Bug 1162002 (CVE-2020-14416) - VUL-0: CVE-2020-14416: kernel-source: can, slip: Protect tty->disc_data in write_wakeup and close with RCU
Summary: VUL-0: CVE-2020-14416: kernel-source: can, slip: Protect tty->disc_data in wr...
Status: RESOLVED FIXED
Alias: CVE-2020-14416
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: CVSSv3.1:SUSE:CVE-2020-14416:6.4:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2020-01-28 10:24 UTC by Richard Palethorpe
Modified: 2025-02-27 03:23 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Richard Palethorpe 2020-01-28 10:24:22 UTC
I was asked to backport the following patch into at least SLE15-SP2.

"From: Richard Palethorpe <rpalethorpe@suse.com>
Date: Tue, 21 Jan 2020 14:42:58 +0100
Subject: can, slip: Protect tty->disc_data in write_wakeup and close with RCU

From: Richard Palethorpe <rpalethorpe@suse.com>

[ Upstream commit 0ace17d56824165c7f4c68785d6b58971db954dd ]

write_wakeup can happen in parallel with close/hangup where tty->disc_data
is set to NULL and the netdevice is freed thus also freeing
disc_data. write_wakeup accesses disc_data so we must prevent close from
freeing the netdev while write_wakeup has a non-NULL view of
tty->disc_data.

We also need to make sure that accesses to disc_data are atomic. Which can
all be done with RCU.

This problem was found by Syzkaller on SLCAN, but the same issue is
reproducible with the SLIP line discipline using an LTP test based on the
Syzkaller reproducer."

LTP reproducer and other details:
http://lists.linux.it/pipermail/ltp/2020-January/015204.html
Comment 1 Takashi Iwai 2020-01-28 10:44:17 UTC
Already backported yesterday for SLE15-SP2 :)
Comment 3 Marcus Meissner 2020-06-18 09:44:08 UTC
requesting a cve.
Comment 4 Takashi Iwai 2020-06-18 11:26:45 UTC
OK, will backport to relevant cve branches.
Comment 5 Takashi Iwai 2020-06-18 11:56:00 UTC
Updated the patch reference in SLE15-SP2 and cve/linux-4.12 branches.
Backported the patch to cve/linux-4.4, cve/linux-3.12, cve/linux-3.0, cve/linux-2.6.32 and cve/linux-2.6.16 branches.

Reassigned back to security team.
Comment 6 OBSbugzilla Bot 2020-06-29 09:21:58 UTC
This is an autogenerated message for OBS integration:
This bug (1162002) was mentioned in
https://build.opensuse.org/request/show/817641 15.2 / kernel-source
Comment 7 OBSbugzilla Bot 2020-06-29 22:02:02 UTC
This is an autogenerated message for OBS integration:
This bug (1162002) was mentioned in
https://build.opensuse.org/request/show/817782 15.2 / kernel-source
Comment 8 Swamp Workflow Management 2020-07-07 04:17:28 UTC
openSUSE-SU-2020:0935-1: An update that solves 16 vulnerabilities and has 117 fixes is now available.

Category: security (important)
Bug References: 1058115,1065729,1071995,1085030,1148868,1152472,1152489,1153274,1154353,1154492,1155518,1155798,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1159781,1159867,1160947,1161495,1162002,1162063,1162400,1164648,1164777,1164780,1165211,1165975,1166985,1167104,1167651,1168230,1168779,1168838,1169021,1169194,1169514,1169681,1170011,1170442,1170774,1170879,1170891,1170895,1171189,1171191,1171219,1171220,1171246,1171417,1171513,1171530,1171662,1171688,1171699,1171739,1171743,1171759,1171828,1171868,1171904,1171915,1171982,1171983,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172169,1172170,1172208,1172223,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172453,1172458,1172467,1172484,1172537,1172719,1172739,1172751,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172938,1172939,1172940,1172956,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173060,1173068,1173085,1173139,1173206,1173271,1173280,1173428,1173438,1173461
CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-12656,CVE-2020-12769,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.20.7.1, kernel-default-5.3.18-lp152.20.7.1, kernel-docs-5.3.18-lp152.20.7.1, kernel-kvmsmall-5.3.18-lp152.20.7.1, kernel-obs-build-5.3.18-lp152.20.7.1, kernel-obs-qa-5.3.18-lp152.20.7.1, kernel-preempt-5.3.18-lp152.20.7.1, kernel-source-5.3.18-lp152.20.7.1, kernel-syms-5.3.18-lp152.20.7.1
Comment 14 Swamp Workflow Management 2020-07-23 16:17:30 UTC
SUSE-SU-2020:2027-1: An update that solves 19 vulnerabilities and has 162 fixes is now available.

