Bug 1138874 - qla2xx: Update Leap 15.1-28.4 -> 15.1-28.7, crashed
qla2xx: Update Leap 15.1-28.4 -> 15.1-28.7, crashed
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Kernel
Leap 15.1
x86-64 Other
: P3 - Medium : Critical (vote)
: ---
Assigned To: Daniel Wagner
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-06-20 18:31 UTC by Holger Schranz
Modified: 2019-09-26 08:26 UTC (History)
5 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
DMESG, LEAP 15.1-28.7 (152.71 KB, text/plain)
2019-06-20 18:31 UTC, Holger Schranz
Details
Journalctl 15.1-28.7 (Bad case) (277.54 KB, text/plain)
2019-06-20 18:32 UTC, Holger Schranz
Details
RPM list 15.1-28.7 (149.24 KB, text/plain)
2019-06-20 18:32 UTC, Holger Schranz
Details
Journalctl 15.1-28.4 (o.k. case) (363.97 KB, text/plain)
2019-06-20 18:33 UTC, Holger Schranz
Details
scsi: qla2xxx: do not crash on uninitialized pool list (2.30 KB, patch)
2019-07-03 17:54 UTC, Michal Suchanek
Details | Diff
dmesg with patch (149.91 KB, text/plain)
2019-07-14 15:55 UTC, Holger Schranz
Details
journalctl with patch (274.26 KB, text/plain)
2019-07-14 15:56 UTC, Holger Schranz
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Holger Schranz 2019-06-20 18:31:03 UTC
Created attachment 808098 [details]
DMESG, LEAP 15.1-28.7

Hello,

after update from 

opensuse 15.1: Linux_4.12.14-lp151.28.4
opensuse 15.1: Linux_4.12.14-lp151.28.7

the driver qla2xxx run into a dump.

With issue the work with the virtual environment is no longer
possible. More than 60 virtual systems (150 virtual machines) 
are involved over 5 virtual hosts.

To continue the work we switched back to Linux_4.12.14-lp151.28.4.

May be others are also involved.

I attached the journalctl, dmesg and a rpm -qa list.

The journalctl are from Linux_4.12.14-lp151.28.4 (o.k. version)
and Linux_4.12.14-lp151.28.7 (bad version)

I opened this issue report as a privat report. If necessary I will
opened an urgent call via FUJITSU as a customer from SuSE. 

Best regards

Holger
Comment 1 Holger Schranz 2019-06-20 18:32:02 UTC
Created attachment 808099 [details]
Journalctl 15.1-28.7 (Bad case)
Comment 2 Holger Schranz 2019-06-20 18:32:39 UTC
Created attachment 808100 [details]
RPM list 15.1-28.7
Comment 3 Holger Schranz 2019-06-20 18:33:20 UTC
Created attachment 808101 [details]
Journalctl 15.1-28.4 (o.k. case)
Comment 4 Michal Suchanek 2019-06-24 14:53:44 UTC
Hare, can you have a look?

It's openSUSE but regression in qla2xxx could affect the SLE kernel as well.
Comment 5 Holger Schranz 2019-07-01 19:08:54 UTC
Hello,

any update for this critical bug please?

I can't update some systms to a newer Patch of 15.1.

Best regards

Holger
Comment 6 Michal Suchanek 2019-07-01 19:30:40 UTC
We don't have tags for openSUSE so here are the git commits:

Release     : lp151.28.4.1
GIT Revision: af35fd11466ddb32ce5df4bc094d71af8b3b86aa
GIT Branch: openSUSE-15.1

Release     : lp151.28.7.1
GIT Revision: f8a1872c2e97826e8e0333012932aa99b5041ddd
GIT Branch: openSUSE-15.1

And these are qla patches added/removed:

