Bug 1119946 (CVE-2018-16884)

Summary: VUL-0: CVE-2018-16884: kernel-source: nfs4: use-after-free in svc_process_common()
Product: [Novell Products] SUSE Security Incidents Reporter: Marcus Meissner <meissner>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: bpetkov, mbenes, nfbrown, nstange, smash_bz, tiwai
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/221365/
Whiteboard: CVSSv3:SUSE:CVE-2018-16884:7.0:(AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2018-12-19 10:55:55 UTC
CVE-2018-16884

via oss-sec

Subject: [oss-security] CVE-2018-16884: Linux kernel: nfs: use-after-free in svc_process_common()

Heololo,

A flaw was found in the Linux kernel in the NFS4 subsystem. NFS41+ shares mounted
in different network namespaces at the same time can make bc_svc_process() use wrong
back-channel id and cause a use-after-free. Thus a malicious container user can cause
a host kernel memory corruption and a system panic. Due to the nature of the flaw,
privilege escalation cannot be fully ruled out.

The CVE-2018-16884 id was assigned to this flaw and proposed to MITRE. We would like
to suggest to use this id in public communications regarding this flaw.

A proposed patchset and a discussion:

https://patchwork.kernel.org/cover/10733767/

https://patchwork.kernel.org/patch/10733769/

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1660375

Best regards,
Vladis Dronov | Red Hat, Inc. | Product Security Engineer
Comment 1 Marcus Meissner 2018-12-19 12:40:10 UTC
which kernels are affected?
Comment 4 Neil Brown 2019-01-02 02:38:29 UTC
I've added first to patches from

