Bug 1173798 – VUL-1: CVE-2020-14314: kernel-source: buffer uses out of index in ext3/4 filesystem

Bug 1173798 - (CVE-2020-14314) VUL-1: CVE-2020-14314: kernel-source: buffer uses out of index in ext3/4 filesystem

(CVE-2020-14314)
Summary:	VUL-1: CVE-2020-14314: kernel-source: buffer uses out of index in ext3/4 file...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/262901/
Whiteboard:	CVSSv3.1:SUSE:CVE-2020-14314:2.8:(AV:...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2020-07-07 08:25 UTC by Alexandros Toptsoglou
Modified:	2022-12-23 12:34 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexandros Toptsoglou 2020-07-07 08:25:04 UTC

CVE-2020-14314

Starting from commit ef2b02d3e617cb0400eedf2668f86215e1b0e6af, it could be failure of disk operation for directory using ext3/ext4 fs.
The bug is in the directory indexing code, and occurs when adding certain directory entries (new files/directories) in affected directories (with read memory out of bounds).
The bug exists in all supported RHEL releases (RHEL 6, RHEL 7, RHEL 8), as well as the upstream kernel.
Needs to be some specific content of FS block with directory indexes for reproducing this fail (known way of reproducing is taking existing image that leads to this bug and then run the command touch for some specific file of this image that is inside broken directory).
The workaround to fix the bug is command e2fsck with params -Df for the partition (or image) that have this failure.
Currently chosen this patch for the fix (if cannot find better, then this one considered as good enough):

diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index a8aca4772aaa..c09cf7043702 100644
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -1870,6 +1870,7 @@ static struct ext4_dir_entry_2 *do_split(handle_t *handle, struct inode *dir,
 	}
 	/* map index at which we will split */
 	split = count - move;
+	if (!split) split = count/2;
 	hash2 = map[split].hash;
 	continued = hash2 == map[split - 1].hash;
 	dxtrace(printk(KERN_INFO "Split block %lu at %x, %i/%i\n",

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1853922
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14314

Comment 1 Alexandros Toptsoglou 2020-07-07 08:25:55 UTC

Following the description, Tracked all codestreams as affected

Comment 2 Jan Kara 2020-07-08 16:04:11 UTC

Upstream discussion for reference:

https://lore.kernel.org/linux-ext4/d08d63e9-8f74-b571-07c7-828b9629ce6a@redhat.com

Comment 3 Jan Kara 2020-07-08 16:46:49 UTC

FWIW I've pinged upstream about the resolution of this bug. The patch in above mentioned thread looks good to me but I'd prefer to have it at least on its way to upstream before pulling in the patch.

Comment 4 Jan Kara 2020-08-25 19:03:24 UTC

This has been merged now as commit 5872331b3d918 "ext4: fix potential negative array index in do_split()". I'll work on pushing this to relevant code streams.

Comment 5 Jan Kara 2020-08-26 16:02:45 UTC

I've pushed the fix to SLE15-SP2, cve/linux-4.12, and cve/linux-4.4 branches. Older branches (cve/linux-3.0 and older) support ext4 in read only mode so they are not affected.

All is done from my side, reassigning back to security team.

Comment 8 OBSbugzilla Bot 2020-08-30 21:31:22 UTC

This is an autogenerated message for OBS integration:
This bug (1173798) was mentioned in
https://build.opensuse.org/request/show/830611 15.2 / kernel-source

Comment 10 OBSbugzilla Bot 2020-09-01 14:12:46 UTC

This is an autogenerated message for OBS integration:
This bug (1173798) was mentioned in
https://build.opensuse.org/request/show/831128 15.1 / kernel-source

Comment 12 Swamp Workflow Management 2020-09-02 19:20:50 UTC

openSUSE-SU-2020:1325-1: An update that solves 6 vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1083548,1085030,1085308,1087082,1111666,1112178,1113956,1133021,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171688,1172073,1172108,1172418,1172428,1172783,1172871,1172872,1172873,1172963,1173485,1173798,1173954,1174003,1174026,1174205,1174387,1174484,1174547,1174550,1174625,1174689,1174699,1174734,1174771,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873
CVE References: CVE-2018-3639,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.63.1, kernel-default-4.12.14-lp151.28.63.1, kernel-docs-4.12.14-lp151.28.63.1, kernel-kvmsmall-4.12.14-lp151.28.63.1, kernel-obs-build-4.12.14-lp151.28.63.1, kernel-obs-qa-4.12.14-lp151.28.63.1, kernel-source-4.12.14-lp151.28.63.1, kernel-syms-4.12.14-lp151.28.63.1, kernel-vanilla-4.12.14-lp151.28.63.1