Category: security (important)
Bug References: 1058115,1065729,1071995,1085030,1148868,1152472,1152489,1153274,1154353,1154492,1155518,1155798,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1158983,1159781,1159867,1160947,1161495,1162002,1162063,1162400,1162702,1164648,1164777,1164780,1165211,1165975,1166985,1167104,1167651,1167773,1168230,1168779,1168838,1169021,1169094,1169194,1169514,1169681,1170011,1170284,1170442,1170617,1170774,1170879,1170891,1170895,1171150,1171189,1171191,1171219,1171220,1171246,1171417,1171513,1171529,1171530,1171662,1171688,1171699,1171732,1171739,1171743,1171759,1171828,1171868,1171904,1171915,1171982,1171983,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172169,1172170,1172208,1172223,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172453,1172458,1172467,1172484,1172537,1172543,1172687,1172719,1172739,1172751,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172871,1172938,1172939,1172940,1172956,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173060,1173068,1173085,1173139,1173206,1173271,1173280,1173284,1173428,1173438,1173461,1173514,1173552,1173573,1173625,1173746,1173776,1173817,1173818,1173820,1173822,1173823,1173824,1173825,1173826,1173827,1173828,1173830,1173831,1173832,1173833,1173834,1173836,1173837,1173838,1173839,1173841,1173843,1173844,1173845,1173847,1173860,1173894,1174018,1174244,1174345
CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-12656,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.5.1, kernel-source-azure-5.3.18-18.5.1, kernel-syms-azure-5.3.18-18.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 OBSbugzilla Bot 2020-07-30 12:41:48 UTC
This is an autogenerated message for OBS integration:
This bug (1162002) was mentioned in
https://build.opensuse.org/request/show/823567 15.1 / kernel-source
Comment 26 Swamp Workflow Management 2020-08-03 13:15:22 UTC
SUSE-SU-2020:2103-1: An update that solves 15 vulnerabilities and has 81 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1071995,1085030,1111666,1112178,1113956,1114279,1144333,1148868,1150660,1151927,1152624,1158983,1159058,1161016,1162002,1162063,1163309,1166985,1167104,1168081,1168959,1169194,1169514,1169771,1169795,1170011,1170442,1170592,1170617,1170618,1171124,1171424,1171529,1171530,1171558,1171732,1171739,1171743,1171753,1171759,1171835,1171841,1171868,1171904,1172247,1172257,1172344,1172458,1172484,1172537,1172538,1172687,1172719,1172759,1172775,1172781,1172782,1172783,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173514,1173567,1173573,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174186,1174187,1174296,1174343,1174356,1174409,1174438,1174462,1174543
CVE References: CVE-2019-20810,CVE-2019-20908,CVE-2020-0305,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-12771,CVE-2020-12888,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.38.1, kernel-source-azure-4.12.14-8.38.1, kernel-syms-azure-4.12.14-8.38.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2020-08-03 19:13:39 UTC
SUSE-SU-2020:2106-1: An update that solves 14 vulnerabilities and has 15 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1071995,1104967,1152107,1158755,1162002,1170011,1171078,1171673,1171732,1171868,1172257,1172775,1172781,1172782,1172783,1172999,1173265,1173280,1173514,1173567,1173573,1173659,1173999,1174000,1174115,1174462,1174543
CVE References: CVE-2019-16746,CVE-2019-20908,CVE-2020-0305,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-12771,CVE-2020-12888,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.55.1, kernel-livepatch-SLE15_Update_19-1-1.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2020-08-03 19:17:03 UTC
SUSE-SU-2020:14442-1: An update that solves 9 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1159912,1159913,1162002,1171218,1171219,1171220,1172775,1172999,1173265,1174462,1174543
CVE References: CVE-2019-5108,CVE-2020-0305,CVE-2020-10732,CVE-2020-10769,CVE-2020-10773,CVE-2020-12652,CVE-2020-12656,CVE-2020-13974,CVE-2020-14416
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    kernel-bigmem-3.0.101-108.117.1, kernel-default-3.0.101-108.117.1, kernel-ec2-3.0.101-108.117.1, kernel-pae-3.0.101-108.117.1, kernel-ppc64-3.0.101-108.117.1, kernel-source-3.0.101-108.117.1, kernel-syms-3.0.101-108.117.1, kernel-trace-3.0.101-108.117.1, kernel-xen-3.0.101-108.117.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.117.1, kernel-pae-3.0.101-108.117.1, kernel-ppc64-3.0.101-108.117.1, kernel-trace-3.0.101-108.117.1, kernel-xen-3.0.101-108.117.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-108.117.1, kernel-default-3.0.101-108.117.1, kernel-ec2-3.0.101-108.117.1, kernel-pae-3.0.101-108.117.1, kernel-ppc64-3.0.101-108.117.1, kernel-trace-3.0.101-108.117.1, kernel-xen-3.0.101-108.117.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2020-08-03 19:21:41 UTC
SUSE-SU-2020:2107-1: An update that solves 16 vulnerabilities and has 82 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1071995,1085030,1111666,1112178,1113956,1114279,1144333,1148868,1150660,1151927,1152107,1152624,1158983,1159058,1161016,1162002,1162063,1163309,1166985,1167104,1168081,1168959,1169194,1169514,1169771,1169795,1170011,1170442,1170592,1170617,1170618,1171124,1171424,1171529,1171530,1171558,1171732,1171739,1171743,1171753,1171759,1171835,1171841,1171868,1171904,1172247,1172257,1172344,1172458,1172484,1172537,1172538,1172687,1172719,1172759,1172775,1172781,1172782,1172783,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173514,1173567,1173573,1173659,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174186,1174187,1174296,1174343,1174356,1174409,1174438,1174462,1174543
CVE References: CVE-2019-16746,CVE-2019-20810,CVE-2019-20908,CVE-2020-0305,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-12771,CVE-2020-12888,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.48.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.48.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.48.1, kernel-obs-build-4.12.14-197.48.1, kernel-source-4.12.14-197.48.1, kernel-syms-4.12.14-197.48.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.48.1, kernel-source-4.12.14-197.48.1, kernel-zfcpdump-4.12.14-197.48.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.48.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2020-08-03 19:34:14 UTC
SUSE-SU-2020:2105-1: An update that solves 22 vulnerabilities and has 193 fixes is now available.