https://www.spinics.net/lists/linux-nfs/msg71314.html

(suitably backported, with a kabi fix) to
 cve/linux-3.12
 cve/linux-4.4
 SLE15

and submitted update requests.
Comment 6 Swamp Workflow Management 2019-01-12 08:30:31 UTC
This is an autogenerated message for OBS integration:
This bug (1119946) was mentioned in
https://build.opensuse.org/request/show/664959 15.0 / kernel-source
Comment 10 Swamp Workflow Management 2019-01-17 23:28:06 UTC
openSUSE-SU-2019:0065-1: An update that solves 11 vulnerabilities and has 131 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055121,1055186,1058115,1060463,1065729,1078248,1079935,1082387,1083647,1086282,1086283,1086423,1087978,1088386,1090888,1091405,1094244,1097593,1102875,1102877,1102879,1102882,1102896,1103257,1104353,1104427,1104967,1105168,1106105,1106110,1106615,1106913,1108270,1109272,1109665,1110558,1111188,1111469,1111696,1111795,1113722,1114279,1114871,1116040,1116183,1116336,1116803,1116841,1117115,1117162,1117165,1117186,1117561,1117656,1117953,1118152,1118215,1118316,1118319,1118428,1118484,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119962,1119968,1120036,1120046,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1121017,1121058,1121263,1121273,1121477,1121483,1121621,1121714,1121715
CVE References: CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18397,CVE-2018-19407,CVE-2018-19824,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.45.1, kernel-default-4.12.14-lp150.12.45.1, kernel-docs-4.12.14-lp150.12.45.1, kernel-kvmsmall-4.12.14-lp150.12.45.1, kernel-obs-build-4.12.14-lp150.12.45.1, kernel-obs-qa-4.12.14-lp150.12.45.1, kernel-source-4.12.14-lp150.12.45.1, kernel-syms-4.12.14-lp150.12.45.1, kernel-vanilla-4.12.14-lp150.12.45.1
Comment 12 Swamp Workflow Management 2019-01-18 20:37:32 UTC
This is an autogenerated message for OBS integration:
This bug (1119946) was mentioned in
https://build.opensuse.org/request/show/667052 42.3 / kernel-source
Comment 13 Swamp Workflow Management 2019-01-23 23:41:19 UTC
SUSE-SU-2019:0150-1: An update that solves 12 vulnerabilities and has 241 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055120,1055121,1055186,1058115,1060463,1065600,1065729,1068273,1078248,1079935,1082387,1082555,1082653,1083647,1085535,1086282,1086283,1086423,1087082,1087978,1088386,1089350,1090888,1091405,1094244,1097593,1097755,1102875,1102877,1102879,1102882,1102896,1103257,1104353,1104427,1104824,1104967,1105168,1106105,1106110,1106237,1106240,1106615,1106913,1107256,1107385,1107866,1108270,1108468,1109272,1109772,1109806,1110006,1110558,1110998,1111062,1111174,1111183,1111188,1111469,1111696,1111795,1111809,1112963,1113295,1113412,1113501,1113677,1113722,1113769,1114015,1114178,1114279,1114385,1114576,1114577,1114578,1114579,1114580,1114581,1114582,1114583,1114584,1114585,1114839,1114871,1115074,1115269,1115431,1115433,1115440,1115567,1115709,1115976,1116040,1116183,1116336,1116692,1116693,1116698,1116699,1116700,1116701,1116803,1116841,1116862,1116863,1116876,1116877,1116878,1116891,1116895,1116899,1116950,1117115,1117162,1117165,1117168,1117172,1117174,1117181,1117184,1117186,1117188,1117189,1117349,1117561,1117656,1117788,1117789,1117790,1117791,1117792,1117794,1117795,1117796,1117798,1117799,1117801,1117802,1117803,1117804,1117805,1117806,1117807,1117808,1117815,1117816,1117817,1117818,1117819,1117820,1117821,1117822,1117953,1118102,1118136,1118137,1118138,1118140,1118152,1118215,1118316,1118319,1118320,1118428,1118484,1118505,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119947,1119962,1119968,1119974,1120036,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1120954,1121017,1121058,1121263,1121273,1121477,1121483,1121599,1121621,1121714,1121715,1121973
CVE References: CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18281,CVE-2018-18397,CVE-2018-19407,CVE-2018-19824,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.19.1, kernel-source-azure-4.12.14-5.19.1, kernel-syms-azure-4.12.14-5.19.1
Comment 14 Swamp Workflow Management 2019-01-24 00:05:40 UTC
SUSE-SU-2019:0148-1: An update that solves 10 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1012382,1015336,1015337,1015340,1019683,1019695,1020645,1027260,1027457,1042286,1043083,1046264,1047487,1048916,1065600,1066223,1068032,1069702,1070805,1079935,1087082,1091405,1093158,1094244,1094973,1096242,1096281,1099523,1100105,1101557,1102439,1102660,1103156,1103257,1103624,1104098,1104731,1105412,1106105,1106237,1106240,1106929,1107385,1108145,1108240,1109272,1109330,1109806,1110286,1111062,1111809,1112246,1112963,1113412,1114190,1114417,1114475,1114648,1114763,1114839,1114871,1115431,1115433,1115440,1115587,1115709,1116027,1116183,1116285,1116336,1116345,1116497,1116841,1116924,1116950,1117162,1117165,1117186,1117562,1118152,1118316,1118319,1118505,1118790,1118798,1118915,1118922,1118926,1118930,1118936,1119204,1119714,1119877,1119946,1119967,1119970,1120046,1120743,1121239,1121240,1121241,1121242,1121275,1121621
CVE References: CVE-2017-16939,CVE-2018-1120,CVE-2018-16862,CVE-2018-16884,CVE-2018-19407,CVE-2018-19824,CVE-2018-19985,CVE-2018-20169,CVE-2018-3639,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-azure-4.4.170-4.22.1, kernel-source-azure-4.4.170-4.22.1, kernel-syms-azure-4.4.170-4.22.1
Comment 15 Neil Brown 2019-01-24 23:31:09 UTC
I'm done here, so reassigning to security team.
Comment 16 Swamp Workflow Management 2019-01-29 17:28:56 UTC
SUSE-SU-2019:0196-1: An update that solves 10 vulnerabilities and has 136 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055121,1055186,1058115,1060463,1065729,1078248,1079935,1082387,1083647,1086282,1086283,1086423,1087084,1087978,1088386,1090888,1091405,1094244,1097593,1102875,1102877,1102879,1102882,1102896,1103257,1104353,1104427,1104967,1105168,1106105,1106110,1106615,1106913,1108270,1109272,1110558,1111188,1111469,1111696,1111795,1112128,1113722,1114648,1114871,1116040,1116336,1116803,1116841,1117115,1117162,1117165,1117186,1117561,1117656,1117953,1118215,1118319,1118428,1118484,1118505,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118787,1118788,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119962,1119968,1120036,1120046,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1120954,1121017,1121058,1121263,1121273,1121477,1121483,1121599,1121621,1121714,1121715,1121973
CVE References: CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18397,CVE-2018-19407,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_2-1-6.3.1
Comment 18 Swamp Workflow Management 2019-01-30 06:32:14 UTC
SUSE-SU-2019:0196-1: An update that solves 10 vulnerabilities and has 136 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055121,1055186,1058115,1060463,1065729,1078248,1079935,1082387,1083647,1086282,1086283,1086423,1087084,1087978,1088386,1090888,1091405,1094244,1097593,1102875,1102877,1102879,1102882,1102896,1103257,1104353,1104427,1104967,1105168,1106105,1106110,1106615,1106913,1108270,1109272,1110558,1111188,1111469,1111696,1111795,1112128,1113722,1114648,1114871,1116040,1116336,1116803,1116841,1117115,1117162,1117165,1117186,1117561,1117656,1117953,1118215,1118319,1118428,1118484,1118505,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118787,1118788,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119962,1119968,1120036,1120046,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1120954,1121017,1121058,1121263,1121273,1121477,1121483,1121599,1121621,1121714,1121715,1121973
CVE References: CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18397,CVE-2018-19407,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.6.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.6.1, kernel-obs-build-4.12.14-95.6.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.6.1, kernel-source-4.12.14-95.6.1, kernel-syms-4.12.14-95.6.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_2-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.6.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.6.1, kernel-source-4.12.14-95.6.1, kernel-syms-4.12.14-95.6.1
Comment 21 Swamp Workflow Management 2019-02-01 19:39:26 UTC
This is an autogenerated message for OBS integration:
This bug (1119946) was mentioned in
