bc79aee14c0184cf5b2
    Cc: stable@vger.kernel.org
    Cc: Andy Honig <ahonig@google.com>
    Signed-off-by: Ladi Prosek <lprosek@redhat.com>
    [Panic if walk_addr_generic gets an incorrect level; this is a serious
     bug and it's not worth a WARN_ON where the recovery path might hide
     further exploitable issues; suggested by Andrew Honig. - Paolo]
    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>

commit fd19d3b45164466a4adce7cbff448ba9189e1427
Author: Ladi Prosek <lprosek@redhat.com>
Date:   Thu Oct 5 11:10:22 2017 +0200

    KVM: nVMX: update last_nonleaf_level when initializing nested EPT
    
    The function updates context->root_level but didn't call
    update_last_nonleaf_level so the previous and potentially wrong value
    was used for page walks.  For example, a zero value of last_nonleaf_level
    would allow a potential out-of-bounds access in arch/x86/mmu/paging_tmpl.h's
    walk_addr_generic function (CVE-2017-12188).
    
    Fixes: 155a97a3d7c78b46cef6f1a973c831bc5a4f82bb
    Signed-off-by: Ladi Prosek <lprosek@redhat.com>
    Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Comment 7 Marcus Meissner 2018-07-10 10:00:35 UTC 
from live patch bug:

- all SLE12 codestreams lack the offending upstream commit 6bb69c9b69c3 ("KVM:                                                                                                               
MMU: simplify last_pte_bitmap")                                                                                                                                                              
- the first released SLE15 kernel, rpm-4.12.14-23, got the fix with suse-commit                                                                                                              
012351b911de4dd8ae95c926b63f3c6ba31b85ed
Comment 8 Marcus Meissner 2018-08-29 08:43:53 UTC 
ping
Comment 9 Joerg Roedel 2018-08-29 09:42:09 UTC 
(In reply to Marcus Meissner from comment #6)

> commit 829ee279aed43faa5cb1e4d65c0cad52f2426c53
> Author: Ladi Prosek <lprosek@redhat.com>
> Date:   Thu Oct 5 11:10:23 2017 +0200

This patch is needed in all SLE12 code-streams.

> commit fd19d3b45164466a4adce7cbff448ba9189e1427
> Author: Ladi Prosek <lprosek@redhat.com>
> Date:   Thu Oct 5 11:10:22 2017 +0200

This one is needed in all of SLE12 as well.
Comment 10 Joerg Roedel 2018-08-29 12:31:06 UTC 
(In reply to Joerg Roedel from comment #9)
> (In reply to Marcus Meissner from comment #6)
> 
> > commit 829ee279aed43faa5cb1e4d65c0cad52f2426c53
> > Author: Ladi Prosek <lprosek@redhat.com>
> > Date:   Thu Oct 5 11:10:23 2017 +0200
> 
> This patch is needed in all SLE12 code-streams.
> 
> > commit fd19d3b45164466a4adce7cbff448ba9189e1427
> > Author: Ladi Prosek <lprosek@redhat.com>
> > Date:   Thu Oct 5 11:10:22 2017 +0200
> 
> This one is needed in all of SLE12 as well.