Category: security (important)
Bug References: 1058115,1065729,1071995,1085030,1148868,1152472,1152489,1153274,1154353,1154492,1155518,1155798,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1158983,1159781,1159867,1160947,1161495,1162002,1162063,1162400,1162702,1164648,1164777,1164780,1165211,1165933,1165975,1166985,1167104,1167651,1167773,1168230,1168779,1168838,1168959,1169021,1169094,1169194,1169514,1169681,1169771,1170011,1170284,1170442,1170617,1170774,1170879,1170891,1170895,1171150,1171189,1171191,1171219,1171220,1171246,1171417,1171513,1171529,1171530,1171662,1171688,1171699,1171732,1171739,1171743,1171759,1171828,1171857,1171868,1171904,1171915,1171982,1171983,1171988,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172169,1172170,1172201,1172208,1172223,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172453,1172458,1172467,1172484,1172537,1172543,1172687,1172719,1172739,1172751,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172871,1172938,1172939,1172940,1172956,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173060,1173068,1173074,1173085,1173139,1173206,1173271,1173280,1173284,1173428,1173438,1173461,1173514,1173552,1173573,1173625,1173746,1173776,1173817,1173818,1173820,1173822,1173823,1173824,1173825,1173826,1173827,1173828,1173830,1173831,1173832,1173833,1173834,1173836,1173837,1173838,1173839,1173841,1173843,1173844,1173845,1173847,1173849,1173860,1173894,1173941,1174018,1174072,1174116,1174126,1174127,1174128,1174129,1174185,1174244,1174263,1174264,1174331,1174332,1174333,1174345,1174356,1174396,1174398,1174407,1174409,1174411,1174438,1174462,1174513,1174527,1174543,1174627,962849
CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-0305,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-10781,CVE-2020-12656,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.9.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.9.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.9.2, kernel-obs-build-5.3.18-24.9.1, kernel-preempt-5.3.18-24.9.1, kernel-source-5.3.18-24.9.1, kernel-syms-5.3.18-24.9.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.9.1, kernel-default-base-5.3.18-24.9.1.9.2.6, kernel-preempt-5.3.18-24.9.1, kernel-source-5.3.18-24.9.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2020-08-03 19:58:28 UTC
SUSE-SU-2020:2106-1: An update that solves 14 vulnerabilities and has 15 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1071995,1104967,1152107,1158755,1162002,1170011,1171078,1171673,1171732,1171868,1172257,1172775,1172781,1172782,1172783,1172999,1173265,1173280,1173514,1173567,1173573,1173659,1173999,1174000,1174115,1174462,1174543
CVE References: CVE-2019-16746,CVE-2019-20908,CVE-2020-0305,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-12771,CVE-2020-12888,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.55.1, kernel-docs-4.12.14-150.55.1, kernel-obs-build-4.12.14-150.55.1, kernel-source-4.12.14-150.55.1, kernel-syms-4.12.14-150.55.1, kernel-vanilla-4.12.14-150.55.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.55.1, kernel-docs-4.12.14-150.55.1, kernel-obs-build-4.12.14-150.55.1, kernel-source-4.12.14-150.55.1, kernel-syms-4.12.14-150.55.1, kernel-vanilla-4.12.14-150.55.1, kernel-zfcpdump-4.12.14-150.55.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.55.1, kernel-livepatch-SLE15_Update_19-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.55.1, kernel-docs-4.12.14-150.55.1, kernel-obs-build-4.12.14-150.55.1, kernel-source-4.12.14-150.55.1, kernel-syms-4.12.14-150.55.1, kernel-vanilla-4.12.14-150.55.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.55.1, kernel-docs-4.12.14-150.55.1, kernel-obs-build-4.12.14-150.55.1, kernel-source-4.12.14-150.55.1, kernel-syms-4.12.14-150.55.1, kernel-vanilla-4.12.14-150.55.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.55.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2020-08-03 20:04:50 UTC
SUSE-SU-2020:2105-1: An update that solves 22 vulnerabilities and has 193 fixes is now available.

