Bug 1181747 (CVE-2021-26932)

Summary: VUL-0: CVE-2021-26932: kernel-source: Linux grant mapping error handling issues (XSA-361 v4)
Product: [Novell Products] SUSE Security Incidents Reporter: Alexandros Toptsoglou <atoptsoglou>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: gabriele.sonnu, gianluca.gabrielli, jbeulich, kernel-bugs, meissner
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVSSv3.1:SUSE:CVE-2021-26932:5.9:(AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Comment 4 Alexandros Toptsoglou 2021-02-11 16:28:57 UTC 
I guess this affects kernel, correct me if I am wrong. 
Tracked as affected the 4.4,4.12 and SLE15-SP2 kernel branches
Comment 6 Alexandros Toptsoglou 2021-02-16 13:01:26 UTC 
now public through https://xenbits.xen.org/xsa/advisory-361.html

            Xen Security Advisory CVE-2021-26932 / XSA-361
                               version 4

                Linux: grant mapping error handling issues

UPDATES IN VERSION 4
====================

Public release.

ISSUE DESCRIPTION
=================

Grant mapping operations often occur in batch hypercalls, where a
number of operations are done in a single hypercall, the success or
failure of each one reported to the backend driver, and the backend
driver then loops over the results, performing follow-up actions based
on the success or failure of each operation.

Unfortunately, when running in PV mode, the Linux backend drivers
mishandle this: Some errors are ignored, effectively implying their
success from the success of related batch elements.  In other cases,
errors resulting from one batch element lead to further batch elements
not being inspected, and hence successful ones to not be possible to
properly unmap upon error recovery.

IMPACT
======

A malicious or buggy frontend driver may be able to crash the
corresponding backend driver, causing a denial of service potentially
affecting the entire domain running the backend driver.

A malicious or buggy frontend driver may be able to cause resource
leaks in the domain running the corresponding backend driver, leading
to a denial of service.

VULNERABLE SYSTEMS
==================

All Linux versions back to at least 3.2 are vulnerable, when running in
PV mode on x86 or when running on Arm.

On x86, only systems with Linux backends running in PV mode are
vulnerable.  Linux backends run in HVM / PVH modes are not vulnerable.

MITIGATION
==========

On x86, running the backends in HVM or PVH domains will avoid the
vulnerability.

For protocols where other, e.g. non-kernel-based backends are available,
reconfiguring guests to use alternative (e.g. qemu-based) backends may
allow to avoid the vulnerability as long as these backends don't rely on
similar functionality provided by the xen-gntdev (/dev/gntdev) driver.

In all other cases there is no known mitigation.

CREDITS
=======

This issue was discovered by Jan Beulich of SUSE.

RESOLUTION
==========

Applying the attached patches resolves this issue.

xsa361-linux-1.patch           Linux 5.11-rc - 3.19
xsa361-linux-2.patch           Linux 5.11-rc - 3.15
xsa361-linux-3.patch           Linux 5.11-rc - 4.19
xsa361-linux-4.patch           Linux 5.11-rc - 4.19
xsa361-linux-5.patch           Linux 5.11-rc - 4.4

$ sha256sum xsa361*
bb00ab6319b4fc536566af50c73e064f10f8b99eaa6b0f0b35a8d174c285a905  xsa361-linux-1.patch
73b6a54aa3773ce11f0de6b9aa1d80dd7f4c297dc71924b1a3886bc3b99ac859  xsa361-linux-2.patch
8e554cfab8cdb4fe1b74601a9432ea4c570f74a952ad757f9294ba1666cbeaea  xsa361-linux-3.patch
8c290895d10fc148f99e2a6587811b3037f29c3a0201d69d448ff520cea6f96d  xsa361-linux-4.patch
231ae3e1b9bec1b75dbbbee4b5acff620ef7ac2853332aa7b3c4957c6ca7f341  xsa361-linux-5.patch
$