Backported and pushed the necessary fixes to SLE12-LTSS, SLE12-SP1-LTSS, SLE12-SP2-LTSS and SLE12-SP3.
Comment 12 Swamp Workflow Management 2018-09-11 15:32:24 UTC 
This is an autogenerated message for OBS integration:
This bug (1062604) was mentioned in
https://build.opensuse.org/request/show/635004 42.3 / kernel-source
Comment 14 Swamp Workflow Management 2018-09-16 13:13:01 UTC 
openSUSE-SU-2018:2738-1: An update that solves 14 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1012382,1015342,1015343,1017967,1019695,1019699,1020412,1021121,1022604,1024361,1024365,1024376,1027968,1030552,1031492,1033962,1042286,1048317,1050431,1053685,1055014,1056596,1062604,1063646,1064232,1065364,1066223,1068032,1068075,1069138,1078921,1080157,1083663,1085042,1085536,1085539,1087092,1089066,1090888,1091171,1091860,1092903,1096254,1096748,1097105,1098253,1098822,1099597,1099810,1099832,1099922,1099999,1100000,1100001,1100132,1101822,1102346,1102486,1102517,1102715,1102797,1104485,1104683,1104897,1105271,1105292,1105296,1105322,1105323,1105392,1105396,1105524,1105536,1105769,1106016,1106105,1106185,1106191,1106229,1106271,1106275,1106276,1106278,1106281,1106283,1106369,1106509,1106511,1106697,1106929,1106934,1106995,1107060,1107078,1107319,1107320,1107689,1107735,1107937,1107966,963575,966170,966172,969470,969476,969477,970506
CVE References: CVE-2018-10902,CVE-2018-10938,CVE-2018-10940,CVE-2018-1128,CVE-2018-1129,CVE-2018-12896,CVE-2018-13093,CVE-2018-13094,CVE-2018-13095,CVE-2018-15572,CVE-2018-16658,CVE-2018-6554,CVE-2018-6555,CVE-2018-9363
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.155-68.1, kernel-default-4.4.155-68.1, kernel-docs-4.4.155-68.1, kernel-obs-build-4.4.155-68.1, kernel-obs-qa-4.4.155-68.1, kernel-source-4.4.155-68.1, kernel-syms-4.4.155-68.1, kernel-vanilla-4.4.155-68.1
Comment 17 Swamp Workflow Management 2018-09-20 22:13:19 UTC 
SUSE-SU-2018:2775-1: An update that solves 21 vulnerabilities and has 98 fixes is now available.

Category: security (important)
Bug References: 1012382,1015342,1015343,1017967,1019695,1019699,1020412,1021121,1022604,1024361,1024365,1024376,1027968,1030552,1031492,1033962,1042286,1048317,1050431,1053685,1055014,1056596,1062604,1063646,1064232,1065364,1066223,1068032,1068075,1069138,1078921,1080157,1083663,1085042,1085536,1085539,1086457,1087092,1089066,1090888,1091171,1091860,1096254,1096748,1097105,1098253,1098822,1099597,1099810,1099811,1099813,1099832,1099844,1099845,1099846,1099849,1099863,1099864,1099922,1099999,1100000,1100001,1100132,1101822,1101841,1102346,1102486,1102517,1102715,1102797,1103269,1103445,1103717,1104319,1104485,1104494,1104495,1104683,1104897,1105271,1105292,1105322,1105323,1105392,1105396,1105524,1105536,1105769,1106016,1106105,1106185,1106229,1106271,1106275,1106276,1106278,1106281,1106283,1106369,1106509,1106511,1106697,1106929,1106934,1106995,1107060,1107078,1107319,1107320,1107689,1107735,1107966,963575,966170,966172,969470,969476,969477,970506
CVE References: CVE-2018-10876,CVE-2018-10877,CVE-2018-10878,CVE-2018-10879,CVE-2018-10880,CVE-2018-10881,CVE-2018-10882,CVE-2018-10883,CVE-2018-10902,CVE-2018-10938,CVE-2018-1128,CVE-2018-1129,CVE-2018-12896,CVE-2018-13093,CVE-2018-13094,CVE-2018-13095,CVE-2018-15572,CVE-2018-16658,CVE-2018-6554,CVE-2018-6555,CVE-2018-9363
Sources used:
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_17-1-4.3.1
Comment 18 Swamp Workflow Management 2018-09-20 22:34:09 UTC 
SUSE-SU-2018:2776-1: An update that solves 21 vulnerabilities and has 98 fixes is now available.