Category: security (important)
Bug References: 1058115,1065729,1071995,1085030,1148868,1152472,1152489,1153274,1154353,1154492,1155518,1155798,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1158983,1159781,1159867,1160947,1161495,1162002,1162063,1162400,1162702,1164648,1164777,1164780,1165211,1165933,1165975,1166985,1167104,1167651,1167773,1168230,1168779,1168838,1168959,1169021,1169094,1169194,1169514,1169681,1169771,1170011,1170284,1170442,1170617,1170774,1170879,1170891,1170895,1171150,1171189,1171191,1171219,1171220,1171246,1171417,1171513,1171529,1171530,1171662,1171688,1171699,1171732,1171739,1171743,1171759,1171828,1171857,1171868,1171904,1171915,1171982,1171983,1171988,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172169,1172170,1172201,1172208,1172223,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172453,1172458,1172467,1172484,1172537,1172543,1172687,1172719,1172739,1172751,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172871,1172938,1172939,1172940,1172956,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173060,1173068,1173074,1173085,1173139,1173206,1173271,1173280,1173284,1173428,1173438,1173461,1173514,1173552,1173573,1173625,1173746,1173776,1173817,1173818,1173820,1173822,1173823,1173824,1173825,1173826,1173827,1173828,1173830,1173831,1173832,1173833,1173834,1173836,1173837,1173838,1173839,1173841,1173843,1173844,1173845,1173847,1173849,1173860,1173894,1173941,1174018,1174072,1174116,1174126,1174127,1174128,1174129,1174185,1174244,1174263,1174264,1174331,1174332,1174333,1174345,1174356,1174396,1174398,1174407,1174409,1174411,1174438,1174462,1174513,1174527,1174543,1174627,962849
CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-0305,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-10781,CVE-2020-12656,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.9.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.9.1, kernel-livepatch-SLE15-SP2_Update_1-1-5.3.6
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.9.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.9.2, kernel-obs-build-5.3.18-24.9.1, kernel-preempt-5.3.18-24.9.1, kernel-source-5.3.18-24.9.1, kernel-syms-5.3.18-24.9.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.9.1, kernel-default-base-5.3.18-24.9.1.9.2.6, kernel-preempt-5.3.18-24.9.1, kernel-source-5.3.18-24.9.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2020-08-03 20:29:48 UTC
SUSE-SU-2020:2107-1: An update that solves 16 vulnerabilities and has 82 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1071995,1085030,1111666,1112178,1113956,1114279,1144333,1148868,1150660,1151927,1152107,1152624,1158983,1159058,1161016,1162002,1162063,1163309,1166985,1167104,1168081,1168959,1169194,1169514,1169771,1169795,1170011,1170442,1170592,1170617,1170618,1171124,1171424,1171529,1171530,1171558,1171732,1171739,1171743,1171753,1171759,1171835,1171841,1171868,1171904,1172247,1172257,1172344,1172458,1172484,1172537,1172538,1172687,1172719,1172759,1172775,1172781,1172782,1172783,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173514,1173567,1173573,1173659,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174186,1174187,1174296,1174343,1174356,1174409,1174438,1174462,1174543
CVE References: CVE-2019-16746,CVE-2019-20810,CVE-2019-20908,CVE-2020-0305,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-12771,CVE-2020-12888,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.48.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.48.1, kernel-livepatch-SLE15-SP1_Update_13-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.48.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.48.1, kernel-obs-build-4.12.14-197.48.1, kernel-source-4.12.14-197.48.1, kernel-syms-4.12.14-197.48.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.48.1, kernel-source-4.12.14-197.48.1, kernel-zfcpdump-4.12.14-197.48.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.48.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2020-08-04 19:14:41 UTC
SUSE-SU-2020:2119-1: An update that solves 13 vulnerabilities and has 75 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1104967,1111666,1112178,1113956,1114279,1150660,1151927,1152107,1152624,1158983,1159058,1162002,1163309,1167104,1168959,1169514,1169771,1169795,1170011,1170442,1170617,1170618,1171124,1171424,1171529,1171530,1171558,1171673,1171732,1171739,1171743,1171753,1171759,1171761,1171835,1171841,1171868,1171988,1172247,1172257,1172344,1172484,1172687,1172719,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173462,1173514,1173567,1173573,1173659,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174130,1174186,1174187,1174205,1174247,1174296,1174343,1174356,1174409,1174438,1174462,1174543,1174549
CVE References: CVE-2019-16746,CVE-2019-20908,CVE-2020-0305,CVE-2020-10135,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-12771,CVE-2020-12888,CVE-2020-14331,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.22.1, kernel-source-azure-4.12.14-16.22.1, kernel-syms-azure-4.12.14-16.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2020-08-04 19:27:31 UTC
SUSE-SU-2020:2121-1: An update that solves 15 vulnerabilities and has 37 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1071995,1085030,1104967,1114279,1144333,1148868,1150660,1152107,1152472,1152624,1158983,1159058,1161016,1162002,1162063,1168081,1169194,1169514,1169795,1170011,1170592,1170618,1171124,1171424,1171558,1171673,1171732,1171761,1171868,1171904,1172257,1172344,1172458,1172484,1172759,1172775,1172781,1172782,1172783,1172999,1173265,1173280,1173428,1173462,1173514,1173567,1173573,1174115,1174462,1174543