https://build.opensuse.org/request/show/670625 42.3 / kernel-source
Comment 22 Swamp Workflow Management 2019-02-01 21:04:56 UTC
SUSE-SU-2019:0222-1: An update that solves 13 vulnerabilities and has 258 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055120,1055121,1055186,1058115,1060463,1065600,1065729,1068032,1068273,1074562,1074578,1074701,1075006,1075419,1075748,1078248,1079935,1080039,1082387,1082555,1082653,1083647,1085535,1086282,1086283,1086423,1087082,1087084,1087939,1087978,1088386,1089350,1090888,1091405,1094244,1097593,1097755,1102055,1102875,1102877,1102879,1102882,1102896,1103257,1104353,1104427,1104824,1104967,1105168,1106105,1106110,1106237,1106240,1106615,1106913,1107207,1107256,1107385,1107866,1108270,1108468,1109272,1109772,1109806,1110006,1110558,1110998,1111062,1111174,1111188,1111469,1111696,1111795,1111809,1112128,1112963,1113295,1113412,1113501,1113677,1113722,1113769,1114015,1114178,1114279,1114385,1114576,1114577,1114578,1114579,1114580,1114581,1114582,1114583,1114584,1114585,1114648,1114839,1114871,1115074,1115269,1115431,1115433,1115440,1115567,1115709,1115976,1116040,1116183,1116336,1116692,1116693,1116698,1116699,1116700,1116701,1116803,1116841,1116862,1116863,1116876,1116877,1116878,1116891,1116895,1116899,1116950,1117115,1117162,1117165,1117168,1117172,1117174,1117181,1117184,1117186,1117188,1117189,1117349,1117561,1117656,1117788,1117789,1117790,1117791,1117792,1117794,1117795,1117796,1117798,1117799,1117801,1117802,1117803,1117804,1117805,1117806,1117807,1117808,1117815,1117816,1117817,1117818,1117819,1117820,1117821,1117822,1117953,1118102,1118136,1118137,1118138,1118140,1118152,1118215,1118316,1118319,1118320,1118428,1118484,1118505,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118787,1118788,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119947,1119962,1119968,1119974,1120036,1120046,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1120954,1121017,1121058,1121263,1121273,1121477,1121483,1121599,1121621,1121714,1121715,1121973,1122019,1122292
CVE References: CVE-2017-5753,CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18281,CVE-2018-18397,CVE-2018-19407,CVE-2018-19824,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.6.2, kernel-source-azure-4.12.14-6.6.2, kernel-syms-azure-4.12.14-6.6.2
Comment 23 Swamp Workflow Management 2019-02-01 23:45:36 UTC
SUSE-SU-2019:0224-1: An update that solves 13 vulnerabilities and has 253 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055120,1055121,1055186,1058115,1060463,1061840,1065600,1065729,1068273,1078248,1079935,1082387,1082555,1082653,1083647,1085535,1086196,1086282,1086283,1086423,1087978,1088386,1089350,1090888,1091405,1091800,1094244,1097593,1097755,1100132,1102875,1102877,1102879,1102882,1102896,1103257,1103356,1103925,1104124,1104353,1104427,1104824,1104967,1105168,1105428,1106105,1106110,1106237,1106240,1106615,1106913,1107256,1107385,1107866,1108270,1108468,1109272,1109772,1109806,1110006,1110558,1110998,1111040,1111062,1111174,1111183,1111188,1111469,1111696,1111795,1111809,1111921,1112878,1112963,1113295,1113408,1113412,1113501,1113667,1113677,1113722,1113751,1113769,1113780,1113972,1114015,1114178,1114279,1114385,1114576,1114577,1114578,1114579,1114580,1114581,1114582,1114583,1114584,1114585,1114839,1114871,1115074,1115269,1115431,1115433,1115440,1115567,1115709,1115976,1116040,1116183,1116336,1116692,1116693,1116698,1116699,1116700,1116701,1116803,1116841,1116862,1116863,1116876,1116877,1116878,1116891,1116895,1116899,1116950,1117115,1117162,1117165,1117168,1117172,1117174,1117181,1117184,1117186,1117188,1117189,1117349,1117561,1117656,1117788,1117789,1117790,1117791,1117792,1117794,1117795,1117796,1117798,1117799,1117801,1117802,1117803,1117804,1117805,1117806,1117807,1117808,1117815,1117816,1117817,1117818,1117819,1117820,1117821,1117822,1117953,1118102,1118136,1118137,1118138,1118140,1118152,1118215,1118316,1118319,1118428,1118484,1118505,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119962,1119968,1120036,1120046,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1120954,1121017,1121058,1121263,1121273,1121477,1121483,1121599,1121621,1121714,1121715,1121973
CVE References: CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18281,CVE-2018-18397,CVE-2018-18710,CVE-2018-19407,CVE-2018-19824,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-25.28.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-25.28.1, kernel-docs-4.12.14-25.28.1, kernel-obs-qa-4.12.14-25.28.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-25.28.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-25.28.1, kernel-obs-build-4.12.14-25.28.1, kernel-source-4.12.14-25.28.1, kernel-syms-4.12.14-25.28.1, kernel-vanilla-4.12.14-25.28.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-25.28.1, kernel-source-4.12.14-25.28.1, kernel-zfcpdump-4.12.14-25.28.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-25.28.1
Comment 24 Swamp Workflow Management 2019-02-02 07:31:38 UTC
SUSE-SU-2019:0196-1: An update that solves 10 vulnerabilities and has 136 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055121,1055186,1058115,1060463,1065729,1078248,1079935,1082387,1083647,1086282,1086283,1086423,1087084,1087978,1088386,1090888,1091405,1094244,1097593,1102875,1102877,1102879,1102882,1102896,1103257,1104353,1104427,1104967,1105168,1106105,1106110,1106615,1106913,1108270,1109272,1110558,1111188,1111469,1111696,1111795,1112128,1113722,1114648,1114871,1116040,1116336,1116803,1116841,1117115,1117162,1117165,1117186,1117561,1117656,1117953,1118215,1118319,1118428,1118484,1118505,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118787,1118788,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119962,1119968,1120036,1120046,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1120954,1121017,1121058,1121263,1121273,1121477,1121483,1121599,1121621,1121714,1121715,1121973
CVE References: CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18397,CVE-2018-19407,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.6.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.6.1, kernel-obs-build-4.12.14-95.6.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.6.1, kernel-source-4.12.14-95.6.1, kernel-syms-4.12.14-95.6.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_2-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.6.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.6.1, kernel-source-4.12.14-95.6.1, kernel-syms-4.12.14-95.6.1
Comment 25 Swamp Workflow Management 2019-02-02 07:41:32 UTC
SUSE-SU-2019:0196-1: An update that solves 10 vulnerabilities and has 136 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055121,1055186,1058115,1060463,1065729,1078248,1079935,1082387,1083647,1086282,1086283,1086423,1087084,1087978,1088386,1090888,1091405,1094244,1097593,1102875,1102877,1102879,1102882,1102896,1103257,1104353,1104427,1104967,1105168,1106105,1106110,1106615,1106913,1108270,1109272,1110558,1111188,1111469,1111696,1111795,1112128,1113722,1114648,1114871,1116040,1116336,1116803,1116841,1117115,1117162,1117165,1117186,1117561,1117656,1117953,1118215,1118319,1118428,1118484,1118505,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118787,1118788,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119962,1119968,1120036,1120046,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1120954,1121017,1121058,1121263,1121273,1121477,1121483,1121599,1121621,1121714,1121715,1121973
CVE References: CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18397,CVE-2018-19407,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.6.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.6.1, kernel-obs-build-4.12.14-95.6.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.6.1, kernel-source-4.12.14-95.6.1, kernel-syms-4.12.14-95.6.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_2-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.6.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.6.1, kernel-source-4.12.14-95.6.1, kernel-syms-4.12.14-95.6.1
Comment 26 Swamp Workflow Management 2019-02-02 09:00:26 UTC
SUSE-SU-2019:0224-1: An update that solves 13 vulnerabilities and has 253 fixes is now available.