+       patches.drivers/scsi-qla2xxx-Fix-panic-from-use-after-free-in-qla2x0.patch
+       patches.drivers/scsi-qla2xxx-Add-protection-mask-module-parameters.patch
+       patches.drivers/scsi-qla2xxx-Fix-DMA-error-when-the-DIF-sg-buffer-cr.patch
+       patches.drivers/scsi-qla2xxx-no-need-to-check-return-value-of-debugf.patch
+       patches.drivers/scsi-qla2xxx-Move-debug-messages-before-sending-srb-.patch
+       patches.drivers/scsi-qla2xxx-remove-redundant-null-check-on-pointer-.patch
+       patches.drivers/scsi-qla2xxx-Fix-LUN-discovery-if-loop-id-is-not-ass.patch
+       patches.drivers/scsi-qla2xxx-Add-First-Burst-support-for-FC-NVMe-dev.patch
+       patches.drivers/scsi-qla2xxx-Fix-unload-when-NVMe-devices-are-config.patch
+       patches.drivers/scsi-qla2xxx-Check-for-FW-started-flag-before-aborti.patch
+       patches.drivers/scsi-qla2xxx-Prevent-multiple-ADISC-commands-per-ses.patch
+       patches.drivers/scsi-qla2xxx-Add-support-for-setting-port-speed.patch
+       patches.drivers/scsi-qla2xxx-Prevent-SysFS-access-when-chip-is-down.patch
+       patches.drivers/scsi-qla2xxx-Move-marker-request-behind-QPair.patch
+       patches.drivers/scsi-qla2xxx-Fix-code-indentation-for-qla27xx_fwdt_e.patch
+       patches.drivers/scsi-qla2xxx-Add-new-FW-dump-template-entry-types.patch
+       patches.drivers/scsi-qla2xxx-Update-driver-version-to-10.00.00.14-k.patch
+       patches.drivers/scsi-qla2xxx-Avoid-PCI-IRQ-affinity-mapping-when-mul.patch
+       patches.drivers/scsi-qla2xxx-avoid-printf-format-warning.patch
+       patches.drivers/scsi-qla2xxx-check-for-kstrtol-failure.patch
+       patches.drivers/scsi-qla2xxx-Add-fw_attr-and-port_no-SysFS-node.patch
+       patches.drivers/scsi-qla2xxx-Remove-FW-default-template.patch
+       patches.drivers/scsi-qla2xxx-Fix-routine-qla27xx_dump_-mpi-ram.patch
+       patches.drivers/scsi-qla2xxx-Add-Device-ID-for-ISP28XX.patch
+       patches.drivers/scsi-qla2xxx-Add-Serdes-support-for-ISP28XX.patch
+       patches.drivers/scsi-qla2xxx-Correctly-report-max-min-supported-spee.patch
+       patches.drivers/scsi-qla2xxx-Cleanups-for-NVRAM-Flash-read-write-pat.patch
+       patches.drivers/scsi-qla2xxx-Add-support-for-multiple-fwdump-templat.patch
+       patches.drivers/scsi-qla2xxx-Update-flash-read-write-routine.patch
+       patches.drivers/scsi-qla2xxx-Correction-and-improvement-to-fwdt-proc.patch
+       patches.drivers/scsi-qla2xxx-Simplification-of-register-address-used.patch
+       patches.drivers/scsi-qla2xxx-Add-28xx-flash-primary-secondary-status.patch
+       patches.drivers/scsi-qla2xxx-Secure-flash-update-support-for-ISP28XX.patch
+       patches.drivers/scsi-qla2xxx-Update-driver-version-to-10.01.00.15-k.patch
+       patches.drivers/scsi-qla2xxx-Simplify-conditional-check-again.patch
+       patches.drivers/scsi-qla2xxx-Set-remote-port-devloss-timeout-to-0.patch
+       patches.drivers/scsi-qla2xxx-Fix-read-offset-in-qla24xx_load_risc_fl.patch
-       patches.suse/qla2xxx-allow-irqbalance-control-in-non-MQ-mode.patch
+       patches.kabi/qla2xxx-kABI-fixes-for-v10.00.00.14-k.patch
+       patches.kabi/qla2xxx-kABI-fixes-for-v10.01.00.15-k.patch

This is openSUSE so you are free to build lp151.28.7 with the patches reverted and bisect them to determine which one breaks your setup.
Comment 7 Michal Suchanek 2019-07-01 20:39:39 UTC
If we can trust the debugger unwinding the function correctly at offset 1097 we have list_for_each_entry_safe(dsd, nxt, &ha->pool.unusable.head, list) which implies initialization of pools is not consistent with ql2xenabledif which is probably meant to protect against access to uninitialized pools here. But ql2xenabledif is a global that can be changed at any time so the functions in question should probably check that the pools indeed exist.