CVE References: CVE-2019-16746,CVE-2019-20810,CVE-2019-20908,CVE-2020-0305,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-12771,CVE-2020-12888,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.57.1, kernel-source-4.12.14-95.57.1, kernel-syms-4.12.14-95.57.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.57.1, kernel-source-4.12.14-95.57.1, kernel-syms-4.12.14-95.57.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.57.1, kernel-source-4.12.14-95.57.1, kernel-syms-4.12.14-95.57.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.57.1, kernel-source-4.12.14-95.57.1, kernel-syms-4.12.14-95.57.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.57.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2020-08-04 19:34:33 UTC
SUSE-SU-2020:2121-1: An update that solves 15 vulnerabilities and has 37 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1071995,1085030,1104967,1114279,1144333,1148868,1150660,1152107,1152472,1152624,1158983,1159058,1161016,1162002,1162063,1168081,1169194,1169514,1169795,1170011,1170592,1170618,1171124,1171424,1171558,1171673,1171732,1171761,1171868,1171904,1172257,1172344,1172458,1172484,1172759,1172775,1172781,1172782,1172783,1172999,1173265,1173280,1173428,1173462,1173514,1173567,1173573,1174115,1174462,1174543
CVE References: CVE-2019-16746,CVE-2019-20810,CVE-2019-20908,CVE-2020-0305,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-12771,CVE-2020-12888,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.57.1, kernel-source-4.12.14-95.57.1, kernel-syms-4.12.14-95.57.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.57.1, kernel-source-4.12.14-95.57.1, kernel-syms-4.12.14-95.57.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.57.1, kernel-source-4.12.14-95.57.1, kernel-syms-4.12.14-95.57.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.57.1, kernel-source-4.12.14-95.57.1, kernel-syms-4.12.14-95.57.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.57.1, kgraft-patch-SLE12-SP4_Update_15-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.57.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2020-08-04 22:15:04 UTC
SUSE-SU-2020:2122-1: An update that solves 13 vulnerabilities and has 70 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1104967,1111666,1112178,1113956,1114279,1150660,1151927,1152107,1152624,1158983,1159058,1162002,1163309,1167104,1168959,1169514,1169771,1169795,1170011,1170442,1170617,1170618,1171124,1171424,1171529,1171530,1171558,1171673,1171732,1171739,1171743,1171753,1171759,1171761,1171835,1171841,1171868,1171988,1172247,1172257,1172344,1172484,1172687,1172719,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173462,1173514,1173567,1173573,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174130,1174205,1174296,1174343,1174356,1174409,1174438,1174462,1174543
CVE References: CVE-2019-16746,CVE-2019-20908,CVE-2020-0305,CVE-2020-10135,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-12771,CVE-2020-12888,CVE-2020-14331,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.29.1, kgraft-patch-SLE12-SP5_Update_7-1-8.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2020-08-04 22:25:27 UTC
SUSE-SU-2020:2122-1: An update that solves 13 vulnerabilities and has 70 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1104967,1111666,1112178,1113956,1114279,1150660,1151927,1152107,1152624,1158983,1159058,1162002,1163309,1167104,1168959,1169514,1169771,1169795,1170011,1170442,1170617,1170618,1171124,1171424,1171529,1171530,1171558,1171673,1171732,1171739,1171743,1171753,1171759,1171761,1171835,1171841,1171868,1171988,1172247,1172257,1172344,1172484,1172687,1172719,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173462,1173514,1173567,1173573,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174130,1174205,1174296,1174343,1174356,1174409,1174438,1174462,1174543
CVE References: CVE-2019-16746,CVE-2019-20908,CVE-2020-0305,CVE-2020-10135,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-12771,CVE-2020-12888,CVE-2020-14331,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.29.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.29.1, kernel-obs-build-4.12.14-122.29.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.29.1, kernel-source-4.12.14-122.29.1, kernel-syms-4.12.14-122.29.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.29.1, kgraft-patch-SLE12-SP5_Update_7-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.29.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 OBSbugzilla Bot 2020-08-05 12:41:53 UTC
This is an autogenerated message for OBS integration:
This bug (1162002) was mentioned in
https://build.opensuse.org/request/show/824481 15.1 / kernel-source
Comment 40 Swamp Workflow Management 2020-08-05 19:13:03 UTC
SUSE-SU-2020:2134-1: An update that solves 14 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1162002,1170383,1171189,1171191,1171220,1171732,1171988,1172049,1172453,1172458,1172775,1172781,1172782,1172783,1172999,1174115,1174462,1174543
CVE References: CVE-2019-20810,CVE-2019-20812,CVE-2020-0305,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-12771,CVE-2020-13974,CVE-2020-14416