Category: security (important)
Bug References: 1024718,1046299,1050242,1050244,1051510,1055120,1055121,1055186,1058115,1060463,1061840,1065600,1065729,1068273,1078248,1079935,1082387,1082555,1082653,1083647,1085535,1086196,1086282,1086283,1086423,1087978,1088386,1089350,1090888,1091405,1091800,1094244,1097593,1097755,1100132,1102875,1102877,1102879,1102882,1102896,1103257,1103356,1103925,1104124,1104353,1104427,1104824,1104967,1105168,1105428,1106105,1106110,1106237,1106240,1106615,1106913,1107256,1107385,1107866,1108270,1108468,1109272,1109772,1109806,1110006,1110558,1110998,1111040,1111062,1111174,1111183,1111188,1111469,1111696,1111795,1111809,1111921,1112878,1112963,1113295,1113408,1113412,1113501,1113667,1113677,1113722,1113751,1113769,1113780,1113972,1114015,1114178,1114279,1114385,1114576,1114577,1114578,1114579,1114580,1114581,1114582,1114583,1114584,1114585,1114839,1114871,1115074,1115269,1115431,1115433,1115440,1115567,1115709,1115976,1116040,1116183,1116336,1116692,1116693,1116698,1116699,1116700,1116701,1116803,1116841,1116862,1116863,1116876,1116877,1116878,1116891,1116895,1116899,1116950,1117115,1117162,1117165,1117168,1117172,1117174,1117181,1117184,1117186,1117188,1117189,1117349,1117561,1117656,1117788,1117789,1117790,1117791,1117792,1117794,1117795,1117796,1117798,1117799,1117801,1117802,1117803,1117804,1117805,1117806,1117807,1117808,1117815,1117816,1117817,1117818,1117819,1117820,1117821,1117822,1117953,1118102,1118136,1118137,1118138,1118140,1118152,1118215,1118316,1118319,1118428,1118484,1118505,1118752,1118760,1118761,1118762,1118766,1118767,1118768,1118769,1118771,1118772,1118773,1118774,1118775,1118798,1118809,1118962,1119017,1119086,1119212,1119322,1119410,1119714,1119749,1119804,1119946,1119962,1119968,1120036,1120046,1120053,1120054,1120055,1120058,1120088,1120092,1120094,1120096,1120097,1120173,1120214,1120223,1120228,1120230,1120232,1120234,1120235,1120238,1120594,1120598,1120600,1120601,1120602,1120603,1120604,1120606,1120612,1120613,1120614,1120615,1120616,1120617,1120618,1120620,1120621,1120632,1120633,1120743,1120954,1121017,1121058,1121263,1121273,1121477,1121483,1121599,1121621,1121714,1121715,1121973
CVE References: CVE-2018-12232,CVE-2018-14625,CVE-2018-16862,CVE-2018-16884,CVE-2018-18281,CVE-2018-18397,CVE-2018-18710,CVE-2018-19407,CVE-2018-19824,CVE-2018-19854,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-25.28.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-25.28.1, kernel-docs-4.12.14-25.28.1, kernel-obs-qa-4.12.14-25.28.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-25.28.1, kernel-livepatch-SLE15_Update_8-1-1.3.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-25.28.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-25.28.1, kernel-obs-build-4.12.14-25.28.1, kernel-source-4.12.14-25.28.1, kernel-syms-4.12.14-25.28.1, kernel-vanilla-4.12.14-25.28.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-25.28.1, kernel-source-4.12.14-25.28.1, kernel-zfcpdump-4.12.14-25.28.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-25.28.1
Comment 27 Swamp Workflow Management 2019-02-06 14:36:06 UTC
openSUSE-SU-2019:0140-1: An update that solves 10 vulnerabilities and has 86 fixes is now available.

