Bug 1183022 (CVE-2021-28038)

Summary: VUL-0: CVE-2021-28038: kernel-source: Linux: netback fails to honor grant mapping errors (XSA-367)
Product: [Novell Products] SUSE Security Incidents Reporter: Gianluca Gabrielli <gianluca.gabrielli>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: NEW --- QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: atoptsoglou, carnold, jbeulich, jgross, meissner, rfrohl
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVSSv3.1:SUSE:CVE-2021-28038:6.5:(AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: Upstream patch

Description Gianluca Gabrielli 2021-03-04 10:59:19 UTC 
+++ This bug was initially created as a clone of Bug #1181753 +++

                    Xen Security Advisory XSA-367

          Linux: netback fails to honor grant mapping errors

ISSUE DESCRIPTION
=================

XSA-362 tried to address issues here, but in the case of the netback
driver the changes were insufficient: It left the relevant function
invocation with, effectively, no error handling at all.  As a result,
memory allocation failures there could still lead to frontend-induced
crashes of the backend.

IMPACT
======

A malicious or buggy networking frontend driver may be able to crash
the corresponding backend driver, potentially affecting the entire
domain running the backend driver.  In a typical (non-disaggregated)
system that is a host-wide denial of service (DoS).

VULNERABLE SYSTEMS
==================

Linux versions from at least 2.6.39 onwards are vulnerable, when run in
PV mode.  Earlier versions differ significantly in behavior and may
therefore instead surface other issues under the same conditions.  Linux
run in HVM / PVH modes is not vulnerable.

MITIGATION
==========

For Linux, running the backends in HVM or PVH domains will avoid the
vulnerability.  For example, by running the dom0 in PVH mode.

In all other cases there is no known mitigation.

RESOLUTION
==========

Applying the attached patch resolves this issue.

xsa367-linux.patch           Linux 5.12-rc

$ sha256sum xsa367*
b0244bfddee91cd7986172893e70664b74e698c5d44f25865870f179f80f9a92  xsa367-linux.patch
$

CREDITS
=======

This issue was reported by Intel's kernel test robot and recognized as a
security issue by Jan Beulich of SUSE.

NOTE REGARDING LACK OF EMBARGO
==============================

This issue was reported publicly, before the XSA could be issued.
Comment 1 Gianluca Gabrielli 2021-03-04 11:00:23 UTC 
Created attachment 846748 [details]
Upstream patch
Comment 2 Jürgen Groß 2021-03-05 08:26:20 UTC 
Patches pushed to all relevant kernel branches (cve/linux-4.4, cve/linux-4.12, SLE15-SP2, SLE15-SP3).
Comment 3 Jürgen Groß 2021-03-05 12:11:56 UTC 
BTW, the bug title is misleading, as it lists the CVE number of XSA-362.
Comment 4 Gianluca Gabrielli 2021-03-05 12:31:25 UTC 
(In reply to Jürgen Groß from comment #3)
> BTW, the bug title is misleading, as it lists the CVE number of XSA-362.

Thanks for having pointed it out.
Comment 5 Robert Frohl 2021-03-08 09:18:15 UTC 
(In reply to Jürgen Groß from comment #3)
> BTW, the bug title is misleading, as it lists the CVE number of XSA-362.

@Jürgen: did you already use one of the bugs in the changes file? Which one would you like to use going forward?

This one or bsc#1183069? 

For the other bugs it seemed clear to me, but here I am not sure if something would cause more work
Comment 7 Jürgen Groß 2021-03-08 09:26:04 UTC 
I have used this bug as reference in my patch.
Comment 8 Robert Frohl 2021-03-08 09:40:51 UTC 
*** Bug 1183069 has been marked as a duplicate of this bug. ***
Comment 10 Swamp Workflow Management 2021-03-09 21:01:29 UTC 
SUSE-SU-2021:0735-1: An update that solves 9 vulnerabilities and has 112 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1078720,1081134,1084610,1132477,1151927,1152472,1152489,1154353,1155518,1156395,1163776,1169514,1170442,1176248,1176855,1177109,1177326,1177440,1177529,1178142,1179082,1179137,1179243,1179428,1179660,1179929,1180058,1180846,1180989,1181133,1181259,1181574,1181637,1181655,1181671,1181674,1181710,1181720,1181735,1181736,1181738,1181747,1181753,1181818,1181843,1181854,1181896,1181958,1181960,1181985,1182047,1182118,1182128,1182140,1182171,1182175,1182259,1182265,1182266,1182267,1182268,1182271,1182272,1182273,1182275,1182276,1182278,1182283,1182374,1182380,1182381,1182406,1182430,1182439,1182441,1182442,1182443,1182444,1182445,1182446,1182447,1182449,1182454,1182455,1182456,1182457,1182458,1182459,1182460,1182461,1182462,1182463,1182464,1182465,1182466,1182485,1182489,1182490,1182547,1182558,1182560,1182561,1182571,1182599,1182602,1182626,1182650,1182672,1182676,1182683,1182684,1182686,1182770,1182798,1182800,1182801,1182854,1182856,1183022
CVE References: CVE-2020-12362,CVE-2020-12363,CVE-2020-12364,CVE-2020-12373,CVE-2020-29368,CVE-2020-29374,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-28.1, kernel-rt_debug-5.3.18-28.1, kernel-source-rt-5.3.18-28.1, kernel-syms-rt-5.3.18-28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 OBSbugzilla Bot 2021-04-07 04:51:12 UTC 
This is an autogenerated message for OBS integration:
This bug (1183022) was mentioned in
https://build.opensuse.org/request/show/883472 15.2 / kernel-source
Comment 20 Swamp Workflow Management 2021-04-10 10:20:14 UTC 
openSUSE-SU-2021:0532-1: An update that solves 21 vulnerabilities and has 74 fixes is now available.

