Bug 1120386 (CVE-2019-3701) - VUL-0: CVE-2019-3701: kernel: crash in CAN driver
Summary: VUL-0: CVE-2019-3701: kernel: crash in CAN driver
Status: RESOLVED FIXED
Alias: CVE-2019-3701
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: CVSSv3.1:SUSE:CVE-2019-3701:6.7:(AV:L...
Keywords:
Depends on:
Blocks:
 
Reported: 2018-12-28 15:59 UTC by Marcus Meissner
Modified: 2020-07-03 07:57 UTC (History)
6 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
linux_net_can_vuln_poc.c (10.68 KB, text/x-csrc)
2018-12-28 16:00 UTC, Marcus Meissner
Details
tentative fix (1.53 KB, patch)
2019-01-03 10:30 UTC, Michal Kubeček
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-12-28 15:59:17 UTC
via security@suse.de report

Usage:
1.compile linux-4.20 kernel source code with NET_CAN's config=y
        such as:
        CAN_BCM=y
        CAN_DEV=y
        CAN_GW=y
        CAN_RAW=y
        CAN_VCAN=y
        CAN_VXCAN=y
        ...

2.Compile test.c with command below

        gcc -c test.c -o can_vuln -static

3.Exec the file in linux-4.20(qemu,ubuntu...)

        (qemu/ubuntu):~$./can_vuln 193 0

4.You will see crash-dump below:
        [  217.614148] general protection fault: 0000 [#1] SMP NOPTI
        [  217.615210] CPU: 0 PID: 2807 Comm: can Not tainted 4.20.0 #2
        [  217.615333] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS Ubuntu-1.8.2-1ubuntu1 04/01/2014
        [  217.616042] RIP: 0010:skb_release_data+0x8f/0x130
        [  217.616310] Code: 8b 47 08 48 8d 50 ff a8 01 48 0f 45 fa 3e ff 4f 34 74 6f 41 0f b6 44 24 02 83 c3 01 39 d8 7f d0 49 8b 7c 24 08 48 85 ff 74 10 <48> 8b 1f e8 09 f6 ff ff 48 85 db 48 89 df 75 f0 48 85 ed 74 37 8b
        [  217.616949] RSP: 0018:ffff88803ea03db8 EFLAGS: 00000206
        [  217.617275] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff88803e43c000
        [  217.617538] RDX: ffff88803d02cc08 RSI: 0000000000000001 RDI: 3700000000000000
        [  217.617766] RBP: ffff88803d7e9800 R08: 00000000000000bf R09: 0000000000000000
        [  217.618079] R10: 0000000000000000 R11: 00000000000000aa R12: ffff88803d02ccc0
        [  217.618314] R13: ffff88803d7e9800 R14: ffff88803d25a030 R15: 0000000000000001
        [  217.618598] FS:  0000000001208880(0000) GS:ffff88803ea00000(0000) knlGS:0000000000000000
        [  217.618896] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
        [  217.619144] CR2: ffffffffff600400 CR3: 000000003d038000 CR4: 00000000000006f0
        [  217.619470] Call Trace:
        [  217.619999]  <IRQ>
        [  217.620268]  ? can_send+0x42/0x1e0
        [  217.620367]  kfree_skb+0x29/0x90
...
*
This vul exist in net/can/gw.c:210 cgw_csum_xor_rel()  
`cf->data[res] = val;`

Because res > 8 ,ther Cross-border writing
`int res = calc_idx(xor->result_idx, cf->can_dlc);`

This value will affect data in kfree_skb_list(struct sk_buff *segs)

If res's value equal 184~191 ,in function skb_release_data ,it will change the value of (struct skb_shared_info *shinfo)->frag_list,
and finally crash in function kfree_skb_list
*
***
Comment 1 Marcus Meissner 2018-12-28 16:00:39 UTC
Created attachment 793437 [details]
linux_net_can_vuln_poc.c

QA REPRODUCER:

        gcc -c test.c -o can_vuln -static

./can_vuln 193 0
Comment 2 Marcus Meissner 2019-01-02 09:00:45 UTC
I emailed security@kernel.org and the 2 nam,ed CAN maintainers.