Category: security (important)
Bug References: 1012382,1015342,1015343,1017967,1019695,1019699,1020412,1021121,1022604,1024361,1024365,1024376,1027968,1030552,1031492,1033962,1042286,1048317,1050431,1053685,1055014,1056596,1062604,1063646,1064232,1065364,1066223,1068032,1068075,1069138,1078921,1080157,1083663,1085042,1085536,1085539,1086457,1087092,1089066,1090888,1091171,1091860,1096254,1096748,1097105,1098253,1098822,1099597,1099810,1099811,1099813,1099832,1099844,1099845,1099846,1099849,1099863,1099864,1099922,1099999,1100000,1100001,1100132,1101822,1101841,1102346,1102486,1102517,1102715,1102797,1103269,1103445,1103717,1104319,1104485,1104494,1104495,1104683,1104897,1105271,1105292,1105322,1105323,1105392,1105396,1105524,1105536,1105769,1106016,1106105,1106185,1106229,1106271,1106275,1106276,1106278,1106281,1106283,1106369,1106509,1106511,1106697,1106929,1106934,1106995,1107060,1107078,1107319,1107320,1107689,1107735,1107966,963575,966170,966172,969470,969476,969477,970506
CVE References: CVE-2018-10876,CVE-2018-10877,CVE-2018-10878,CVE-2018-10879,CVE-2018-10880,CVE-2018-10881,CVE-2018-10882,CVE-2018-10883,CVE-2018-10902,CVE-2018-10938,CVE-2018-1128,CVE-2018-1129,CVE-2018-12896,CVE-2018-13093,CVE-2018-13094,CVE-2018-13095,CVE-2018-15572,CVE-2018-16658,CVE-2018-6554,CVE-2018-6555,CVE-2018-9363
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.155-94.50.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.155-94.50.1, kernel-obs-build-4.4.155-94.50.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.155-94.50.1, kernel-source-4.4.155-94.50.1, kernel-syms-4.4.155-94.50.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.155-94.50.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.155-94.50.1, kernel-source-4.4.155-94.50.1, kernel-syms-4.4.155-94.50.1
SUSE CaaS Platform ALL (src):    kernel-default-4.4.155-94.50.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.155-94.50.1
Comment 20 Joerg Roedel 2018-09-24 13:01:09 UTC 
All work done from my side, assigning back.
Comment 21 Swamp Workflow Management 2018-09-25 16:13:50 UTC 
SUSE-SU-2018:2858-1: An update that solves 22 vulnerabilities and has 96 fixes is now available.

Category: security (important)
Bug References: 1012382,1015342,1015343,1017967,1019695,1019699,1020412,1021121,1022604,1024361,1024365,1024376,1027968,1030552,1033962,1042286,1048317,1050431,1053685,1055014,1056596,1062604,1063646,1064232,1065364,1066223,1068032,1068075,1069138,1078921,1080157,1083663,1085042,1085536,1085539,1086457,1087092,1089066,1090888,1091171,1091860,1092903,1096254,1096748,1097105,1098253,1098822,1099597,1099810,1099811,1099813,1099832,1099844,1099845,1099846,1099849,1099863,1099864,1099922,1099999,1100000,1100001,1100132,1101822,1101841,1102346,1102486,1102517,1102715,1102797,1103269,1103445,1104319,1104485,1104494,1104495,1104683,1104897,1105271,1105292,1105322,1105392,1105396,1105524,1105536,1105769,1106016,1106105,1106185,1106229,1106271,1106275,1106276,1106278,1106281,1106283,1106369,1106509,1106511,1106594,1106697,1106929,1106934,1106995,1107060,1107078,1107319,1107320,1107689,1107735,1107966,963575,966170,966172,969470,969476,969477,970506
CVE References: CVE-2018-10876,CVE-2018-10877,CVE-2018-10878,CVE-2018-10879,CVE-2018-10880,CVE-2018-10881,CVE-2018-10882,CVE-2018-10883,CVE-2018-10902,CVE-2018-10938,CVE-2018-10940,CVE-2018-1128,CVE-2018-1129,CVE-2018-12896,CVE-2018-13093,CVE-2018-13094,CVE-2018-13095,CVE-2018-15572,CVE-2018-16658,CVE-2018-6554,CVE-2018-6555,CVE-2018-9363
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-azure-4.4.155-4.16.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-azure-4.4.155-4.16.1, kernel-source-azure-4.4.155-4.16.1, kernel-syms-azure-4.4.155-4.16.1
Comment 22 Swamp Workflow Management 2018-09-25 19:14:37 UTC 
SUSE-SU-2018:2862-1: An update that solves 12 vulnerabilities and has 83 fixes is now available.