Category: security (important)
Bug References: 1152472,1152489,1153274,1154353,1155518,1156256,1159280,1160634,1167773,1168777,1169514,1169709,1171295,1173485,1177326,1178163,1178330,1179454,1180197,1180980,1181383,1181674,1181862,1182011,1182077,1182485,1182552,1182574,1182591,1182595,1182715,1182716,1182717,1182770,1182989,1183015,1183018,1183022,1183023,1183048,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183366,1183369,1183386,1183412,1183416,1183427,1183428,1183445,1183447,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183662,1183686,1183692,1183696,1183750,1183757,1183775,1183843,1183859,1183871,1184167,1184168,1184170,1184176,1184192,1184193,1184196,1184198,1184217,1184218,1184219,1184220,1184224
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-35519,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-3428,CVE-2021-3444
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.69.1, kernel-default-5.3.18-lp152.69.1, kernel-default-base-5.3.18-lp152.69.1.lp152.8.28.1, kernel-docs-5.3.18-lp152.69.1, kernel-kvmsmall-5.3.18-lp152.69.1, kernel-obs-build-5.3.18-lp152.69.1, kernel-obs-qa-5.3.18-lp152.69.1, kernel-preempt-5.3.18-lp152.69.1, kernel-source-5.3.18-lp152.69.1, kernel-syms-5.3.18-lp152.69.1
Comment 23 Swamp Workflow Management 2021-04-13 19:21:34 UTC 
SUSE-SU-2021:1177-1: An update that solves 21 vulnerabilities and has 74 fixes is now available.

Category: security (important)
Bug References: 1152472,1152489,1153274,1154353,1155518,1156256,1159280,1160634,1167773,1168777,1169514,1169709,1171295,1173485,1177326,1178163,1178330,1179454,1180197,1180980,1181383,1181674,1181862,1182011,1182077,1182485,1182552,1182574,1182591,1182595,1182715,1182716,1182717,1182770,1182989,1183015,1183018,1183022,1183023,1183048,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183366,1183369,1183386,1183412,1183416,1183427,1183428,1183445,1183447,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183662,1183686,1183692,1183696,1183750,1183757,1183775,1183843,1183859,1183871,1184167,1184168,1184170,1184176,1184192,1184193,1184196,1184198,1184217,1184218,1184219,1184220,1184224
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-35519,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-3428,CVE-2021-3444
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.41.1, kernel-source-azure-5.3.18-18.41.1, kernel-syms-azure-5.3.18-18.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2021-04-13 19:31:35 UTC 
SUSE-SU-2021:1175-1: An update that solves 24 vulnerabilities and has 51 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1178163,1179243,1179428,1179454,1179660,1179755,1180846,1181507,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183416,1183509,1183593,1183646,1183662,1183686,1183692,1183696,1183775,1183861,1183871,1184114,1184167,1184168,1184170,1184192,1184193,1184196,1184198
CVE References: CVE-2020-0433,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-3428,CVE-2021-3444
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.50.1, kernel-source-azure-4.12.14-16.50.1, kernel-syms-azure-4.12.14-16.50.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2021-04-13 19:40:17 UTC 
SUSE-SU-2021:1176-1: An update that solves 25 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1177411,1178163,1179243,1179428,1179454,1179660,1179755,1180846,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183416,1183509,1183593,1183646,1183686,1183692,1183696,1183775,1183861,1183871,1184114,1184167,1184168,1184170,1184192,1184193,1184196,1184198
CVE References: CVE-2020-0433,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-3428,CVE-2021-3444
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.37.1, kernel-rt_debug-4.12.14-10.37.1, kernel-source-rt-4.12.14-10.37.1, kernel-syms-rt-4.12.14-10.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2021-04-15 16:36:57 UTC 
SUSE-SU-2021:1210-1: An update that solves 33 vulnerabilities and has 53 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1103990,1103991,1103992,1104270,1104353,1109837,1111981,1112374,1113295,1113994,1118657,1118661,1119113,1126390,1129770,1132477,1142635,1152446,1154048,1169709,1172455,1173485,1175165,1176720,1176855,1178163,1178181,1179243,1179428,1179454,1179660,1179755,1180846,1181507,1181515,1181544,1181655,1181674,1181747,1181753,1181843,1182011,1182175,1182485,1182574,1182715,1182716,1182717,1183018,1183022,1183023,1183378,1183379,1183380,1183381,1183382,1183405,1183416,1183509,1183593,1183646,1183662,1183686,1183692,1183696,1183755,1183775,1183861,1183871,1184114,1184120,1184167,1184168,1184170,1184192,1184193,1184196,1184198,1184391,1184393,1184397,1184494,1184511,1184583
CVE References: CVE-2020-0433,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-29368,CVE-2020-29374,CVE-2020-35519,CVE-2020-36311,CVE-2021-20219,CVE-2021-26930,CVE-2021-26931,CVE-2021-26932,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.66.2
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.66.2, kernel-obs-build-4.12.14-122.66.2
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.66.2, kernel-source-4.12.14-122.66.2, kernel-syms-4.12.14-122.66.2
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.66.2, kgraft-patch-SLE12-SP5_Update_17-1-8.3.2
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.66.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2021-04-15 19:36:22 UTC 
SUSE-SU-2021:1211-1: An update that solves 32 vulnerabilities and has 85 fixes is now available.