JIRA References: 
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.138.1, kernel-source-4.4.121-92.138.1, kernel-syms-4.4.121-92.138.1, kgraft-patch-SLE12-SP2_Update_36-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.138.1, kernel-source-4.4.121-92.138.1, kernel-syms-4.4.121-92.138.1, kgraft-patch-SLE12-SP2_Update_36-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.138.1, kernel-source-4.4.121-92.138.1, kernel-syms-4.4.121-92.138.1, kgraft-patch-SLE12-SP2_Update_36-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.138.1, kernel-source-4.4.121-92.138.1, kernel-syms-4.4.121-92.138.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.138.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 41 Swamp Workflow Management 2020-08-06 16:16:25 UTC
openSUSE-SU-2020:1153-1: An update that solves 19 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1051510,1065729,1071995,1085030,1111666,1112178,1113956,1114279,1120163,1144333,1148868,1150660,1151927,1152107,1152624,1158983,1159058,1161016,1162002,1162063,1163309,1166985,1167104,1168081,1168959,1169194,1169514,1169771,1169795,1170011,1170442,1170592,1170617,1170618,1171124,1171424,1171529,1171530,1171558,1171732,1171739,1171743,1171753,1171759,1171835,1171841,1171868,1171904,1171988,1172247,1172257,1172344,1172458,1172484,1172537,1172538,1172687,1172719,1172759,1172775,1172781,1172782,1172783,1172871,1172872,1172963,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173514,1173567,1173573,1173659,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174070,1174113,1174115,1174122,1174123,1174205,1174296,1174343,1174356,1174409,1174438,1174462,1174543,1174549,1174658,1174685,1174757,1174840,1174841,1174843,1174844,1174845,1174887
CVE References: CVE-2019-16746,CVE-2019-20810,CVE-2019-20908,CVE-2020-0305,CVE-2020-10135,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-12771,CVE-2020-12888,CVE-2020-13974,CVE-2020-14331,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780,CVE-2020-16166
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.59.1, kernel-default-4.12.14-lp151.28.59.1, kernel-docs-4.12.14-lp151.28.59.1, kernel-kvmsmall-4.12.14-lp151.28.59.1, kernel-obs-build-4.12.14-lp151.28.59.1, kernel-obs-qa-4.12.14-lp151.28.59.1, kernel-source-4.12.14-lp151.28.59.1, kernel-syms-4.12.14-lp151.28.59.1, kernel-vanilla-4.12.14-lp151.28.59.1
Comment 42 Swamp Workflow Management 2020-08-06 19:21:58 UTC
SUSE-SU-2020:2152-1: An update that solves 11 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1065729,1146351,1149652,1152457,1162002,1164910,1170011,1170618,1171078,1171189,1171191,1171220,1171732,1171988,1172453,1172458,1172775,1172999,1173280,1173658,1174115,1174462,1174543
CVE References: CVE-2019-20810,CVE-2019-20812,CVE-2020-0305,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10773,CVE-2020-12771,CVE-2020-13974,CVE-2020-14416
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.127.1, kernel-source-4.4.180-94.127.1, kernel-syms-4.4.180-94.127.1, kgraft-patch-SLE12-SP3_Update_34-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.127.1, kernel-source-4.4.180-94.127.1, kernel-syms-4.4.180-94.127.1, kgraft-patch-SLE12-SP3_Update_34-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.127.1, kernel-source-4.4.180-94.127.1, kernel-syms-4.4.180-94.127.1, kgraft-patch-SLE12-SP3_Update_34-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.127.1, kernel-source-4.4.180-94.127.1, kernel-syms-4.4.180-94.127.1, kgraft-patch-SLE12-SP3_Update_34-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.127.1, kernel-source-4.4.180-94.127.1, kernel-syms-4.4.180-94.127.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.127.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.127.1, kernel-source-4.4.180-94.127.1, kernel-syms-4.4.180-94.127.1, kgraft-patch-SLE12-SP3_Update_34-1-4.3.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.127.1, kernel-source-4.4.180-94.127.1, kernel-syms-4.4.180-94.127.1, kgraft-patch-SLE12-SP3_Update_34-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Swamp Workflow Management 2020-08-06 22:17:56 UTC
SUSE-SU-2020:2156-1: An update that solves 32 vulnerabilities and has 122 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1085030,1089895,1104967,1111666,1114279,1133021,1144333,1148868,1150660,1151794,1152107,1152489,1152624,1154824,1157169,1158265,1158983,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1165183,1165741,1166969,1167574,1167851,1168081,1168503,1168670,1169020,1169194,1169514,1169525,1169625,1169795,1170011,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171424,1171527,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171673,1171679,1171691,1171694,1171695,1171736,1171761,1171868,1171904,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172257,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453,1172458,1172484,1172759,1172775,1172781,1172782,1172783,1172999,1173265,1173280,1173428,1173462,1173659
CVE References: CVE-2018-1000199,CVE-2019-16746,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.23.1, kernel-rt_debug-4.12.14-8.23.1, kernel-source-rt-4.12.14-8.23.1, kernel-syms-rt-4.12.14-8.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 44 Marcus Meissner 2020-08-08 10:29:34 UTC
done
Comment 45 Swamp Workflow Management 2020-09-03 13:25:18 UTC