1 reply from security@ team so far, nothing more.
Comment 3 Takashi Iwai 2019-01-02 09:38:34 UTC
Judging only from the description (no test done), the workaround should be trivial like the patch below...
Comment 4 Takashi Iwai 2019-01-02 09:39:11 UTC
Created attachment 793486 [details]
Possible fix patch
Comment 5 Michal Kubeček 2019-01-03 09:09:15 UTC
This is tricky. The can code has actually sanity checks for index values (from,
to and res) to be -8 .. 7 (cgw_chk_csum_parms() called from cgw_parse_attr()).
We also check that can_frame::can_dlc <= CAN_MAX_DLEN in incoming packets in
can_rcv() (and canfd_frame::len <= CANFD_MAX_DLEN in canfd_rcv()).

The problem is that we can set up a filter which modifies can_dlc / len and
we do not repeat the sanity check of can_dlc value after that.

As we allow not only setting DLC value but also AND, OR and XOR, it does not
suffice to check the argument of CGW_MOD_{AND,OR,XOR,SET} with CGW_MOD_DLC
but we need to repeat the sanity check on each packet after the DLC value is
modified. The best place seems to be in can_can_gw_rcv() here:

        /* perform preprocessed modification functions if there are any */
        while (modidx < MAX_MODFUNCTIONS && gwj->mod.modfunc[modidx])
                (*gwj->mod.modfunc[modidx++])(cf, &gwj->mod);

        /* check for checksum updates when the CAN frame has been modified */
        if (modidx) {
/* ------------------------- the check comes here ------------------------ */
                if (gwj->mod.csumfunc.crc8)
                        (*gwj->mod.csumfunc.crc8)(cf, &gwj->mod.csum.crc8);

                if (gwj->mod.csumfunc.xor)
                        (*gwj->mod.csumfunc.xor)(cf, &gwj->mod.csum.xor);
        }

I'll need to check how the receive paths differ between "CAN" and "CAN FD"
(or whatever the right terms are).
Comment 6 Michal Kubeček 2019-01-03 09:18:58 UTC
(In reply to Takashi Iwai from comment #3)
> Judging only from the description (no test done), the workaround should be
> trivial like the patch below...

I'm sorry, I overlooked your patch. I would rather prefer the check to be
performed whenever can_frame::can_dlc (or canfd_frame::len) is modified because
there might be other places where can code expects the values to be sane which
the checks in can_rcv() and canfd_rcv() are supposed to guarantee. And I believe
that we should expect both can_frame and canfd_frame to be processed so that
we need to select the correct limit depending on which type we are processing.
Comment 7 Michal Kubeček 2019-01-03 09:36:17 UTC
Thinking about it some more, we do not have to distinguish can/canfd and can
simply check the new dlc/len value against

  skb->len - offsetof(struct can_frame, data)

as that is what we are actually interested in. The checks in can_rcv() and
canfd_rcv() guarantee that skb->len is either sizeof(struct can_frame)
(for can) or sizeof(struct canfd_frame) (for canfd).
Comment 8 Michal Kubeček 2019-01-03 10:30:07 UTC
Created attachment 793544 [details]
tentative fix

This seems to work (patch against mainline, tested on SLE12-SP3). I would prefer
to have a review from someone who understands CAN before pushing this but I'm
not sure how these things work for embargoed bugs.
Comment 9 Michal Kubeček 2019-01-03 11:47:21 UTC
The code was introduced in v3.2-rc1 by commit

  c1aabdf379bc  can-gw: add netlink based CAN routing

and the vulnerability has been there since the start, AFAICS.

An unprivileged user namespace is needed to exploit the bug. Those exist from
SLE12 up but can code checked capable(CAP_NET_ADMIN) until commit

  90f62cf30a78  net: Use netlink_ns_capable to verify the permisions of netlink
                messages

in v3.15-rc5 (not backported).