Category: security (important)
Bug References: 1047233,1065729,1113295,1152472,1152489,1153274,1154353,1155518,1156256,1156395,1159280,1160634,1167773,1168777,1169514,1169709,1171295,1173485,1177326,1178163,1178181,1178330,1179454,1180197,1180980,1181383,1181507,1181674,1181862,1182011,1182077,1182485,1182552,1182574,1182591,1182595,1182712,1182713,1182715,1182716,1182717,1182770,1182989,1183015,1183018,1183022,1183023,1183048,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183366,1183369,1183386,1183405,1183412,1183416,1183427,1183428,1183445,1183447,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183662,1183686,1183692,1183696,1183750,1183757,1183775,1183843,1183859,1183871,1184074,1184120,1184167,1184168,1184170,1184176,1184192,1184193,1184194,1184196,1184198,1184211,1184217,1184218,1184219,1184220,1184224,1184388,1184391,1184393,1184509,1184511,1184512,1184514,1184583,1184647
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-33.1, kernel-rt_debug-5.3.18-33.1, kernel-source-rt-5.3.18-33.1, kernel-syms-rt-5.3.18-33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2021-04-16 13:24:27 UTC 
SUSE-SU-2021:1238-1: An update that solves 33 vulnerabilities and has 86 fixes is now available.

Category: security (important)
Bug References: 1047233,1065729,1113295,1152472,1152489,1153274,1154353,1155518,1156256,1156395,1159280,1160634,1167574,1167773,1168777,1169514,1169709,1171295,1173485,1175995,1177326,1178163,1178181,1178330,1179454,1180197,1180980,1181383,1181507,1181674,1181862,1182011,1182077,1182485,1182552,1182574,1182591,1182595,1182715,1182716,1182717,1182770,1182989,1183015,1183018,1183022,1183023,1183048,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183366,1183369,1183386,1183405,1183412,1183416,1183427,1183428,1183445,1183447,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183662,1183686,1183692,1183696,1183750,1183757,1183775,1183843,1183859,1183871,1184074,1184120,1184167,1184168,1184170,1184176,1184192,1184193,1184194,1184196,1184198,1184211,1184217,1184218,1184219,1184220,1184224,1184388,1184391,1184393,1184485,1184509,1184511,1184512,1184514,1184583,1184585,1184647
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2020-36322,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.61.1, kernel-default-base-5.3.18-24.61.1.9.26.4
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.61.1, kernel-preempt-5.3.18-24.61.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.61.1, kernel-livepatch-SLE15-SP2_Update_12-1-5.3.4
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.61.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.61.1, kernel-obs-build-5.3.18-24.61.1, kernel-preempt-5.3.18-24.61.1, kernel-source-5.3.18-24.61.1, kernel-syms-5.3.18-24.61.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.61.1, kernel-default-base-5.3.18-24.61.1.9.26.4, kernel-preempt-5.3.18-24.61.1, kernel-source-5.3.18-24.61.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.61.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 42 Swamp Workflow Management 2021-05-12 13:39:33 UTC 
SUSE-SU-2021:1573-1: An update that solves 35 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 1047233,1173485,1176720,1177411,1178181,1179454,1181032,1182672,1182715,1182716,1182717,1183022,1183063,1183069,1183509,1183593,1183646,1183686,1183696,1183775,1184120,1184167,1184168,1184170,1184192,1184193,1184194,1184196,1184198,1184208,1184211,1184388,1184391,1184393,1184397,1184509,1184511,1184512,1184514,1184583,1184650,1184942,1185113,1185244,1185248
CVE References: CVE-2020-0433,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2020-36322,CVE-2021-20219,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29155,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-29650,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.72.1, kernel-docs-4.12.14-150.72.2, kernel-obs-build-4.12.14-150.72.1, kernel-source-4.12.14-150.72.1, kernel-syms-4.12.14-150.72.1, kernel-vanilla-4.12.14-150.72.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.72.1, kernel-docs-4.12.14-150.72.2, kernel-obs-build-4.12.14-150.72.1, kernel-source-4.12.14-150.72.1, kernel-syms-4.12.14-150.72.1, kernel-vanilla-4.12.14-150.72.1, kernel-zfcpdump-4.12.14-150.72.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.72.1, kernel-livepatch-SLE15_Update_24-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.72.1, kernel-docs-4.12.14-150.72.2, kernel-obs-build-4.12.14-150.72.1, kernel-source-4.12.14-150.72.1, kernel-syms-4.12.14-150.72.1, kernel-vanilla-4.12.14-150.72.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.72.1, kernel-docs-4.12.14-150.72.2, kernel-obs-build-4.12.14-150.72.1, kernel-source-4.12.14-150.72.1, kernel-syms-4.12.14-150.72.1, kernel-vanilla-4.12.14-150.72.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.72.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Swamp Workflow Management 2021-05-13 16:26:14 UTC 
SUSE-SU-2021:1596-1: An update that solves 35 vulnerabilities and has 23 fixes is now available.