Presumably if you always initialized ha->pool.good.count and ha->pool.unusable.count in qla2x00_mem_alloc you could check this count before traversing the list in qla2x00_mem_free.
Comment 8 Michal Suchanek 2019-07-02 16:28:35 UTC
Actually ql2xenabledif is readonly parameter so it should be fine to use as guard. Nonetheless, adding some checks and WARN_ONs for the pools might be helpful.
Comment 9 Holger Schranz 2019-07-02 17:42:48 UTC
Dear Mr. Suchanek,

let me clearfy:
I'm a user of openSUSE and not a developer.

If I read your comments, I understood that I have to fix the bug by my own.
Is this correct?

Best regards

Holger Schranz
Comment 10 Michal Suchanek 2019-07-03 17:54:22 UTC
Created attachment 809341 [details]
scsi: qla2xxx: do not crash on uninitialized pool list

As an openSUSE user you are expected to be able to apply or revert a kernel patch.

Attached is a patch that should confirm if the issue is with the pool list. If you see the message about uninitialized bool list then it is indeed the case. It is not clear why the pool list is not initialized so the kernel may crash in a different place due to state inconsistency in the qla2xxx driver.
Comment 11 Jiri Slaby 2019-07-04 05:00:50 UTC
(In reply to Michal Suchanek from comment #10)
> As an openSUSE user you are expected to be able to apply or revert a kernel
> patch.

You definitely cannot expect that from *users*.
Comment 13 Holger Schranz 2019-07-09 15:27:02 UTC
Hello Mr. Suchanek,

as Jiri Slaby wrote, to expect that each user of OpenSuse have a deep knowledge  about the kernel and the behavior of Linux, isn't the case in 95% of the user.

Whatever, I'm will not discuss here, about the knowledge of an user which want use OpenSuse as the OS.

I will try ,to include the Patch from you, in one of the involved systems. The result I will report here. I think around next weekend I can spend the time.

Please wait.

Best regards

Holger
Comment 14 Holger Schranz 2019-07-14 15:54:13 UTC
Hello Mr. Suchanek,

test is done. The protocol I will upload. 
It is the dmesg protocol and the journalctl.

Best regards

Holger
Comment 15 Holger Schranz 2019-07-14 15:55:21 UTC
Created attachment 810383 [details]
dmesg with patch
Comment 16 Holger Schranz 2019-07-14 15:56:17 UTC
Created attachment 810384 [details]
journalctl with patch
Comment 17 Michal Suchanek 2019-07-15 09:51:53 UTC
Thanks for testing

From the log it looks like the kernel no longer crashes. Does the adapter work for you?
Comment 18 Holger Schranz 2019-07-15 15:48:03 UTC
Hello Mr. Suchanek,

Yes, of course, the system doesn't crashed, but I have to test the adapter
in a virtual machine. I will inform you a.s.a.p..

Best regards

Holger Schranz
Comment 19 Michal Suchanek 2019-07-22 15:30:02 UTC
Any test result with the patched kernel?
Comment 20 Holger Schranz 2019-07-22 15:40:16 UTC
Hello Mr. Suchanek,

sorry for the delay.

I have updated the Leap 15.1 systems to a last patch ...28-10 first.
Than modified the qla_os.c with your fix and restarted the tests.

All tests closed with result o.k.

Thanks a lot for your effort Mr. Suchanek.

Best regards

Holger
Comment 21 Michal Suchanek 2019-07-22 15:47:45 UTC
Thanks for the tests.