Category: security (important)
Bug References: 1012382,1015336,1015337,1015340,1019683,1019695,1020645,1023175,1027260,1031492,1043083,1047487,1065600,1068032,1070805,1079935,1086423,1087082,1091405,1094244,1094823,1096242,1096281,1099523,1100105,1101557,1102660,1102875,1102877,1102879,1102882,1102896,1103156,1103257,1104098,1106105,1106929,1107866,1108240,1109272,1109665,1109695,1110286,1114417,1114648,1114763,1114871,1114893,1115431,1116027,1116183,1116336,1116345,1116653,1116841,1116962,1117162,1117165,1117186,1118152,1118316,1118319,1118505,1118790,1118798,1118915,1118922,1118926,1118930,1118936,1119204,1119680,1119714,1119877,1119946,1119967,1119970,1120046,1120722,1120743,1120758,1120902,1120950,1121239,1121240,1121241,1121242,1121275,1121621,1121726,1122650,1122651,1122885,1123321,1123323,1123357
CVE References: CVE-2018-1120,CVE-2018-16862,CVE-2018-16884,CVE-2018-19407,CVE-2018-19824,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568,CVE-2019-3459,CVE-2019-3460
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.172-86.1, kernel-default-4.4.172-86.1, kernel-docs-4.4.172-86.1, kernel-obs-build-4.4.172-86.1, kernel-obs-qa-4.4.172-86.1, kernel-source-4.4.172-86.1, kernel-syms-4.4.172-86.1, kernel-vanilla-4.4.172-86.1
Comment 29 Swamp Workflow Management 2019-02-11 20:24:59 UTC
SUSE-SU-2019:0320-1: An update that solves 9 vulnerabilities and has 113 fixes is now available.