Category: security (important)
Bug References: 1040855,1044767,1047233,1065729,1094840,1152457,1171078,1173485,1175873,1176700,1176720,1176855,1177411,1177753,1178181,1179454,1181032,1181960,1182194,1182672,1182715,1182716,1182717,1183022,1183063,1183069,1183509,1183593,1183646,1183686,1183696,1183738,1183775,1184120,1184167,1184168,1184170,1184192,1184193,1184194,1184196,1184198,1184208,1184211,1184388,1184391,1184393,1184397,1184509,1184511,1184512,1184514,1184583,1184650,1184942,1185113,1185244,1185248
CVE References: CVE-2020-0433,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2020-36322,CVE-2021-20219,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29155,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-29650,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.74.1, kernel-source-4.12.14-95.74.1, kernel-syms-4.12.14-95.74.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.74.1, kernel-source-4.12.14-95.74.1, kernel-syms-4.12.14-95.74.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.74.1, kernel-source-4.12.14-95.74.1, kernel-syms-4.12.14-95.74.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.74.1, kernel-source-4.12.14-95.74.1, kernel-syms-4.12.14-95.74.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.74.1, kgraft-patch-SLE12-SP4_Update_20-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.74.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 44 Swamp Workflow Management 2021-05-17 13:16:31 UTC 
SUSE-SU-2021:1617-1: An update that solves 22 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1165629,1173485,1176720,1178181,1182715,1182716,1182717,1183022,1183069,1183593,1184120,1184167,1184168,1184194,1184198,1184208,1184211,1184391,1184393,1184397,1184509,1184611,1184952,1185555,1185556,1185557
CVE References: CVE-2020-0433,CVE-2020-1749,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-36312,CVE-2020-36322,CVE-2021-20219,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28950,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29650,CVE-2021-30002,CVE-2021-3483
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-LTSS-SAP (src):    kernel-default-4.4.121-92.155.1, kernel-source-4.4.121-92.155.1, kernel-syms-4.4.121-92.155.1
SUSE Linux Enterprise Server 12-SP2-LTSS-ERICSSON (src):    kernel-default-4.4.121-92.155.1, kernel-source-4.4.121-92.155.1, kernel-syms-4.4.121-92.155.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.155.1, kernel-source-4.4.121-92.155.1, kernel-syms-4.4.121-92.155.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Swamp Workflow Management 2021-05-18 13:18:02 UTC 
SUSE-SU-2021:1623-1: An update that solves 23 vulnerabilities and has 20 fixes is now available.