Category: security (important)
Bug References: 1012382,1015342,1015343,1017967,1019695,1019699,1020412,1021121,1022604,1024361,1024365,1024376,1027968,1030552,1031492,1033962,1042286,1048317,1050431,1053685,1055014,1056596,1062604,1063646,1064232,1066223,1068032,1068075,1069138,1078921,1080157,1083663,1085042,1085536,1085539,1087092,1089066,1090888,1092903,1096748,1097105,1098822,1099597,1099810,1099832,1099922,1099999,1100000,1100001,1100132,1102346,1102486,1102517,1104485,1104683,1105271,1105296,1105322,1105323,1105392,1105396,1105524,1105536,1105769,1106016,1106105,1106185,1106191,1106229,1106271,1106275,1106276,1106278,1106281,1106283,1106369,1106509,1106511,1106697,1106929,1106934,1106995,1107060,1107078,1107319,1107320,1107689,1107735,1107966,963575,966170,966172,969470,969476,969477
CVE References: CVE-2018-10902,CVE-2018-10938,CVE-2018-1128,CVE-2018-1129,CVE-2018-12896,CVE-2018-13093,CVE-2018-13094,CVE-2018-13095,CVE-2018-15572,CVE-2018-16658,CVE-2018-6554,CVE-2018-6555
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP3 (src):    kernel-rt-4.4.155-3.23.1, kernel-rt_debug-4.4.155-3.23.1, kernel-source-rt-4.4.155-3.23.1, kernel-syms-rt-4.4.155-3.23.1
Comment 23 Swamp Workflow Management 2018-09-27 19:14:18 UTC 
SUSE-SU-2018:2908-1: An update that solves 19 vulnerabilities and has 19 fixes is now available.

Category: security (important)
Bug References: 1012382,1024788,1062604,1064233,1065999,1090534,1090955,1091171,1092903,1096547,1097104,1097108,1099811,1099813,1099844,1099845,1099846,1099849,1099863,1099864,1099922,1100001,1102870,1103445,1104319,1104495,1104818,1104906,1105100,1105322,1105323,1105396,1106095,1106369,1106509,1106511,1107689,1108912
CVE References: CVE-2018-10853,CVE-2018-10876,CVE-2018-10877,CVE-2018-10878,CVE-2018-10879,CVE-2018-10880,CVE-2018-10881,CVE-2018-10882,CVE-2018-10883,CVE-2018-10902,CVE-2018-10940,CVE-2018-12896,CVE-2018-13093,CVE-2018-14617,CVE-2018-14634,CVE-2018-16276,CVE-2018-16658,CVE-2018-6554,CVE-2018-6555
Sources used:
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.104.1, kernel-source-3.12.74-60.64.104.1, kernel-syms-3.12.74-60.64.104.1, kernel-xen-3.12.74-60.64.104.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.104.1
Comment 26 Swamp Workflow Management 2018-10-09 16:08:50 UTC 
SUSE-SU-2018:3083-1: An update that solves 20 vulnerabilities and has 13 fixes is now available.