I will merge this bandaid until somebody has time to look more closely at the issue.
Comment 27 Swamp Workflow Management 2019-08-07 04:34:38 UTC
SUSE-SU-2019:2070-1: An update that solves 7 vulnerabilities and has 95 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1102247,1103991,1103992,1104745,1109837,1111666,1112374,1119222,1123080,1127034,1127315,1127611,1129770,1130972,1133021,1134090,1134097,1134390,1134399,1135335,1135642,1136217,1136342,1136460,1136461,1136462,1136467,1136896,1137458,1137534,1137535,1137584,1137609,1137811,1137827,1138874,1139358,1139619,1140133,1140139,1140322,1140559,1140652,1140676,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1142023,1142052,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-20855,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.23.1, kernel-source-azure-4.12.14-6.23.1, kernel-syms-azure-4.12.14-6.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2019-08-07 04:48:07 UTC
SUSE-SU-2019:2073-1: An update that solves 7 vulnerabilities and has 78 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1102247,1103991,1103992,1104745,1109837,1111666,1112374,1119222,1123080,1127034,1127315,1127611,1129770,1130972,1133021,1134090,1134097,1134390,1134399,1135335,1135642,1136217,1136342,1136460,1136461,1136462,1136467,1137458,1137534,1137535,1137584,1137609,1137811,1137827,1138874,1139358,1139619,1140133,1140139,1140322,1140559,1140652,1140676,1140903,1140945,1140948,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-20855,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.15.1, kernel-debug-4.12.14-197.15.1, kernel-default-4.12.14-197.15.1, kernel-docs-4.12.14-197.15.1, kernel-kvmsmall-4.12.14-197.15.1, kernel-obs-qa-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-vanilla-4.12.14-197.15.1, kernel-zfcpdump-4.12.14-197.15.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.15.1, kernel-obs-build-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-syms-4.12.14-197.15.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-zfcpdump-4.12.14-197.15.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2019-08-07 05:09:40 UTC
SUSE-SU-2019:2073-1: An update that solves 7 vulnerabilities and has 78 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1102247,1103991,1103992,1104745,1109837,1111666,1112374,1119222,1123080,1127034,1127315,1127611,1129770,1130972,1133021,1134090,1134097,1134390,1134399,1135335,1135642,1136217,1136342,1136460,1136461,1136462,1136467,1137458,1137534,1137535,1137584,1137609,1137811,1137827,1138874,1139358,1139619,1140133,1140139,1140322,1140559,1140652,1140676,1140903,1140945,1140948,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-20855,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.15.1, kernel-debug-4.12.14-197.15.1, kernel-default-4.12.14-197.15.1, kernel-docs-4.12.14-197.15.1, kernel-kvmsmall-4.12.14-197.15.1, kernel-obs-qa-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-vanilla-4.12.14-197.15.1, kernel-zfcpdump-4.12.14-197.15.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.15.1, kernel-obs-build-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-syms-4.12.14-197.15.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-zfcpdump-4.12.14-197.15.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2019-08-07 05:28:02 UTC
SUSE-SU-2019:2069-1: An update that solves 18 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1088047,1094555,1098633,1103990,1103991,1103992,1104745,1106383,1109837,1111666,1112374,1114279,1114685,1119113,1119222,1119532,1120423,1123080,1125703,1127034,1127315,1127611,1128432,1128902,1129770,1130836,1132390,1133021,1133401,1133738,1134090,1134097,1134390,1134395,1134399,1134730,1134738,1135153,1135296,1135335,1135556,1135642,1135897,1136156,1136157,1136161,1136217,1136264,1136271,1136333,1136342,1136343,1136345,1136348,1136460,1136461,1136462,1136467,1137103,1137194,1137224,1137366,1137429,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137811,1137827,1137884,1137985,1138263,1138291,1138293,1138336,1138374,1138375,1138589,1138681,1138719,1138732,1138874,1138879,1139358,1139619,1139712,1139751,1139771,1139865,1140133,1140139,1140228,1140322,1140328,1140405,1140424,1140428,1140454,1140463,1140559,1140575,1140577,1140637,1140652,1140658,1140676,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142265,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2018-20855,CVE-2019-10638,CVE-2019-10639,CVE-2019-1125,CVE-2019-11478,CVE-2019-11599,CVE-2019-11810,CVE-2019-12614,CVE-2019-12817,CVE-2019-12818,CVE-2019-12819,CVE-2019-13233,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.13.1, kernel-source-azure-4.12.14-8.13.1, kernel-syms-azure-4.12.14-8.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2019-08-07 09:54:11 UTC
This is an autogenerated message for OBS integration:
This bug (1138874) was mentioned in
https://build.opensuse.org/request/show/721464 15.1 / kernel-source
Comment 32 Michal Suchanek 2019-08-07 11:18:52 UTC
Workaround is released. Please review the state of the qla2xx driver in 15.1 and determine if there is alternative fix upstream or this workaround should be upstreamed.
Comment 33 Holger Schranz 2019-08-11 17:06:10 UTC
Hello Mr. Suchaneck,