Category: security (important)
Bug References: 1120163,1152974,1152975,1155179,1155184,1155186,1159483,1165629,1165823,1172247,1173485,1176720,1177411,1177855,1177856,1178181,1178634,1179575,1182047,1182261,1182715,1182716,1182717,1183022,1183069,1183593,1184120,1184167,1184168,1184194,1184198,1184208,1184211,1184391,1184393,1184397,1184509,1184583,1184611,1185248,1185555,1185556,1185557
CVE References: CVE-2020-0433,CVE-2020-1749,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27673,CVE-2020-36312,CVE-2020-36322,CVE-2021-20219,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28950,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29650,CVE-2021-30002,CVE-2021-3483
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.144.1, kernel-source-4.4.180-94.144.1, kernel-syms-4.4.180-94.144.1, kgraft-patch-SLE12-SP3_Update_39-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.144.1, kernel-source-4.4.180-94.144.1, kernel-syms-4.4.180-94.144.1, kgraft-patch-SLE12-SP3_Update_39-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.144.1, kernel-source-4.4.180-94.144.1, kernel-syms-4.4.180-94.144.1, kgraft-patch-SLE12-SP3_Update_39-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.144.1, kernel-source-4.4.180-94.144.1, kernel-syms-4.4.180-94.144.1, kgraft-patch-SLE12-SP3_Update_39-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.144.1, kernel-source-4.4.180-94.144.1, kernel-syms-4.4.180-94.144.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.144.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.144.1, kernel-source-4.4.180-94.144.1, kernel-syms-4.4.180-94.144.1, kgraft-patch-SLE12-SP3_Update_39-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 47 Swamp Workflow Management 2021-05-18 16:17:25 UTC 
SUSE-SU-2021:1624-1: An update that solves 35 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1047233,1172455,1173485,1176720,1177411,1178181,1179454,1180197,1181960,1182011,1182672,1182715,1182716,1182717,1183022,1183063,1183069,1183509,1183593,1183646,1183686,1183696,1183775,1184120,1184167,1184168,1184170,1184192,1184193,1184194,1184196,1184198,1184208,1184211,1184388,1184391,1184393,1184397,1184509,1184511,1184512,1184514,1184583,1184650,1184942,1185113,1185244
CVE References: CVE-2020-0433,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2020-36322,CVE-2021-20219,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29155,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-29650,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2, kernel-zfcpdump-4.12.14-197.89.2
SUSE Manager Retail Branch Server 4.0 (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2
SUSE Manager Proxy 4.0 (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2, kernel-zfcpdump-4.12.14-197.89.2
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.89.2, kernel-livepatch-SLE15-SP1_Update_24-1-3.3.2
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.89.2
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.89.2, kernel-docs-4.12.14-197.89.3, kernel-obs-build-4.12.14-197.89.2, kernel-source-4.12.14-197.89.2, kernel-syms-4.12.14-197.89.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Swamp Workflow Management 2021-05-18 16:25:06 UTC 
SUSE-SU-2021:1625-1: An update that solves 32 vulnerabilities and has 85 fixes is now available.

Category: security (important)
Bug References: 1047233,1065729,1113295,1152472,1152489,1153274,1154353,1155518,1156256,1156395,1159280,1160634,1167773,1168777,1169514,1169709,1171295,1173485,1177326,1178163,1178181,1178330,1179454,1180197,1180980,1181383,1181507,1181674,1181862,1182011,1182077,1182485,1182552,1182574,1182591,1182595,1182712,1182713,1182715,1182716,1182717,1182770,1182989,1183015,1183018,1183022,1183023,1183048,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183366,1183369,1183386,1183405,1183412,1183416,1183427,1183428,1183445,1183447,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183662,1183686,1183692,1183696,1183750,1183757,1183775,1183843,1183859,1183871,1184074,1184120,1184167,1184168,1184170,1184176,1184192,1184193,1184194,1184196,1184198,1184211,1184217,1184218,1184219,1184220,1184224,1184388,1184391,1184393,1184509,1184511,1184512,1184514,1184583,1184647
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-rt-5.3.18-8.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 49 Swamp Workflow Management 2021-05-22 10:26:27 UTC 
openSUSE-SU-2021:0758-1: An update that solves 32 vulnerabilities and has 85 fixes is now available.

Category: security (important)
Bug References: 1047233,1065729,1113295,1152472,1152489,1153274,1154353,1155518,1156256,1156395,1159280,1160634,1167773,1168777,1169514,1169709,1171295,1173485,1177326,1178163,1178181,1178330,1179454,1180197,1180980,1181383,1181507,1181674,1181862,1182011,1182077,1182485,1182552,1182574,1182591,1182595,1182712,1182713,1182715,1182716,1182717,1182770,1182989,1183015,1183018,1183022,1183023,1183048,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183366,1183369,1183386,1183405,1183412,1183416,1183427,1183428,1183445,1183447,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183662,1183686,1183692,1183696,1183750,1183757,1183775,1183843,1183859,1183871,1184074,1184120,1184167,1184168,1184170,1184176,1184192,1184193,1184194,1184196,1184198,1184211,1184217,1184218,1184219,1184220,1184224,1184388,1184391,1184393,1184509,1184511,1184512,1184514,1184583,1184647
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-27170,CVE-2020-27171,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-30002,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-rt-5.3.18-lp152.3.8.1, kernel-rt_debug-5.3.18-lp152.3.8.1, kernel-source-rt-5.3.18-lp152.3.8.1, kernel-syms-rt-5.3.18-lp152.3.8.1
Comment 55 Swamp Workflow Management 2021-06-15 16:29:01 UTC 
SUSE-SU-2021:1975-1: An update that solves 52 vulnerabilities and has 250 fixes is now available.