Category: security (important)
Bug References: 1012382,1015336,1015337,1015340,1019683,1019695,1020645,1023175,1027260,1027457,1031492,1042286,1043083,1046264,1047487,1048916,1065600,1066223,1068032,1069702,1070805,1079935,1086423,1087082,1091405,1092100,1093158,1093641,1093649,1093653,1093655,1093657,1093663,1094244,1094973,1096242,1096281,1099523,1100105,1101557,1102439,1102660,1103156,1103257,1103624,1104098,1104731,1106105,1106237,1106240,1106929,1107385,1108145,1108240,1109168,1109272,1109330,1109806,1110286,1111062,1111174,1111809,1112246,1112963,1113412,1113766,1114190,1114417,1114475,1114648,1114763,1114839,1114871,1115431,1115433,1115440,1115482,1115587,1115709,1116027,1116183,1116285,1116336,1116345,1116497,1116841,1116924,1116950,1116962,1117162,1117165,1117186,1117562,1118152,1118316,1118319,1118505,1118790,1118798,1118915,1118922,1118926,1118930,1118936,1119204,1119445,1119714,1119877,1119946,1119967,1119970,1120046,1120260,1120743,1120950,1121239,1121240,1121241,1121242,1121275,1121621,985031
CVE References: CVE-2017-16939,CVE-2018-1120,CVE-2018-16862,CVE-2018-16884,CVE-2018-19407,CVE-2018-19824,CVE-2018-19985,CVE-2018-20169,CVE-2018-9568
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP3 (src):    kernel-rt-4.4.170-3.32.2, kernel-rt_debug-4.4.170-3.32.2, kernel-source-rt-4.4.170-3.32.1, kernel-syms-rt-4.4.170-3.32.1
Comment 30 Swamp Workflow Management 2019-02-19 20:21:12 UTC
SUSE-SU-2019:0439-1: An update that solves 13 vulnerabilities and has 43 fixes is now available.