Sorry for late responce. I will review the WA til Tuesday,13.08.

Best regards

Holger
Comment 34 Michal Suchanek 2019-08-11 18:06:11 UTC
This was summary for scsi developers looking at the bug. For now the workaround should be sufficient and there is no need for action.
Comment 35 Holger Schranz 2019-08-11 18:14:48 UTC
Thanks a lot
Comment 36 Swamp Workflow Management 2019-08-16 16:31:12 UTC
openSUSE-SU-2019:1923-1: An update that solves 8 vulnerabilities and has 97 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1085030,1086103,1102247,1103991,1103992,1104745,1106061,1109837,1111666,1112374,1114279,1119222,1123959,1127034,1127315,1127611,1129770,1130972,1131281,1133021,1134090,1134097,1134390,1134399,1135335,1135642,1135897,1136217,1136342,1136352,1136460,1136461,1136467,1136502,1137458,1137534,1137535,1137584,1137609,1137811,1137827,1138874,1139101,1139358,1139500,1139619,1140133,1140139,1140322,1140426,1140559,1140652,1140676,1140903,1140945,1141312,1141401,1141402,1141450,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142117,1142118,1142119,1142220,1142221,1142254,1142265,1142350,1142351,1142354,1142359,1142450,1142623,1142635,1142673,1142685,1142701,1142857,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143466,1143507,1143738,1144474,1144518
CVE References: CVE-2018-20855,CVE-2019-10207,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.13.1, kernel-default-4.12.14-lp151.28.13.1, kernel-docs-4.12.14-lp151.28.13.1, kernel-kvmsmall-4.12.14-lp151.28.13.1, kernel-obs-build-4.12.14-lp151.28.13.1, kernel-obs-qa-4.12.14-lp151.28.13.1, kernel-source-4.12.14-lp151.28.13.1, kernel-syms-4.12.14-lp151.28.13.1, kernel-vanilla-4.12.14-lp151.28.13.1
Comment 38 Michal Suchanek 2019-09-12 13:06:02 UTC
Next maintenanace update should include qla2xx driver update addressing crashes on load/unload.
Comment 39 Swamp Workflow Management 2019-09-23 14:16:09 UTC
SUSE-SU-2019:2430-1: An update that solves 45 vulnerabilities and has 474 fixes is now available.