Category: security (important)
Bug References: 1043990,1047233,1055117,1065729,1087082,1113295,1133021,1152457,1152472,1152489,1153274,1154353,1155518,1156256,1156395,1159280,1160634,1164648,1167260,1167574,1167773,1168777,1168838,1169709,1171295,1173485,1174416,1174426,1175995,1176447,1176774,1177028,1177326,1177411,1177437,1177666,1178089,1178134,1178163,1178181,1178330,1178378,1178418,1178612,1179243,1179454,1179458,1179519,1179825,1179827,1179851,1180100,1180197,1180814,1180846,1180980,1181104,1181161,1181383,1181507,1181674,1181862,1182077,1182257,1182377,1182378,1182552,1182574,1182591,1182613,1182712,1182713,1182715,1182716,1182717,1182999,1183022,1183048,1183069,1183077,1183095,1183120,1183203,1183249,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183289,1183310,1183311,1183312,1183313,1183314,1183315,1183316,1183317,1183318,1183319,1183320,1183321,1183322,1183323,1183324,1183325,1183326,1183346,1183366,1183369,1183386,1183405,1183412,1183427,1183428,1183445,1183447,1183491,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183658,1183662,1183686,1183692,1183696,1183750,1183757,1183775,1183815,1183843,1183859,1183868,1183871,1183873,1183932,1183947,1183976,1184074,1184081,1184082,1184120,1184167,1184168,1184170,1184171,1184176,1184192,1184193,1184194,1184196,1184197,1184198,1184199,1184208,1184209,1184211,1184217,1184218,1184219,1184220,1184224,1184259,1184264,1184386,1184388,1184391,1184393,1184436,1184485,1184509,1184511,1184512,1184514,1184583,1184585,1184611,1184615,1184650,1184710,1184724,1184728,1184730,1184731,1184736,1184737,1184738,1184740,1184741,1184742,1184760,1184769,1184811,1184855,1184893,1184934,1184942,1184943,1184952,1184953,1184955,1184957,1184969,1184984,1185010,1185041,1185110,1185113,1185233,1185269,1185365,1185428,1185454,1185472,1185491,1185495,1185497,1185549,1185550,1185558,1185573,1185581,1185586,1185587,1185589,1185606,1185640,1185641,1185642,1185645,1185670,1185677,1185680,1185703,1185725,1185736,1185758,1185796,1185840,1185857,1185859,1185860,1185861,1185862,1185863,1185898,1185899,1185911,1185938,1185950,1185954,1185980,1185982,1185987,1185988,1186009,1186060,1186061,1186062,1186111,1186118,1186219,1186285,1186320,1186349,1186352,1186353,1186354,1186355,1186356,1186357,1186390,1186401,1186408,1186416,1186439,1186441,1186451,1186460,1186467,1186479,1186484,1186498,1186501,1186512,1186573,1186681
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2020-36322,CVE-2021-20268,CVE-2021-23134,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28952,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29155,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-29650,CVE-2021-30002,CVE-2021-32399,CVE-2021-33034,CVE-2021-33200,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483,CVE-2021-3489,CVE-2021-3490,CVE-2021-3491
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.3.1, kernel-source-azure-5.3.18-38.3.1, kernel-syms-azure-5.3.18-38.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 56 Swamp Workflow Management 2021-06-15 17:12:06 UTC 
SUSE-SU-2021:1977-1: An update that solves 52 vulnerabilities and has 187 fixes is now available.

