First Last Prev Next    This bug is not in your last search results.
Bug 1137103 - (CVE-2018-16871) VUL-0: CVE-2018-16871: kernel-source: nfs: NULL pointer dereference due to an anomalized NFS message sequence
(CVE-2018-16871)
VUL-0: CVE-2018-16871: kernel-source: nfs: NULL pointer dereference due to an...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Major
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/234124/
CVSSv3:RedHat:CVE-2018-16871:7.5:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-06-03 09:33 UTC by Marcus Meissner
Modified: 2022-03-04 21:32 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2019-06-03 09:33:21 UTC 
rh#1655162

A flaw was found in NFS in the Linux Kernel. An attacker who is able to mount an exported NFS filesystem  is able to trigger a null pointer dereference by an invalid NFS sequence.

This can panic the machine and deny access to the NFS server. Any outstanding disk writes to the NFS server will be lost.

Upstream fix:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01310bb7c9c98752cc763b36532fab028e0f8f81

References:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16871
https://bugzilla.redhat.com/show_bug.cgi?id=1655162
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16871
http://seclists.org/oss-sec/2019/q2/137
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=01310bb7c9c98752cc763b36532fab028e0f8f81
Comment 3 Neil Brown 2019-06-11 06:06:25 UTC 
Bug landed in v4.5-rc1, thanks to
Commit ffa0160a1039 ("nfsd: implement the NFSv4.2 CLONE operation")

So it should be enough to land the fix in SLE15 - for 4.12 kernels.

This happened in late January thanks to git-fixes.
So we've had the fix in SLE15 since rpm-4.12.14-32 and in SLE15-SP1 since Beta4 (I think).

So: nothing to do here.
Comment 4 Borislav Petkov 2019-06-11 12:01:38 UTC 
Thanks Neil. Reassigning.
Comment 5 Marcus Meissner 2019-06-17 12:28:00 UTC 
can you update the References so the CVE is listed?
Comment 6 Neil Brown 2019-06-17 23:54:06 UTC 
(In reply to Marcus Meissner from comment #5)
> can you update the References so the CVE is listed?

Done.  Rreferences on patches.fixes/nfsd-COPY-and-CLONE-operations-require-the-saved-fil.patch
now reads
References: git-fixes, bsc#1137103, CVE-2018-16871
Comment 8 Swamp Workflow Management 2019-07-04 13:15:35 UTC 
SUSE-SU-2019:1744-1: An update that solves three vulnerabilities and has 26 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1094555,1111666,1112374,1114279,1128432,1134730,1134738,1135153,1135296,1135642,1136156,1136157,1136271,1136333,1137103,1137194,1137366,1137884,1137985,1138263,1138336,1138374,1138375,1138589,1138681,1138719,1138732
CVE References: CVE-2018-16871,CVE-2019-12614,CVE-2019-12817
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.7.1, kernel-livepatch-SLE15-SP1_Update_2-1-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2019-07-04 13:19:42 UTC 
SUSE-SU-2019:1744-1: An update that solves three vulnerabilities and has 26 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1094555,1111666,1112374,1114279,1128432,1134730,1134738,1135153,1135296,1135642,1136156,1136157,1136271,1136333,1137103,1137194,1137366,1137884,1137985,1138263,1138336,1138374,1138375,1138589,1138681,1138719,1138732
CVE References: CVE-2018-16871,CVE-2019-12614,CVE-2019-12817
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.7.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.7.1, kernel-debug-4.12.14-197.7.1, kernel-default-4.12.14-197.7.1, kernel-docs-4.12.14-197.7.1, kernel-kvmsmall-4.12.14-197.7.1, kernel-obs-qa-4.12.14-197.7.1, kernel-source-4.12.14-197.7.1, kernel-vanilla-4.12.14-197.7.1, kernel-zfcpdump-4.12.14-197.7.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.7.1, kernel-livepatch-SLE15-SP1_Update_2-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.7.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.7.1, kernel-obs-build-4.12.14-197.7.1, kernel-source-4.12.14-197.7.1, kernel-syms-4.12.14-197.7.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.7.1, kernel-source-4.12.14-197.7.1, kernel-zfcpdump-4.12.14-197.7.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Swamp Workflow Management 2019-07-09 13:33:11 UTC 
This is an autogenerated message for OBS integration:
This bug (1137103) was mentioned in
https://build.opensuse.org/request/show/714223 15.0 / kernel-source
Comment 15 Swamp Workflow Management 2019-07-12 16:17:46 UTC 
SUSE-SU-2019:1829-1: An update that solves 11 vulnerabilities and has 71 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128432,1128902,1128910,1131645,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136598,1136922,1136935,1137103,1137194,1137429,1137625,1137728,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.33.1, kernel-source-azure-4.12.14-5.33.1, kernel-syms-azure-4.12.14-5.33.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-azure-4.12.14-5.33.1, kernel-source-azure-4.12.14-5.33.1, kernel-syms-azure-4.12.14-5.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2019-07-15 10:14:19 UTC 
This is an autogenerated message for OBS integration:
This bug (1137103) was mentioned in
https://build.opensuse.org/request/show/715440 15.1 / kernel-source
Comment 18 Swamp Workflow Management 2019-07-15 19:25:59 UTC 
SUSE-SU-2019:1855-1: An update that solves 12 vulnerabilities and has 73 fixes is now available.