In other words, branches based on 3.12 and newer are buggy but only branches
based on 4.4 and newer can be exploited by an unprivileged user.
Comment 10 Karol Babioch 2019-01-03 13:53:31 UTC
Final upstream patch: https://marc.info/?l=linux-netdev&m=154651842302479&w=2
Comment 11 Alexandros Toptsoglou 2019-01-03 15:57:17 UTC
CVE-2019-3701
Comment 12 Michal Kubeček 2019-01-04 09:25:08 UTC
As pointed out by Oliver Hartkopp in the upstream discussion, CAN GW code does
in fact use netlink_capable(), not netlink_ns_capable(), so that its netlink
interface requires global CAP_NET_ADMIN rather than netns CAP_NET_ADMIN.

Therefore this is bug is "root only" even on newer kernels.
Comment 15 Michal Kubeček 2020-03-30 20:08:32 UTC
Submitted

  - References tag update to SLE12-SP3-LTSS
  - 4.4.172 patch with updated References tag to cve/linux-4.4
  - References tag update to cve/linux-4.12

The fix is in v5.0-rc3 so that there is nothing to do for branches based on
version 5.3 and newer.

Based on comments 9 and 12, I would rather not disturb branches older than 4.4.

Reassigning to security team.
Comment 18 Swamp Workflow Management 2020-04-17 15:51:05 UTC
This is an autogenerated message for OBS integration:
This bug (1120386) was mentioned in
https://build.opensuse.org/request/show/794946 15.1 / kernel-source
Comment 22 Swamp Workflow Management 2020-04-23 13:16:43 UTC
SUSE-SU-2020:1085-1: An update that solves 11 vulnerabilities and has 91 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.18.1, kernel-rt_debug-4.12.14-8.18.1, kernel-source-rt-4.12.14-8.18.1, kernel-syms-rt-4.12.14-8.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2020-04-23 13:33:14 UTC
openSUSE-SU-2020:0543-1: An update that solves 7 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 1051510,1065600,1065729,1083647,1085030,1109911,1111666,1113956,1114279,1118338,1120386,1137325,1142685,1145051,1145929,1148868,1157424,1158983,1159037,1159198,1159199,1161561,1161951,1162171,1163403,1163897,1164284,1164777,1164780,1164893,1165019,1165182,1165185,1165211,1165823,1165949,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8834
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.48.1, kernel-default-4.12.14-lp151.28.48.1, kernel-docs-4.12.14-lp151.28.48.1, kernel-kvmsmall-4.12.14-lp151.28.48.1, kernel-obs-build-4.12.14-lp151.28.48.1, kernel-obs-qa-4.12.14-lp151.28.48.1, kernel-source-4.12.14-lp151.28.48.1, kernel-syms-4.12.14-lp151.28.48.1, kernel-vanilla-4.12.14-lp151.28.48.1
Comment 24 Swamp Workflow Management 2020-04-23 13:50:08 UTC
SUSE-SU-2020:1084-1: An update that solves 11 vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1141895,1142685,1144333,1145051,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159142,1159198,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163508,1163762,1164078,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166982,1167005,1167216,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168273,1168276,1168295,1168367,1168424,1168443,1168552,1168829,1168854,1169013,1169307,1169308
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.8.1, kernel-rt_debug-4.12.14-10.8.1, kernel-source-rt-4.12.14-10.8.1, kernel-syms-rt-4.12.14-10.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2020-04-23 19:17:03 UTC
SUSE-SU-2020:1087-1: An update that solves 12 vulnerabilities and has 139 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1051858,1056686,1060463,1065600,1065729,1071995,1083647,1085030,1103990,1103992,1104353,1104745,1109837,1109911,1111666,1111974,1112178,1112374,1113956,1114279,1114685,1118338,1119680,1120386,1127611,1133021,1134090,1136157,1136333,1137325,1141895,1142685,1144333,1145051,1145929,1146539,1148868,1156510,1157424,1158187,1158983,1159037,1159198,1159199,1159285,1160659,1161561,1161951,1162171,1162929,1162931,1163403,1163897,1163971,1164078,1164284,1164507,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.30.1, kernel-source-azure-4.12.14-8.30.1, kernel-syms-azure-4.12.14-8.30.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2020-04-27 13:17:26 UTC
SUSE-SU-2020:1118-1: An update that solves 12 vulnerabilities and has 139 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1164078,1164284,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.13.1, kernel-source-azure-4.12.14-16.13.1, kernel-syms-azure-4.12.14-16.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2020-04-27 13:36:24 UTC