Category: security (important)
Bug References: 1055117,1065729,1087082,1113295,1133021,1152457,1152472,1152489,1153274,1154353,1155518,1156395,1160634,1164648,1167260,1167574,1167773,1168777,1168838,1169709,1171295,1173485,1174416,1174426,1175995,1176447,1176774,1177028,1177326,1177666,1178089,1178134,1178163,1178330,1178378,1178418,1179243,1179519,1179825,1179827,1179851,1180197,1180814,1180846,1181104,1181383,1181507,1181674,1181862,1182077,1182257,1182377,1182552,1182574,1182613,1182712,1182715,1182717,1182999,1183022,1183069,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183289,1183310,1183311,1183312,1183313,1183314,1183315,1183316,1183317,1183318,1183319,1183320,1183321,1183322,1183323,1183324,1183326,1183346,1183366,1183369,1183386,1183405,1183412,1183427,1183428,1183445,1183447,1183491,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183658,1183662,1183686,1183692,1183750,1183757,1183775,1183815,1183868,1183871,1183873,1183947,1183976,1184074,1184081,1184082,1184120,1184167,1184168,1184170,1184171,1184192,1184193,1184194,1184196,1184197,1184198,1184199,1184208,1184209,1184211,1184217,1184218,1184219,1184220,1184224,1184264,1184386,1184388,1184391,1184393,1184436,1184485,1184514,1184585,1184611,1184615,1184650,1184710,1184724,1184728,1184730,1184731,1184736,1184737,1184738,1184740,1184741,1184742,1184769,1184811,1184855,1184934,1184942,1184943,1184955,1184969,1184984,1185010,1185113,1185233,1185269,1185428,1185491,1185495,1185549,1185550,1185558,1185573,1185581,1185586,1185587,1185606,1185640,1185641,1185642,1185645,1185670,1185680,1185703,1185725,1185736,1185758,1185796,1185840,1185857,1185898,1185899,1185911,1185938,1185950,1185980,1185988,1186009,1186061,1186111,1186118,1186219,1186285,1186320,1186349,1186352,1186353,1186354,1186355,1186356,1186357,1186401,1186408,1186439,1186441,1186479,1186484,1186498,1186501,1186512,1186681
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2020-36322,CVE-2021-20268,CVE-2021-23134,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28952,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29155,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-29650,CVE-2021-30002,CVE-2021-32399,CVE-2021-33034,CVE-2021-33200,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483,CVE-2021-3489,CVE-2021-3490,CVE-2021-3491
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.5.2, kernel-preempt-5.3.18-59.5.2
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.5.2, kernel-livepatch-SLE15-SP3_Update_1-1-7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.5.2
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.5.2, kernel-obs-build-5.3.18-59.5.1, kernel-preempt-5.3.18-59.5.2, kernel-source-5.3.18-59.5.2, kernel-syms-5.3.18-59.5.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.5.2, kernel-default-5.3.18-59.5.2, kernel-default-base-5.3.18-59.5.2.18.2.2, kernel-preempt-5.3.18-59.5.2, kernel-source-5.3.18-59.5.2, kernel-zfcpdump-5.3.18-59.5.2
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.5.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 58 Swamp Workflow Management 2021-07-11 16:33:02 UTC 
openSUSE-SU-2021:1975-1: An update that solves 52 vulnerabilities and has 250 fixes is now available.

Category: security (important)
Bug References: 1043990,1047233,1055117,1065729,1087082,1113295,1133021,1152457,1152472,1152489,1153274,1154353,1155518,1156256,1156395,1159280,1160634,1164648,1167260,1167574,1167773,1168777,1168838,1169709,1171295,1173485,1174416,1174426,1175995,1176447,1176774,1177028,1177326,1177411,1177437,1177666,1178089,1178134,1178163,1178181,1178330,1178378,1178418,1178612,1179243,1179454,1179458,1179519,1179825,1179827,1179851,1180100,1180197,1180814,1180846,1180980,1181104,1181161,1181383,1181507,1181674,1181862,1182077,1182257,1182377,1182378,1182552,1182574,1182591,1182613,1182712,1182713,1182715,1182716,1182717,1182999,1183022,1183048,1183069,1183077,1183095,1183120,1183203,1183249,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183289,1183310,1183311,1183312,1183313,1183314,1183315,1183316,1183317,1183318,1183319,1183320,1183321,1183322,1183323,1183324,1183325,1183326,1183346,1183366,1183369,1183386,1183405,1183412,1183427,1183428,1183445,1183447,1183491,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183658,1183662,1183686,1183692,1183696,1183750,1183757,1183775,1183815,1183843,1183859,1183868,1183871,1183873,1183932,1183947,1183976,1184074,1184081,1184082,1184120,1184167,1184168,1184170,1184171,1184176,1184192,1184193,1184194,1184196,1184197,1184198,1184199,1184208,1184209,1184211,1184217,1184218,1184219,1184220,1184224,1184259,1184264,1184386,1184388,1184391,1184393,1184436,1184485,1184509,1184511,1184512,1184514,1184583,1184585,1184611,1184615,1184650,1184710,1184724,1184728,1184730,1184731,1184736,1184737,1184738,1184740,1184741,1184742,1184760,1184769,1184811,1184855,1184893,1184934,1184942,1184943,1184952,1184953,1184955,1184957,1184969,1184984,1185010,1185041,1185110,1185113,1185233,1185269,1185365,1185428,1185454,1185472,1185491,1185495,1185497,1185549,1185550,1185558,1185573,1185581,1185586,1185587,1185589,1185606,1185640,1185641,1185642,1185645,1185670,1185677,1185680,1185703,1185725,1185736,1185758,1185796,1185840,1185857,1185859,1185860,1185861,1185862,1185863,1185898,1185899,1185911,1185938,1185950,1185954,1185980,1185982,1185987,1185988,1186009,1186060,1186061,1186062,1186111,1186118,1186219,1186285,1186320,1186349,1186352,1186353,1186354,1186355,1186356,1186357,1186390,1186401,1186408,1186416,1186439,1186441,1186451,1186460,1186467,1186479,1186484,1186498,1186501,1186512,1186573,1186681
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2020-36322,CVE-2021-20268,CVE-2021-23134,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28952,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29155,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-29650,CVE-2021-30002,CVE-2021-32399,CVE-2021-33034,CVE-2021-33200,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483,CVE-2021-3489,CVE-2021-3490,CVE-2021-3491
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.3.1, kernel-source-azure-5.3.18-38.3.1, kernel-syms-azure-5.3.18-38.3.1
Comment 59 Swamp Workflow Management 2021-07-11 17:18:04 UTC 
openSUSE-SU-2021:1977-1: An update that solves 52 vulnerabilities and has 187 fixes is now available.