Category: security (important)
Bug References: 1051510,1061840,1065600,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128432,1128902,1128910,1131645,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136598,1136922,1136935,1137103,1137194,1137429,1137625,1137728,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139751,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11478,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.27.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.27.1, kernel-docs-4.12.14-150.27.1, kernel-obs-qa-4.12.14-150.27.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.27.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.27.1, kernel-obs-build-4.12.14-150.27.1, kernel-source-4.12.14-150.27.1, kernel-syms-4.12.14-150.27.1, kernel-vanilla-4.12.14-150.27.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.27.1, kernel-source-4.12.14-150.27.1, kernel-zfcpdump-4.12.14-150.27.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.27.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2019-07-15 19:46:11 UTC 
SUSE-SU-2019:1851-1: An update that solves 11 vulnerabilities and has 77 fixes is now available.

Category: security (important)
Bug References: 1051510,1061840,1065600,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128432,1128902,1128910,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136811,1136922,1137103,1137194,1137221,1137366,1137429,1137625,1137728,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139751,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140948,821419,945811
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11478,CVE-2019-11599,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_6-1-6.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2019-07-15 19:58:40 UTC 
SUSE-SU-2019:1855-1: An update that solves 12 vulnerabilities and has 73 fixes is now available.

Category: security (important)
Bug References: 1051510,1061840,1065600,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128432,1128902,1128910,1131645,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136598,1136922,1136935,1137103,1137194,1137429,1137625,1137728,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139751,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11478,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.27.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.27.1, kernel-docs-4.12.14-150.27.1, kernel-obs-qa-4.12.14-150.27.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.27.1, kernel-livepatch-SLE15_Update_12-1-1.5.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.27.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.27.1, kernel-obs-build-4.12.14-150.27.1, kernel-source-4.12.14-150.27.1, kernel-syms-4.12.14-150.27.1, kernel-vanilla-4.12.14-150.27.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.27.1, kernel-source-4.12.14-150.27.1, kernel-zfcpdump-4.12.14-150.27.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.27.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2019-07-15 20:18:30 UTC 
SUSE-SU-2019:1851-1: An update that solves 11 vulnerabilities and has 77 fixes is now available.