Category: security (important)
Bug References: 1012382,1023175,1042286,1065600,1065726,1070805,1084721,1086095,1086535,1091158,1091171,1091197,1094825,1095344,1098996,1099523,1099597,1100105,1101555,1103624,1104731,1105025,1105931,1106293,1107256,1107299,1107385,1107866,1108145,1108498,1109330,1110286,1110837,1111062,1113192,1113751,1113769,1114190,1114648,1114763,1115433,1115440,1116027,1116183,1116345,1117186,1117187,1118152,1118319,1119714,1119946,1119947,1120743,1120758,1121621,1123161
CVE References: CVE-2018-16862,CVE-2018-16884,CVE-2018-18281,CVE-2018-18386,CVE-2018-18690,CVE-2018-18710,CVE-2018-19824,CVE-2018-19985,CVE-2018-20169,CVE-2018-9516,CVE-2018-9568,CVE-2019-3459,CVE-2019-3460
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.101.1, kernel-source-4.4.121-92.101.1, kernel-syms-4.4.121-92.101.1, kgraft-patch-SLE12-SP2_Update_27-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.101.1, kernel-source-4.4.121-92.101.1, kernel-syms-4.4.121-92.101.1, kgraft-patch-SLE12-SP2_Update_27-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.101.1, kernel-source-4.4.121-92.101.1, kernel-syms-4.4.121-92.101.1, kgraft-patch-SLE12-SP2_Update_27-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.101.1, kernel-source-4.4.121-92.101.1, kernel-syms-4.4.121-92.101.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.101.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.101.1, kernel-source-4.4.121-92.101.1, kernel-syms-4.4.121-92.101.1, kgraft-patch-SLE12-SP2_Update_27-1-3.3.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.121-92.101.1
Comment 32 Swamp Workflow Management 2019-03-04 20:28:39 UTC
SUSE-SU-2019:0541-1: An update that solves 14 vulnerabilities and has 148 fixes is now available.

Category: security (important)
Bug References: 1012382,1015336,1015337,1015340,1019683,1019695,1020413,1020645,1023175,1027260,1027457,1031492,1042286,1043083,1046264,1047487,1048916,1050549,1065600,1066223,1068032,1070805,1078355,1079935,1086095,1086423,1086652,1091405,1093158,1094244,1094823,1094973,1096242,1096281,1099523,1099810,1100105,1101557,1102439,1102660,1102875,1102877,1102879,1102882,1102896,1103097,1103156,1103257,1103624,1104098,1104731,1105428,1106061,1106105,1106237,1106240,1106929,1107385,1107866,1108145,1108240,1109272,1109330,1109695,1109806,1110286,1111062,1111174,1111809,1112246,1112963,1113412,1113766,1114190,1114417,1114475,1114648,1114763,1114839,1114871,1114893,1115431,1115433,1115440,1115482,1115709,1116027,1116183,1116285,1116336,1116345,1116497,1116653,1116841,1116924,1116950,1116962,1117108,1117162,1117165,1117186,1117562,1117645,1117744,1118152,1118316,1118319,1118505,1118790,1118798,1118915,1118922,1118926,1118930,1118936,1119204,1119680,1119714,1119877,1119946,1119967,1119970,1120017,1120046,1120722,1120743,1120758,1120902,1120950,1121239,1121240,1121241,1121242,1121275,1121621,1121726,1122650,1122651,1122779,1122885,1123321,1123323,1123357,1123933,1124166,1124728,1124732,1124735,1124775,1124777,1124780,1124811,1125000,1125014,1125446,1125794,1125796,1125808,1125809,1125810,1125892,985031
CVE References: CVE-2018-1120,CVE-2018-16862,CVE-2018-16884,CVE-2018-19407,CVE-2018-19824,CVE-2018-19985,CVE-2018-20169,CVE-2018-5391,CVE-2018-9568,CVE-2019-3459,CVE-2019-3460,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.175-94.79.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.175-94.79.1, kernel-obs-build-4.4.175-94.79.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.175-94.79.1, kernel-source-4.4.175-94.79.1, kernel-syms-4.4.175-94.79.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.175-94.79.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.175-94.79.1, kernel-source-4.4.175-94.79.1, kernel-syms-4.4.175-94.79.1
SUSE CaaS Platform ALL (src):    kernel-default-4.4.175-94.79.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.175-94.79.1
Comment 33 Swamp Workflow Management 2019-03-04 20:50:28 UTC
SUSE-SU-2019:0541-1: An update that solves 14 vulnerabilities and has 148 fixes is now available.