Category: security (important)
Bug References: 1055117,1065729,1087082,1113295,1133021,1152457,1152472,1152489,1153274,1154353,1155518,1156395,1160634,1164648,1167260,1167574,1167773,1168777,1168838,1169709,1171295,1173485,1174416,1174426,1175995,1176447,1176774,1177028,1177326,1177666,1178089,1178134,1178163,1178330,1178378,1178418,1179243,1179519,1179825,1179827,1179851,1180197,1180814,1180846,1181104,1181383,1181507,1181674,1181862,1182077,1182257,1182377,1182552,1182574,1182613,1182712,1182715,1182717,1182999,1183022,1183069,1183252,1183277,1183278,1183279,1183280,1183281,1183282,1183283,1183284,1183285,1183286,1183287,1183288,1183289,1183310,1183311,1183312,1183313,1183314,1183315,1183316,1183317,1183318,1183319,1183320,1183321,1183322,1183323,1183324,1183326,1183346,1183366,1183369,1183386,1183405,1183412,1183427,1183428,1183445,1183447,1183491,1183501,1183509,1183530,1183534,1183540,1183593,1183596,1183598,1183637,1183646,1183658,1183662,1183686,1183692,1183750,1183757,1183775,1183815,1183868,1183871,1183873,1183947,1183976,1184074,1184081,1184082,1184120,1184167,1184168,1184170,1184171,1184192,1184193,1184194,1184196,1184197,1184198,1184199,1184208,1184209,1184211,1184217,1184218,1184219,1184220,1184224,1184264,1184386,1184388,1184391,1184393,1184436,1184485,1184514,1184585,1184611,1184615,1184650,1184710,1184724,1184728,1184730,1184731,1184736,1184737,1184738,1184740,1184741,1184742,1184769,1184811,1184855,1184934,1184942,1184943,1184955,1184969,1184984,1185010,1185113,1185233,1185269,1185428,1185491,1185495,1185549,1185550,1185558,1185573,1185581,1185586,1185587,1185606,1185640,1185641,1185642,1185645,1185670,1185680,1185703,1185725,1185736,1185758,1185796,1185840,1185857,1185898,1185899,1185911,1185938,1185950,1185980,1185988,1186009,1186061,1186111,1186118,1186219,1186285,1186320,1186349,1186352,1186353,1186354,1186355,1186356,1186357,1186401,1186408,1186439,1186441,1186479,1186484,1186498,1186501,1186512,1186681
CVE References: CVE-2019-18814,CVE-2019-19769,CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-25670,CVE-2020-25671,CVE-2020-25672,CVE-2020-25673,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-27170,CVE-2020-27171,CVE-2020-27673,CVE-2020-27815,CVE-2020-35519,CVE-2020-36310,CVE-2020-36311,CVE-2020-36312,CVE-2020-36322,CVE-2021-20268,CVE-2021-23134,CVE-2021-27363,CVE-2021-27364,CVE-2021-27365,CVE-2021-28038,CVE-2021-28375,CVE-2021-28660,CVE-2021-28688,CVE-2021-28950,CVE-2021-28952,CVE-2021-28964,CVE-2021-28971,CVE-2021-28972,CVE-2021-29154,CVE-2021-29155,CVE-2021-29264,CVE-2021-29265,CVE-2021-29647,CVE-2021-29650,CVE-2021-30002,CVE-2021-32399,CVE-2021-33034,CVE-2021-33200,CVE-2021-3428,CVE-2021-3444,CVE-2021-3483,CVE-2021-3489,CVE-2021-3490,CVE-2021-3491
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-64kb-5.3.18-59.5.2, kernel-debug-5.3.18-59.5.2, kernel-default-5.3.18-59.5.2, kernel-default-base-5.3.18-59.5.2.18.2.2, kernel-docs-5.3.18-59.5.2, kernel-kvmsmall-5.3.18-59.5.2, kernel-obs-build-5.3.18-59.5.1, kernel-obs-qa-5.3.18-59.5.1, kernel-preempt-5.3.18-59.5.2, kernel-source-5.3.18-59.5.2, kernel-syms-5.3.18-59.5.1, kernel-zfcpdump-5.3.18-59.5.2