Category: security (important)
Bug References: 1051510,1061840,1065600,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128432,1128902,1128910,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136811,1136922,1137103,1137194,1137221,1137366,1137429,1137625,1137728,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139751,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140948,821419,945811
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11478,CVE-2019-11599,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.24.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.24.1, kernel-obs-build-4.12.14-95.24.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.24.1, kernel-source-4.12.14-95.24.1, kernel-syms-4.12.14-95.24.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_6-1-6.5.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.24.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.24.1, kernel-source-4.12.14-95.24.1, kernel-syms-4.12.14-95.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2019-07-19 10:19:44 UTC 
openSUSE-SU-2019:1716-1: An update that solves 7 vulnerabilities and has 45 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128902,1128910,1131645,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136935,1137103,1137194,1137625,1137728,1137884,1138589,1138719,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11599,CVE-2019-12614
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.67.1, kernel-default-4.12.14-lp150.12.67.1, kernel-docs-4.12.14-lp150.12.67.1, kernel-kvmsmall-4.12.14-lp150.12.67.1, kernel-obs-build-4.12.14-lp150.12.67.1, kernel-obs-qa-4.12.14-lp150.12.67.1, kernel-source-4.12.14-lp150.12.67.1, kernel-syms-4.12.14-lp150.12.67.1, kernel-vanilla-4.12.14-lp150.12.67.1
Comment 23 Swamp Workflow Management 2019-07-20 10:20:50 UTC 
openSUSE-SU-2019:1757-1: An update that solves 9 vulnerabilities and has 82 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1088047,1094555,1098633,1103990,1103991,1103992,1106383,1109837,1111666,1112374,1114279,1114685,1119113,1119532,1120423,1125703,1128902,1130836,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1135897,1136156,1136157,1136161,1136264,1136271,1136333,1136343,1136462,1136935,1137103,1137194,1137366,1137625,1137728,1137884,1137985,1138263,1138589,1138681,1138719,1138732,1138879,1139712,1139771,1139865,1140133,1140228,1140328,1140405,1140424,1140428,1140454,1140463,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11599,CVE-2019-12614,CVE-2019-12817,CVE-2019-13233
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.10.1, kernel-default-4.12.14-lp151.28.10.1, kernel-docs-4.12.14-lp151.28.10.1, kernel-kvmsmall-4.12.14-lp151.28.10.1, kernel-obs-build-4.12.14-lp151.28.10.1, kernel-obs-qa-4.12.14-lp151.28.10.1, kernel-source-4.12.14-lp151.28.10.1, kernel-syms-4.12.14-lp151.28.10.1, kernel-vanilla-4.12.14-lp151.28.10.1
Comment 27 Swamp Workflow Management 2019-08-07 05:24:34 UTC 
SUSE-SU-2019:2069-1: An update that solves 18 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1088047,1094555,1098633,1103990,1103991,1103992,1104745,1106383,1109837,1111666,1112374,1114279,1114685,1119113,1119222,1119532,1120423,1123080,1125703,1127034,1127315,1127611,1128432,1128902,1129770,1130836,1132390,1133021,1133401,1133738,1134090,1134097,1134390,1134395,1134399,1134730,1134738,1135153,1135296,1135335,1135556,1135642,1135897,1136156,1136157,1136161,1136217,1136264,1136271,1136333,1136342,1136343,1136345,1136348,1136460,1136461,1136462,1136467,1137103,1137194,1137224,1137366,1137429,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137811,1137827,1137884,1137985,1138263,1138291,1138293,1138336,1138374,1138375,1138589,1138681,1138719,1138732,1138874,1138879,1139358,1139619,1139712,1139751,1139771,1139865,1140133,1140139,1140228,1140322,1140328,1140405,1140424,1140428,1140454,1140463,1140559,1140575,1140577,1140637,1140652,1140658,1140676,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142265,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2018-20855,CVE-2019-10638,CVE-2019-10639,CVE-2019-1125,CVE-2019-11478,CVE-2019-11599,CVE-2019-11810,CVE-2019-12614,CVE-2019-12817,CVE-2019-12818,CVE-2019-12819,CVE-2019-13233,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.13.1, kernel-source-azure-4.12.14-8.13.1, kernel-syms-azure-4.12.14-8.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2019-09-23 14:08:41 UTC 
SUSE-SU-2019:2430-1: An update that solves 45 vulnerabilities and has 474 fixes is now available.