SUSE-SU-2020:2478-1: An update that solves 39 vulnerabilities and has 234 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1065729,1071995,1082555,1083647,1085030,1089895,1103990,1103991,1103992,1104745,1104967,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1137325,1141558,1142685,1144333,1145929,1148868,1150660,1151794,1151927,1152107,1152489,1152624,1154824,1157169,1158265,1158983,1159037,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1163309,1163403,1163897,1164284,1164780,1164871,1165183,1165478,1165741,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166969,1166978,1166985,1167104,1167288,1167574,1167851,1167867,1168081,1168202,1168332,1168486,1168503,1168670,1168760,1168762,1168763,1168764,1168765,1168789,1168881,1168884,1168952,1168959,1169005,1169013,1169020,1169057,1169194,1169390,1169514,1169525,1169625,1169762,1169771,1169795,1170011,1170056,1170125,1170145,1170284,1170345,1170442,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171424,1171527,1171529,1171530,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171673,1171679,1171691,1171692,1171694,1171695,1171732,1171736,1171739,1171743,1171753,1171759,1171761,1171817,1171835,1171841,1171868,1171904,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172247,1172249,1172251,1172253,1172257,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453,1172458,1172472,1172484,1172537,1172538,1172687,1172719,1172759,1172770,1172775,1172781,1172782,1172783,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173462,1173514,1173567,1173573,1173659,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174130,1174186,1174187,1174296
CVE References: CVE-2018-1000199,CVE-2019-16746,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-20908,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.13.1, kernel-rt_debug-4.12.14-10.13.1, kernel-source-rt-4.12.14-10.13.1, kernel-syms-rt-4.12.14-10.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Swamp Workflow Management 2020-09-04 10:19:07 UTC
SUSE-SU-2020:2487-1: An update that solves 40 vulnerabilities and has 227 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1065729,1071995,1082555,1083647,1085030,1089895,1090036,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1137325,1142685,1144333,1145929,1148868,1150660,1151794,1151927,1152489,1152624,1154824,1157169,1158265,1158983,1159037,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1163309,1163403,1163897,1164284,1164780,1164871,1165183,1165478,1165741,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166969,1166978,1166985,1167104,1167288,1167574,1167851,1167867,1168081,1168202,1168332,1168486,1168670,1168760,1168762,1168763,1168764,1168765,1168789,1168881,1168884,1168952,1168959,1169020,1169057,1169194,1169390,1169514,1169525,1169625,1169762,1169771,1169795,1170011,1170056,1170125,1170145,1170284,1170345,1170442,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171424,1171527,1171529,1171530,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171732,1171736,1171739,1171743,1171753,1171759,1171817,1171835,1171841,1171868,1171904,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1171988,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172247,1172249,1172251,1172257,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453,1172458,1172484,1172537,1172538,1172687,1172719,1172759,1172775,1172781,1172782,1172783,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173514,1173567,1173573,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174186,1174187,1174296,1174343,1174356,1174409,1174438,1174462
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-20908,CVE-2019-9455,CVE-2020-0305,CVE-2020-0543,CVE-2020-10135,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.28.1, kernel-rt_debug-4.12.14-14.28.1, kernel-source-rt-4.12.14-14.28.1, kernel-syms-rt-4.12.14-14.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 51 Swamp Workflow Management 2021-02-05 20:29:55 UTC
openSUSE-SU-2021:0242-1: An update that solves 79 vulnerabilities and has 676 fixes is now available.

Category: security (moderate)
Bug References: 1034995,1040855,1043347,1044120,1044767,1055014,1055117,1055186,1058115,1061843,1065600,1065729,1066382,1071995,1077428,1085030,1094244,1094840,1109695,1115431,1120163,1129923,1133021,1134760,1136666,1138374,1139944,1148868,1149032,1152148,1152457,1152472,1152489,1153274,1154353,1154488,1154492,1154824,1155518,1155798,1156315,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1158775,1158983,1159058,1159781,1159867,1159886,1160388,1160634,1160947,1161099,1161495,1162002,1162063,1162209,1162400,1162702,1163592,1163727,1164648,1164777,1164780,1165211,1165455,1165629,1165692,1165933,1165975,1166146,1166166,1166340,1166965,1166985,1167030,1167104,1167527,1167651,1167657,1167773,1167851,1168230,1168461,1168468,1168779,1168838,1168952,1168959,1169021,1169094,1169194,1169263,1169514,1169681,1169763,1169771,1169790,1169795,1170011,1170139,1170232,1170284,1170415,1170442,1170617,1170621,1170774,1170879,1170891,1170895,1171000,1171068,1171073,1171078,1171117,1171150,1171156,1171189,1171191,1171218,1171219,1171220,1171236,1171242,1171246,1171285,1171293,1171374,1171390,1171391,1171392,1171417,1171426,1171507,1171513,1171514,1171529,1171530,1171558,1171634,1171644,1171662,1171675,1171688,1171699,1171709,1171730,1171732,1171736,1171739,1171742,1171743,1171759,1171773,1171774,1