Category: security (important)
Bug References: 1012382,1015336,1015337,1015340,1019683,1019695,1020413,1020645,1023175,1027260,1027457,1031492,1042286,1043083,1046264,1047487,1048916,1050549,1065600,1066223,1068032,1070805,1078355,1079935,1086095,1086423,1086652,1091405,1093158,1094244,1094823,1094973,1096242,1096281,1099523,1099810,1100105,1101557,1102439,1102660,1102875,1102877,1102879,1102882,1102896,1103097,1103156,1103257,1103624,1104098,1104731,1105428,1106061,1106105,1106237,1106240,1106929,1107385,1107866,1108145,1108240,1109272,1109330,1109695,1109806,1110286,1111062,1111174,1111809,1112246,1112963,1113412,1113766,1114190,1114417,1114475,1114648,1114763,1114839,1114871,1114893,1115431,1115433,1115440,1115482,1115709,1116027,1116183,1116285,1116336,1116345,1116497,1116653,1116841,1116924,1116950,1116962,1117108,1117162,1117165,1117186,1117562,1117645,1117744,1118152,1118316,1118319,1118505,1118790,1118798,1118915,1118922,1118926,1118930,1118936,1119204,1119680,1119714,1119877,1119946,1119967,1119970,1120017,1120046,1120722,1120743,1120758,1120902,1120950,1121239,1121240,1121241,1121242,1121275,1121621,1121726,1122650,1122651,1122779,1122885,1123321,1123323,1123357,1123933,1124166,1124728,1124732,1124735,1124775,1124777,1124780,1124811,1125000,1125014,1125446,1125794,1125796,1125808,1125809,1125810,1125892,985031
CVE References: CVE-2018-1120,CVE-2018-16862,CVE-2018-16884,CVE-2018-19407,CVE-2018-19824,CVE-2018-19985,CVE-2018-20169,CVE-2018-5391,CVE-2018-9568,CVE-2019-3459,CVE-2019-3460,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.175-94.79.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.175-94.79.1, kernel-obs-build-4.4.175-94.79.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.175-94.79.1, kernel-source-4.4.175-94.79.1, kernel-syms-4.4.175-94.79.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_23-1-4.7.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.175-94.79.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.175-94.79.1, kernel-source-4.4.175-94.79.1, kernel-syms-4.4.175-94.79.1
SUSE CaaS Platform ALL (src):    kernel-default-4.4.175-94.79.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.175-94.79.1
Comment 37 Marcus Meissner 2019-04-03 14:48:39 UTC
released
Comment 40 Swamp Workflow Management 2019-05-17 19:21:38 UTC
SUSE-SU-2019:1289-1: An update that solves 33 vulnerabilities and has 13 fixes is now available.

Category: security (important)
Bug References: 1031240,1034862,1066674,1071021,1086535,1091171,1094825,1100001,1102517,1103097,1104475,1105025,1105296,1106913,1107829,1108498,1110768,1111331,1111516,1113751,1113769,1114648,1114920,1115007,1115038,1116345,1116841,1118152,1118319,1119714,1119946,1120743,1120758,1121621,1122015,1123161,1124010,1124728,1124732,1124735,1126890,1128166,1131416,1131427,1132828,1133188
CVE References: CVE-2016-10741,CVE-2017-1000407,CVE-2017-16533,CVE-2017-7273,CVE-2017-7472,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-14633,CVE-2018-15572,CVE-2018-16884,CVE-2018-18281,CVE-2018-18386,CVE-2018-18690,CVE-2018-18710,CVE-2018-19407,CVE-2018-19824,CVE-2018-19985,CVE-2018-20169,CVE-2018-5391,CVE-2018-9516,CVE-2018-9568,CVE-2019-11091,CVE-2019-11486,CVE-2019-3459,CVE-2019-3460,CVE-2019-3882,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-8564,CVE-2019-9213,CVE-2019-9503
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.110.1, kernel-source-3.12.74-60.64.110.1, kernel-syms-3.12.74-60.64.110.1, kernel-xen-3.12.74-60.64.110.1, lttng-modules-2.7.0-4.4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.110.1, kernel-source-3.12.74-60.64.110.1, kernel-syms-3.12.74-60.64.110.1, kernel-xen-3.12.74-60.64.110.1, lttng-modules-2.7.0-4.4.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.110.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.