DEPLOYMENT DURING EMBARGO
Comment 8 Jürgen Groß 2021-03-01 06:06:55 UTC 
Patches available for all affected kernel branches.
Comment 14 OBSbugzilla Bot 2021-03-03 01:43:55 UTC 
This is an autogenerated message for OBS integration:
This bug (1181747) was mentioned in
https://build.opensuse.org/request/show/876318 15.2 / kernel-source
Comment 23 Swamp Workflow Management 2021-03-08 11:25:51 UTC 
openSUSE-SU-2021:0393-1: An update that solves 9 vulnerabilities and has 115 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1178995,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180964,1180989,1181133,1181259,1181544,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182697,1182770,1182798,1182800,1182801,1182854,1182856
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.66.2, kernel-default-5.3.18-lp152.66.2, kernel-default-base-5.3.18-lp152.66.2.lp152.8.23.2, kernel-docs-5.3.18-lp152.66.2, kernel-kvmsmall-5.3.18-lp152.66.2, kernel-obs-build-5.3.18-lp152.66.2, kernel-obs-qa-5.3.18-lp152.66.2, kernel-preempt-5.3.18-lp152.66.2, kernel-source-5.3.18-lp152.66.2, kernel-syms-5.3.18-lp152.66.2
Comment 24 Swamp Workflow Management 2021-03-09 20:24:25 UTC 
SUSE-SU-2021:0738-1: An update that solves 9 vulnerabilities and has 114 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1178995,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180964,1180989,1181133,1181259,1181544,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182770,1182798,1182800,1182801,1182854,1182856
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.38.1, kernel-source-azure-5.3.18-18.38.1, kernel-syms-azure-5.3.18-18.38.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2021-03-09 20:33:35 UTC 
SUSE-SU-2021:0744-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1178372,1181747,1181753,1181843,1182175
CVE References: CVE-2020-28374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.152.2, kernel-source-4.4.121-92.152.2, kernel-syms-4.4.121-92.152.2, kgraft-patch-SLE12-SP2_Update_40-1-3.3.2
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.152.2, kernel-source-4.4.121-92.152.2, kernel-syms-4.4.121-92.152.2, kgraft-patch-SLE12-SP2_Update_40-1-3.3.2
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.152.2, kernel-source-4.4.121-92.152.2, kernel-syms-4.4.121-92.152.2, kgraft-patch-SLE12-SP2_Update_40-1-3.3.2
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.152.2, kernel-source-4.4.121-92.152.2, kernel-syms-4.4.121-92.152.2
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.152.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2021-03-09 20:36:12 UTC 
SUSE-SU-2021:0743-1: An update that solves four vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1177440,1178372,1181747,1181753,1181843,1182175
CVE References: CVE-2020-28374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.141.2
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.141.2, kernel-source-4.4.180-94.141.2, kernel-syms-4.4.180-94.141.2, kgraft-patch-SLE12-SP3_Update_38-1-4.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2021-03-09 20:53:13 UTC 
SUSE-SU-2021:0735-1: An update that solves 9 vulnerabilities and has 112 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180989,1181133,1181259,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182770,1182798,1182800,1182801,1182854,1182856,1183022
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-28.1, kernel-rt_debug-5.3.18-28.1, kernel-source-rt-5.3.18-28.1, kernel-syms-rt-5.3.18-28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2021-03-09 21:10:14 UTC 
SUSE-SU-2021:0741-1: An update that solves 9 vulnerabilities and has 117 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1178995,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180964,1180989,1181133,1181259,1181544,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182110,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182341,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182507,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182770,1182798,1182800,1182801,1182854,1182856
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.52.1, kernel-default-base-5.3.18-24.52.1.9.24.1
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.52.1, kernel-preempt-5.3.18-24.52.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.52.1, kernel-livepatch-SLE15-SP2_Update_11-1-5.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.52.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.52.1, kernel-obs-build-5.3.18-24.52.1, kernel-preempt-5.3.18-24.52.1, kernel-source-5.3.18-24.52.1, kernel-syms-5.3.18-24.52.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.52.1, kernel-default-base-5.3.18-24.52.1.9.24.1, kernel-preempt-5.3.18-24.52.1, kernel-source-5.3.18-24.52.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2021-03-09 21:22:49 UTC 
SUSE-SU-2021:0736-1: An update that solves 5 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1065600,1163592,1176831,1178401,1178762,1179014,1179015,1179045,1179082,1179428,1179660,1180058,1180906,1181441,1181747,1181753,1181843,1182140,1182175
CVE References: CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.71.1, kernel-source-4.12.14-95.71.1, kernel-syms-4.12.14-95.71.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.71.1, kernel-source-4.12.14-95.71.1, kernel-syms-4.12.14-95.71.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.71.1, kernel-source-4.12.14-95.71.1, kernel-syms-4.12.14-95.71.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.71.1, kernel-source-4.12.14-95.71.1, kernel-syms-4.12.14-95.71.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.71.1, kgraft-patch-SLE12-SP4_Update_19-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.71.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2021-03-09 21:26:51 UTC 
SUSE-SU-2021:0737-1: An update that solves 5 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1065600,1163617,1170442,1176855,1179082,1179428,1179660,1180058,1180262,1180964,1181671,1181747,1181753,1181843,1181854,1182047,1182130,1182140,1182175
CVE References: CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1, kernel-zfcpdump-4.12.14-197.86.1
SUSE Manager Retail Branch Server 4.0 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Manager Proxy 4.0 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1, kernel-zfcpdump-4.12.14-197.86.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.86.1, kernel-livepatch-SLE15-SP1_Update_23-1-3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.86.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.86.1, kernel-docs-4.12.14-197.86.1, kernel-obs-build-4.12.14-197.86.1, kernel-source-4.12.14-197.86.1, kernel-syms-4.12.14-197.86.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2021-03-09 21:32:35 UTC 
SUSE-SU-2021:0740-1: An update that solves 5 vulnerabilities and has 11 fixes is now available.