Category: security (important)
Bug References: 1012382,1062604,1064232,1065999,1092903,1093215,1096547,1097104,1099811,1099813,1099844,1099845,1099846,1099849,1099863,1099864,1099922,1100001,1100089,1102870,1103445,1104319,1104495,1104906,1105322,1105412,1106095,1106369,1106509,1106511,1107689,1108399,1108912
CVE References: CVE-2018-10853,CVE-2018-10876,CVE-2018-10877,CVE-2018-10878,CVE-2018-10879,CVE-2018-10880,CVE-2018-10881,CVE-2018-10882,CVE-2018-10883,CVE-2018-10902,CVE-2018-10940,CVE-2018-12896,CVE-2018-13093,CVE-2018-14617,CVE-2018-14634,CVE-2018-16276,CVE-2018-16658,CVE-2018-17182,CVE-2018-6554,CVE-2018-6555
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.146.1, kernel-source-3.12.61-52.146.1, kernel-syms-3.12.61-52.146.1, kernel-xen-3.12.61-52.146.1, kgraft-patch-SLE12_Update_38-1-1.5.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.146.1
Comment 27 Swamp Workflow Management 2018-10-09 16:15:46 UTC 
SUSE-SU-2018:3084-1: An update that solves 28 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 1012382,1042286,1062604,1064232,1065364,1082519,1082863,1084536,1085042,1088810,1089066,1092903,1094466,1095344,1096547,1097104,1099597,1099811,1099813,1099844,1099845,1099846,1099849,1099863,1099864,1099922,1099993,1099999,1100000,1100001,1100152,1102517,1102715,1102870,1103445,1104319,1104495,1105292,1105296,1105322,1105348,1105396,1105536,1106016,1106095,1106369,1106509,1106511,1106512,1106594,1107689,1107735,1107966,1108239,1108399,1109333
CVE References: CVE-2018-10853,CVE-2018-10876,CVE-2018-10877,CVE-2018-10878,CVE-2018-10879,CVE-2018-10880,CVE-2018-10881,CVE-2018-10882,CVE-2018-10883,CVE-2018-10902,CVE-2018-10938,CVE-2018-10940,CVE-2018-12896,CVE-2018-13093,CVE-2018-13094,CVE-2018-13095,CVE-2018-14617,CVE-2018-14678,CVE-2018-15572,CVE-2018-15594,CVE-2018-16276,CVE-2018-16658,CVE-2018-17182,CVE-2018-6554,CVE-2018-6555,CVE-2018-7480,CVE-2018-7757,CVE-2018-9363
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, kgraft-patch-SLE12-SP2_Update_25-1-3.4.1, lttng-modules-2.7.1-9.6.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, kgraft-patch-SLE12-SP2_Update_25-1-3.4.1, lttng-modules-2.7.1-9.6.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, kgraft-patch-SLE12-SP2_Update_25-1-3.4.1, lttng-modules-2.7.1-9.6.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, lttng-modules-2.7.1-9.6.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.95.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, kgraft-patch-SLE12-SP2_Update_25-1-3.4.1, lttng-modules-2.7.1-9.6.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.121-92.95.1
Comment 28 Marcus Meissner 2019-03-18 15:08:52 UTC 
all released
Comment 29 Swamp Workflow Management 2019-04-27 22:19:23 UTC 
SUSE-SU-2018:2908-2: An update that solves 19 vulnerabilities and has 19 fixes is now available.

Category: security (important)
Bug References: 1012382,1024788,1062604,1064233,1065999,1090534,1090955,1091171,1092903,1096547,1097104,1097108,1099811,1099813,1099844,1099845,1099846,1099849,1099863,1099864,1099922,1100001,1102870,1103445,1104319,1104495,1104818,1104906,1105100,1105322,1105323,1105396,1106095,1106369,1106509,1106511,1107689,1108912
CVE References: CVE-2018-10853,CVE-2018-10876,CVE-2018-10877,CVE-2018-10878,CVE-2018-10879,CVE-2018-10880,CVE-2018-10881,CVE-2018-10882,CVE-2018-10883,CVE-2018-10902,CVE-2018-10940,CVE-2018-12896,CVE-2018-13093,CVE-2018-14617,CVE-2018-14634,CVE-2018-16276,CVE-2018-16658,CVE-2018-6554,CVE-2018-6555
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.104.1, kernel-source-3.12.74-60.64.104.1, kernel-syms-3.12.74-60.64.104.1, kernel-xen-3.12.74-60.64.104.1, kgraft-patch-SLE12-SP1_Update_31-1-2.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.