171775,1171776,1171777,1171778,1171779,1171780,1171781,1171782,1171783,1171784,1171785,1171786,1171787,1171788,1171789,1171790,1171791,1171792,1171793,1171794,1171795,1171796,1171797,1171798,1171799,1171810,1171827,1171828,1171832,1171833,1171834,1171835,1171839,1171840,1171841,1171842,1171843,1171844,1171849,1171857,1171868,1171904,1171915,1171982,1171983,1171988,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172108,1172145,1172169,1172170,1172197,1172201,1172208,1172223,1172247,1172317,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172418,1172419,1172453,1172458,1172467,1172484,1172537,1172543,1172687,1172719,1172733,1172739,1172751,1172757,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172871,1172873,1172938,1172939,1172940,1172956,1172963,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173017,1173068,1173074,1173085,1173115,1173139,1173206,1173267,1173271,1173280,1173284,1173428,1173438,1173461,1173468,1173485,1173514,1173552,1173573,1173625,1173746,1173776,1173798,1173813,1173817,1173818,1173820,1173822,1173823,1173824,1173825,1173826,1173827,1173828,1173830,1173831,1173832,1173833,1173834,1173836,1173837,1173838,1173839,1173841,1173843,1173844,1173845,1173847,1173849,1173860,1173894,1173941,1173954,1174002,1174003,1174018,1174026,1174029,1174072,1174098,1174110,1174111,1174116,1174126,1174127,1174128,1174129,1174146,1174185,1174205,1174244,1174263,1174264,1174331,1174332,1174333,1174345,1174356,1174358,1174362,1174387,1174396,1174398,1174407,1174409,1174411,1174438,1174462,1174484,1174486,1174513,1174527,1174625,1174627,1174645,1174689,1174699,1174737,1174748,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174899,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175079,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175306,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175480,1175493,1175546,1175550,1175599,1175621,1175654,1175667,1175691,1175718,1175721,1175749,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175787,1175807,1175834,1175873,1175882,1175898,1175918,1175952,1175995,1175996,1175997,1175998,1175999,1176000,1176001,1176019,1176022,1176038,1176063,1176069,1176109,1176137,1176180,1176200,1176235,1176236,1176237,1176242,1176354,1176357,1176358,1176359,1176360,1176361,1176362,1176363,1176364,1176365,1176366,1176367,1176381,1176396,1176400,1176423,1176449,1176481,1176485,1176486,1176507,1176536,1176537,1176538,1176539,1176540,1176541,1176542,1176543,1176544,1176545,1176546,1176548,1176558,1176559,1176564,1176586,1176587,1176588,1176659,1176698,1176699,1176700,1176713,1176721,1176722,1176725,1176732,1176763,1176775,1176788,1176789,1176833,1176855,1176869,1176877,1176907,1176925,1176942,1176956,1176962,1176979,1176980,1176983,1176990,1177021,1177030,1177066,1177070,1177086,1177090,1177109,1177121,1177193,1177194,1177206,1177258,1177271,1177281,1177283,1177284,1177285,1177286,1177297,1177326,1177353,1177384,1177397,1177410,1177411,1177470,1177500,1177511,1177617,1177666,1177679,1177681,1177683,1177687,1177694,1177697,1177698,1177703,1177719,1177724,1177725,1177726,1177733,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177820,1177854,1177855,1177856,1177861,1178002,1178049,1178079,1178123,1178166,1178173,1178175,1178176,1178177,1178182,1178183,1178184,1178185,1178186,1178190,1178191,1178203,1178227,1178246,1178255,1178270,1178286,1178307,1178330,1178393,1178395,1178401,1178426,1178461,1178579,1178581,1178584,1178585,1178589,1178590,1178612,1178634,1178635,1178653,1178659,1178660,1178661,1178669,1178686,1178740,1178755,1178756,1178762,1178780,1178838,1178853,1178886,1179001,1179012,1179014,1179015,1179045,1179076,1179082,1179107,1179140,1179141,1179160,1179201,1179204,1179211,1179217,1179419,1179424,1179425,1179426,1179427,1179429,1179432,1179434,1179435,1179442,1179519,1179550,1179575,1179578,1179601,1179604,1179639,1179652,1179656,1179670,1179671,1179672,1179673,1179675,1179676,1179677,1179678,1179679,1179680,1179681,1179682,1179683,1179684,1179685,1179687,1179688,1179689,1179690,1179703,1179704,1179707,1179709,1179710,1179711,1179712,1179713,1179714,1179715,1179716,1179745,1179763,1179887,1179888,1179892,1179896,1179960,1179963,1180027,1180029,1180031,1180052,1180056,1180086,1180117,1180258,1180261,1180349,1180506,1180541,1180559,1180566,173030,744692,789311,954532,995541
CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-0110,CVE-2020-0305,CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-0543,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-10781,CVE-2020-11668,CVE-2020-12351,CVE-2020-12352,CVE-2020-12652,CVE-2020-12656,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14314,CVE-2020-14331,CVE-2020-14351,CVE-2020-14356,CVE-2020-14385,CVE-2020-14386,CVE-2020-14390,CVE-2020-14416,CVE-2020-15393,CVE-2020-15436,CVE-2020-15437,CVE-2020-15780,CVE-2020-16120,CVE-2020-16166,CVE-2020-1749,CVE-2020-24490,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25669,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-27830,CVE-2020-28915,CVE-2020-28941,CVE-2020-28974,CVE-2020-29369,CVE-2020-29370,CVE-2020-29371,CVE-2020-29373,CVE-2020-29660,CVE-2020-29661,CVE-2020-36158,CVE-2020-4788,CVE-2020-8694
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-rt-5.3.18-lp152.3.5.1, kernel-rt_debug-5.3.18-lp152.3.5.1, kernel-source-rt-5.3.18-lp152.3.5.1, kernel-syms-rt-5.3.18-lp152.3.5.1