Category: security (important)
Bug References: 1065600,1163592,1178401,1178762,1179014,1179015,1179045,1179082,1179428,1179660,1180058,1181747,1181753,1181843,1182140,1182175
CVE References: CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.69.1, kernel-docs-4.12.14-150.69.1, kernel-obs-build-4.12.14-150.69.1, kernel-source-4.12.14-150.69.1, kernel-syms-4.12.14-150.69.1, kernel-vanilla-4.12.14-150.69.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.69.1, kernel-docs-4.12.14-150.69.1, kernel-obs-build-4.12.14-150.69.1, kernel-source-4.12.14-150.69.1, kernel-syms-4.12.14-150.69.1, kernel-vanilla-4.12.14-150.69.1, kernel-zfcpdump-4.12.14-150.69.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.69.1, kernel-livepatch-SLE15_Update_23-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.69.1, kernel-docs-4.12.14-150.69.1, kernel-obs-build-4.12.14-150.69.1, kernel-source-4.12.14-150.69.1, kernel-syms-4.12.14-150.69.1, kernel-vanilla-4.12.14-150.69.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.69.1, kernel-docs-4.12.14-150.69.1, kernel-obs-build-4.12.14-150.69.1, kernel-source-4.12.14-150.69.1, kernel-syms-4.12.14-150.69.1, kernel-vanilla-4.12.14-150.69.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.69.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2021-04-13 19:30:39 UTC 
SUSE-SU-2021:1175-1: An update that solves 24 vulnerabilities and has 51 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1178163,1179243,1179428,1179454,1179660,1179755,1180846,1181507,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183416,1183509,1183593,1183646,1183662,1183686,1183692,1183696,1183775,1183861,1183871,1184114,1184167,1184168,1184170,1184192,1184193,1184196,1184198
CVE References: CVE-2020-0433,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-3428,CVE-2021-3444
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.50.1, kernel-source-azure-4.12.14-16.50.1, kernel-syms-azure-4.12.14-16.50.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2021-04-13 19:39:23 UTC 
SUSE-SU-2021:1176-1: An update that solves 25 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1177411,1178163,1179243,1179428,1179454,1179660,1179755,1180846,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183416,1183509,1183593,1183646,1183686,1183692,1183696,1183775,1183861,1183871,1184114,1184167,1184168,1184170,1184192,1184193,1184196,1184198
CVE References: CVE-2020-0433,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-3428,CVE-2021-3444
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.37.1, kernel-rt_debug-4.12.14-10.37.1, kernel-source-rt-4.12.14-10.37.1, kernel-syms-rt-4.12.14-10.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 Swamp Workflow Management 2021-04-15 16:35:55 UTC 
SUSE-SU-2021:1210-1: An update that solves 33 vulnerabilities and has 53 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113295,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1178163,1178181,1179243,1179428,1179454,1179660,1179755,1180846,1181507,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183405,1183416,1183509,1183593,1183646,1183662,1183686,1183692,1183696,1183755,1183775,1183861,1183871,1184114,1184120,1184167,1184168,1184170,1184192,1184193,1184196,1184198,1184391,1184393,1184397,1184494,1184511,1184583
CVE References: CVE-2020-0433,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2020-36311,CVE-2021-20219,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.66.2
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.66.2, kernel-obs-build-4.12.14-122.66.2
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.66.2, kernel-source-4.12.14-122.66.2, kernel-syms-4.12.14-122.66.2
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.66.2, kgraft-patch-SLE12-SP5_Update_17-1-8.3.2
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.66.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Gabriele Sonnu 2022-04-07 13:35:09 UTC 
Done.