Category: security (important)
Bug References: 1050242,1050549,1051510,1052904,1053043,1055117,1055121,1055186,1056787,1058115,1061840,1064802,1065600,1065729,1066129,1070872,1071995,1075020,1082387,1082555,1083647,1083710,1085535,1085536,1088047,1088804,1093389,1094555,1096003,1098633,1099658,1102247,1103186,1103259,1103990,1103991,1103992,1104745,1106011,1106284,1106383,1106751,1108193,1108838,1108937,1109837,1110946,1111331,1111666,1111696,1112063,1112128,1112178,1112374,1113722,1113956,1114279,1114427,1114542,1114638,1114685,1115688,1117114,1117158,1117561,1118139,1119113,1119222,1119532,1119680,1120091,1120318,1120423,1120566,1120843,1120902,1122767,1122776,1123080,1123454,1123663,1124503,1124839,1125703,1126206,1126356,1126704,1127034,1127175,1127315,1127371,1127374,1127611,1127616,1128052,1128415,1128432,1128544,1128902,1128904,1128971,1128979,1129138,1129273,1129693,1129770,1129845,1130195,1130425,1130527,1130567,1130579,1130699,1130836,1130937,1130972,1131326,1131427,1131438,1131451,1131467,1131488,1131530,1131565,1131574,1131587,1131645,1131659,1131673,1131847,1131848,1131851,1131900,1131934,1131935,1132044,1132219,1132226,1132227,1132365,1132368,1132369,1132370,1132372,1132373,1132384,1132390,1132397,1132402,1132403,1132404,1132405,1132407,1132411,1132412,1132413,1132414,1132426,1132527,1132531,1132555,1132558,1132561,1132562,1132563,1132564,1132570,1132571,1132572,1132589,1132618,1132673,1132681,1132726,1132828,1132894,1132943,1132982,1133005,1133016,1133021,1133094,1133095,1133115,1133149,1133176,1133188,1133190,1133311,1133320,1133401,1133486,1133529,1133547,1133584,1133593,1133612,1133616,1133667,1133668,1133672,1133674,1133675,1133698,1133702,1133731,1133738,1133769,1133772,1133774,1133778,1133779,1133780,1133825,1133850,1133851,1133852,1133897,1134090,1134097,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134223,1134303,1134354,1134390,1134393,1134395,1134397,1134399,1134459,1134460,1134461,1134597,1134600,1134607,1134618,1134651,1134671,1134730,1134738,1134743,1134760,1134806,1134810,1134813,1134848,1134936,1134945,1134946,1134947,1134948,1134949,1134950,1134951,1134952,1134953,1134972,1134974,1134975,1134980,1134981,1134983,1134987,1134989,1134990,1134994,1134995,1134998,1134999,1135006,1135007,1135008,1135018,1135021,1135024,1135026,1135027,1135028,1135029,1135031,1135033,1135034,1135035,1135036,1135037,1135038,1135039,1135041,1135042,1135044,1135045,1135046,1135047,1135049,1135051,1135052,1135053,1135055,1135056,1135058,1135100,1135120,1135153,1135278,1135281,1135296,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135335,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1135897,1136156,1136157,1136161,1136188,1136206,1136215,1136217,1136264,1136271,1136333,1136342,1136343,1136345,1136347,1136348,1136353,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136456,1136460,1136461,1136462,1136467,1136469,1136477,1136478,1136498,1136573,1136586,1136598,1136881,1136922,1136935,1136978,1136990,1137103,1137151,1137152,1137153,1137162,1137194,1137201,1137224,1137232,1137233,1137236,1137366,1137372,1137429,1137444,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137739,1137752,1137811,1137827,1137884,1137985,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138263,1138291,1138293,1138336,1138374,1138375,1138589,1138681,1138719,1138732,1138874,1138879,1139358,1139619,1139712,1139751,1139771,1139865,1140133,1140139,1140228,1140322,1140328,1140405,1140424,1140428,1140454,1140463,1140559,1140575,1140577,1140637,1140652,1140658,1140676,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2017-5753,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-16871,CVE-2018-16880,CVE-2018-20836,CVE-2018-20855,CVE-2018-7191,CVE-2019-10124,CVE-2019-10638,CVE-2019-10639,CVE-2019-11085,CVE-2019-11091,CVE-2019-1125,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11599,CVE-2019-11810,CVE-2019-11811,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12380,CVE-2019-12382,CVE-2019-12456,CVE-2019-12614,CVE-2019-12817,CVE-2019-12818,CVE-2019-12819,CVE-2019-13233,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284,CVE-2019-3846,CVE-2019-3882,CVE-2019-5489,CVE-2019-8564,CVE-2019-9003,CVE-2019-9500,CVE-2019-9503
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.8.1, kernel-rt_debug-4.12.14-14.8.1, kernel-source-rt-4.12.14-14.8.1, kernel-syms-rt-4.12.14-14.8.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.8.1, kernel-rt_debug-4.12.14-14.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2019-09-24 16:19:53 UTC 
SUSE-SU-2019:2450-1: An update that solves 21 vulnerabilities and has 160 fixes is now available.

Category: security (important)
Bug References: 1012382,1051510,1053043,1055117,1061840,1065600,1065729,1068032,1071995,1083647,1083710,1088047,1094555,1098633,1102247,1106383,1106751,1109137,1111666,11123080,1112824,1113722,1114279,1115688,1117158,1118139,1119222,1120423,1120566,1124167,1124503,1127034,1127155,1127315,1128432,1128902,1128910,1129770,1130972,1132154,1132390,1133021,1133401,1133738,1134097,1134303,1134390,1134393,1134395,1134399,1134671,1135296,1135335,1135556,1135642,1135661,1136157,1136424,1136598,1136811,1136896,1136922,1136935,1136990,1137103,1137162,1137194,1137366,1137372,1137429,1137444,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137739,1137752,1137811,1137827,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139358,1139751,1139771,1139782,1139865,1140133,1140139,1140322,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140652,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141401,1141402,1141452,1141453,1141454,1141478,1141488,1142023,1142112,1142220,1142221,1142265,1142350,1142351,1142354,1142359,1142450,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143507
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2018-20855,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-1125,CVE-2019-11477,CVE-2019-11478,CVE-2019-11599,CVE-2019-11810,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284,CVE-2019-3846
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.3.1, kernel-rt_debug-4.12.14-8.3.1, kernel-source-rt-4.12.14-8.3.1, kernel-syms-rt-4.12.14-8.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Marcus Meissner 2020-02-04 16:51:01 UTC 
done
First Last Prev Next    This bug is not in your last search results.