SUSE-SU-2020:1119-1: An update that solves 11 vulnerabilities and has 96 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1071995,1083647,1085030,1104967,1109911,1111666,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.40.1, kernel-source-azure-4.12.14-6.40.1, kernel-syms-azure-4.12.14-6.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2020-04-28 10:25:56 UTC
SUSE-SU-2020:1123-1: An update that solves 10 vulnerabilities and has 89 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1051858,1056686,1060463,1065729,1083647,1085030,1103990,1103992,1104353,1104745,1109837,1109911,1111666,1111974,1112178,1112374,1113956,1114279,1114685,1119680,1120386,1127611,1133021,1134090,1136157,1141895,1144333,1145051,1146539,1157424,1158187,1158983,1159198,1159285,1160659,1161561,1161951,1162171,1162929,1162931,1164078,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166982,1167005,1167216,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168273,1168276,1168295,1168367,1168424,1168443,1168552,1168829,1168854,1169013,1169307,1169308
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.23.1, kernel-rt_debug-4.12.14-14.23.1, kernel-source-rt-4.12.14-14.23.1, kernel-syms-rt-4.12.14-14.23.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.23.1, kernel-rt_debug-4.12.14-14.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2020-04-29 16:16:09 UTC
SUSE-SU-2020:1141-1: An update that solves 11 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kgraft-patch-SLE12-SP4_Update_13-1-6.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2020-04-29 16:32:32 UTC
SUSE-SU-2020:1141-1: An update that solves 11 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.51.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.51.1, kernel-obs-build-4.12.14-95.51.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kernel-source-4.12.14-95.51.1, kernel-syms-4.12.14-95.51.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kgraft-patch-SLE12-SP4_Update_13-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.51.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2020-04-29 16:47:02 UTC
SUSE-SU-2020:1142-1: An update that solves 13 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144162,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1163971,1164051,1164078,1164115,1164284,1164388,1164471,1164507,1164598,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kgraft-patch-SLE12-SP5_Update_4-1-8.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2020-04-29 17:11:33 UTC
SUSE-SU-2020:1142-1: An update that solves 13 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144162,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1163971,1164051,1164078,1164115,1164284,1164388,1164471,1164507,1164598,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.20.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.20.1, kernel-obs-build-4.12.14-122.20.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kernel-source-4.12.14-122.20.1, kernel-syms-4.12.14-122.20.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kgraft-patch-SLE12-SP5_Update_4-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.20.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2020-04-29 17:30:12 UTC
SUSE-SU-2020:1146-1: An update that solves 7 vulnerabilities and has 77 fixes is now available.

Category: security (important)
Bug References: 1051510,1065600,1065729,1071995,1083647,1085030,1109911,1111666,1113956,1114279,1118338,1120386,1137325,1142685,1145051,1145929,1148868,1157424,1158983,1159037,1159198,1159199,1161561,1161951,1162171,1163403,1163897,1164284,1164777,1164780,1164893,1165019,1165182,1165185,1165211,1165823,1165949,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8834
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.40.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.40.1, kernel-default-4.12.14-197.40.1, kernel-docs-4.12.14-197.40.1, kernel-kvmsmall-4.12.14-197.40.1, kernel-obs-qa-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-vanilla-4.12.14-197.40.1, kernel-zfcpdump-4.12.14-197.40.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.40.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.40.1, kernel-obs-build-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-syms-4.12.14-197.40.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-zfcpdump-4.12.14-197.40.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2020-04-29 17:40:47 UTC
SUSE-SU-2020:1146-1: An update that solves 7 vulnerabilities and has 77 fixes is now available.