Category: security (important)
Bug References: 1050242,1050549,1051510,1052904,1053043,1055117,1055121,1055186,1056787,1058115,1061840,1064802,1065600,1065729,1066129,1070872,1071995,1075020,1082387,1082555,1083647,1083710,1085535,1085536,1088047,1088804,1093389,1094555,1096003,1098633,1099658,1102247,1103186,1103259,1103990,1103991,1103992,1104745,1106011,1106284,1106383,1106751,1108193,1108838,1108937,1109837,1110946,1111331,1111666,1111696,1112063,1112128,1112178,1112374,1113722,1113956,1114279,1114427,1114542,1114638,1114685,1115688,1117114,1117158,1117561,1118139,1119113,1119222,1119532,1119680,1120091,1120318,1120423,1120566,1120843,1120902,1122767,1122776,1123080,1123454,1123663,1124503,1124839,1125703,1126206,1126356,1126704,1127034,1127175,1127315,1127371,1127374,1127611,1127616,1128052,1128415,1128432,1128544,1128902,1128904,1128971,1128979,1129138,1129273,1129693,1129770,1129845,1130195,1130425,1130527,1130567,1130579,1130699,1130836,1130937,1130972,1131326,1131427,1131438,1131451,1131467,1131488,1131530,1131565,1131574,1131587,1131645,1131659,1131673,1131847,1131848,1131851,1131900,1131934,1131935,1132044,1132219,1132226,1132227,1132365,1132368,1132369,1132370,1132372,1132373,1132384,1132390,1132397,1132402,1132403,1132404,1132405,1132407,1132411,1132412,1132413,1132414,1132426,1132527,1132531,1132555,1132558,1132561,1132562,1132563,1132564,1132570,1132571,1132572,1132589,1132618,1132673,1132681,1132726,1132828,1132894,1132943,1132982,1133005,1133016,1133021,1133094,1133095,1133115,1133149,1133176,1133188,1133190,1133311,1133320,1133401,1133486,1133529,1133547,1133584,1133593,1133612,1133616,1133667,1133668,1133672,1133674,1133675,1133698,1133702,1133731,1133738,1133769,1133772,1133774,1133778,1133779,1133780,1133825,1133850,1133851,1133852,1133897,1134090,1134097,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134223,1134303,1134354,1134390,1134393,1134395,1134397,1134399,1134459,1134460,1134461,1134597,1134600,1134607,1134618,1134651,1134671,1134730,1134738,1134743,1134760,1134806,1134810,1134813,1134848,1134936,1134945,1134946,1134947,1134948,1134949,1134950,1134951,1134952,1134953,1134972,1134974,1134975,1134980,1134981,1134983,1134987,1134989,1134990,1134994,1134995,1134998,1134999,1135006,1135007,1135008,1135018,1135021,1135024,1135026,1135027,1135028,1135029,1135031,1135033,1135034,1135035,1135036,1135037,1135038,1135039,1135041,1135042,1135044,1135045,1135046,1135047,1135049,1135051,1135052,1135053,1135055,1135056,1135058,1135100,1135120,1135153,1135278,1135281,1135296,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135335,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1135897,1136156,1136157,1136161,1136188,1136206,1136215,1136217,1136264,1136271,1136333,1136342,1136343,1136345,1136347,1136348,1136353,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136456,1136460,1136461,1136462,1136467,1136469,1136477,1136478,1136498,1136573,1136586,1136598,1136881,1136922,1136935,1136978,1136990,1137103,1137151,1137152,1137153,1137162,1137194,1137201,1137224,1137232,1137233,1137236,1137366,1137372,1137429,1137444,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137739,1137752,1137811,1137827,1137884,1137985,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138263,1138291,1138293,1138336,1138374,1138375,1138589,1138681,1138719,1138732,1138874,1138879,1139358,1139619,1139712,1139751,1139771,1139865,1140133,1140139,1140228,1140322,1140328,1140405,1140424,1140428,1140454,1140463,1140559,1140575,1140577,1140637,1140652,1140658,1140676,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2017-5753,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-16871,CVE-2018-16880,CVE-2018-20836,CVE-2018-20855,CVE-2018-7191,CVE-2019-10124,CVE-2019-10638,CVE-2019-10639,CVE-2019-11085,CVE-2019-11091,CVE-2019-1125,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11599,CVE-2019-11810,CVE-2019-11811,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12380,CVE-2019-12382,CVE-2019-12456,CVE-2019-12614,CVE-2019-12817,CVE-2019-12818,CVE-2019-12819,CVE-2019-13233,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284,CVE-2019-3846,CVE-2019-3882,CVE-2019-5489,CVE-2019-8564,CVE-2019-9003,CVE-2019-9500,CVE-2019-9503
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.8.1, kernel-rt_debug-4.12.14-14.8.1, kernel-source-rt-4.12.14-14.8.1, kernel-syms-rt-4.12.14-14.8.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.8.1, kernel-rt_debug-4.12.14-14.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Hannes Reinecke 2019-09-26 08:26:25 UTC
Has been released, closing.