Category: security (important)
Bug References: 1051510,1065600,1065729,1071995,1083647,1085030,1109911,1111666,1113956,1114279,1118338,1120386,1137325,1142685,1145051,1145929,1148868,1157424,1158983,1159037,1159198,1159199,1161561,1161951,1162171,1163403,1163897,1164284,1164777,1164780,1164893,1165019,1165182,1165185,1165211,1165823,1165949,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8834
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.40.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.40.1, kernel-default-4.12.14-197.40.1, kernel-docs-4.12.14-197.40.1, kernel-kvmsmall-4.12.14-197.40.1, kernel-obs-qa-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-vanilla-4.12.14-197.40.1, kernel-zfcpdump-4.12.14-197.40.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.40.1, kernel-livepatch-SLE15-SP1_Update_11-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.40.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.40.1, kernel-obs-build-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-syms-4.12.14-197.40.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-zfcpdump-4.12.14-197.40.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2020-05-12 13:19:38 UTC
SUSE-SU-2020:1255-1: An update that solves 53 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1037216,1075091,1075994,1087082,1087813,1091041,1099279,1120386,1131107,1133147,1136449,1137325,1146519,1146544,1146612,1149591,1153811,1154844,1155311,1155897,1156060,1157038,1157042,1157070,1157143,1157155,1157157,1157158,1157303,1157324,1157333,1157464,1157804,1157923,1158021,1158132,1158381,1158394,1158398,1158410,1158413,1158417,1158427,1158445,1158819,1158823,1158824,1158827,1158834,1158900,1158903,1158904,1159199,1159285,1159297,1159841,1159908,1159910,1159911,1159912,1160195,1162227,1162298,1162928,1162929,1162931,1163971,1164069,1164078,1164846,1165111,1165311,1165873,1165881,1165984,1165985,1167629,1168075,1168295,1168424,1168829,1168854,1170056,1170345,1170778
CVE References: CVE-2017-18255,CVE-2018-21008,CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-18660,CVE-2019-18675,CVE-2019-18683,CVE-2019-19052,CVE-2019-19062,CVE-2019-19066,CVE-2019-19073,CVE-2019-19074,CVE-2019-19319,CVE-2019-19332,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19767,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20096,CVE-2019-3701,CVE-2019-5108,CVE-2019-9455,CVE-2019-9458,CVE-2020-10690,CVE-2020-10720,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-2732,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.129.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2020-05-14 13:16:06 UTC
SUSE-SU-2020:1275-1: An update that solves 35 vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 1056134,1087813,1120386,1133147,1137325,1145929,1149591,1154118,1154844,1155689,1157155,1157157,1157303,1157804,1158021,1158642,1158819,1159199,1159285,1159297,1159841,1159908,1159910,1159911,1159912,1160195,1161586,1162227,1162928,1162929,1162931,1163508,1163971,1164009,1164051,1164069,1164078,1164846,1165111,1165311,1165873,1165881,1165984,1165985,1167421,1167423,1167629,1168075,1168295,1168424,1168829,1168854,1170056,1170345,1170778,1170847
CVE References: CVE-2017-18255,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-21008,CVE-2019-11091,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-18675,CVE-2019-19066,CVE-2019-19319,CVE-2019-19447,CVE-2019-19767,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20096,CVE-2019-3701,CVE-2019-5108,CVE-2019-9455,CVE-2019-9458,CVE-2020-10690,CVE-2020-10720,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-2732,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.116.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 42 Swamp Workflow Management 2020-06-18 13:19:21 UTC
SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Swamp Workflow Management 2020-06-18 13:39:53 UTC
SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.52.1, kernel-livepatch-SLE15_Update_18-1-1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 44 Marcus Meissner 2020-07-03 06:39:02 UTC
all done