Comment 13 Swamp Workflow Management 2020-09-03 19:18:28 UTC

SUSE-SU-2020:2485-1: An update that solves three vulnerabilities and has 112 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1085030,1120163,1133021,1149032,1152472,1152489,1154353,1154492,1155518,1156395,1159058,1160634,1167773,1169790,1171634,1171688,1172108,1172197,1172247,1172418,1172871,1172963,1173468,1173485,1173798,1173813,1173954,1174002,1174003,1174026,1174387,1174484,1174625,1174645,1174689,1174699,1174737,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175493,1175546,1175550,1175654,1175691,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175834,1175873
CVE References: CVE-2020-14314,CVE-2020-14356,CVE-2020-16166
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.15.1, kernel-source-azure-5.3.18-18.15.1, kernel-syms-azure-5.3.18-18.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 14 Swamp Workflow Management 2020-09-03 22:16:32 UTC

SUSE-SU-2020:2486-1: An update that solves four vulnerabilities and has 116 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1085030,1120163,1133021,1149032,1152472,1152489,1153274,1154353,1154488,1154492,1155518,1156395,1159058,1160634,1167773,1169790,1171634,1171688,1172108,1172197,1172247,1172418,1172871,1172963,1173468,1173485,1173798,1173813,1173954,1174002,1174003,1174026,1174205,1174247,1174362,1174387,1174484,1174625,1174645,1174689,1174699,1174737,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175493,1175546,1175550,1175654,1175691,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175834,1175873
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.12.1, kernel-livepatch-SLE15-SP2_Update_2-1-5.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 15 Swamp Workflow Management 2020-09-03 22:28:41 UTC

SUSE-SU-2020:2486-1: An update that solves four vulnerabilities and has 116 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1085030,1120163,1133021,1149032,1152472,1152489,1153274,1154353,1154488,1154492,1155518,1156395,1159058,1160634,1167773,1169790,1171634,1171688,1172108,1172197,1172247,1172418,1172871,1172963,1173468,1173485,1173798,1173813,1173954,1174002,1174003,1174026,1174205,1174247,1174362,1174387,1174484,1174625,1174645,1174689,1174699,1174737,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175493,1175546,1175550,1175654,1175691,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175834,1175873
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.12.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.12.1, kernel-livepatch-SLE15-SP2_Update_2-1-5.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.12.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.12.1, kernel-obs-build-5.3.18-24.12.1, kernel-preempt-5.3.18-24.12.1, kernel-source-5.3.18-24.12.1, kernel-syms-5.3.18-24.12.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.12.1, kernel-default-base-5.3.18-24.12.1.9.4.1, kernel-preempt-5.3.18-24.12.1, kernel-source-5.3.18-24.12.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 OBSbugzilla Bot 2020-09-04 07:01:28 UTC

This is an autogenerated message for OBS integration:
This bug (1173798) was mentioned in
https://build.opensuse.org/request/show/832013 15.2 / kernel-source

Comment 19 Swamp Workflow Management 2020-09-04 19:23:05 UTC

SUSE-SU-2020:2541-1: An update that solves 7 vulnerabilities and has 130 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171688,1171988,1172073,1172108,1172247,1172418,1172428,1172781,1172782,1172783,1172871,1172872,1172873,1172963,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174887,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.41.1, kernel-source-azure-4.12.14-8.41.1, kernel-syms-azure-4.12.14-8.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2020-09-04 19:42:22 UTC

SUSE-SU-2020:2540-1: An update that solves 7 vulnerabilities and has 129 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171688,1172073,1172108,1172247,1172418,1172428,1172781,1172782,1172783,1172871,1172872,1172873,1172963,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174247,1174387,1174484,1174547,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174887,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873
CVE References: CVE-2018-3639,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.25.1, kernel-source-azure-4.12.14-16.25.1, kernel-syms-azure-4.12.14-16.25.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Swamp Workflow Management 2020-09-08 13:19:33 UTC

openSUSE-SU-2020:1382-1: An update that solves two vulnerabilities and has 40 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1085030,1133021,1154492,1156395,1159058,1160634,1169790,1171634,1171688,1172108,1172418,1172871,1173485,1173798,1174003,1174026,1174387,1174699,1174771,1174777,1174800,1175128,1175199,1175232,1175440,1175493,1175546,1175550,1175654,1175691,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175834,1175873,1176069
CVE References: CVE-2020-14314,CVE-2020-14386
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.41.1, kernel-default-5.3.18-lp152.41.1, kernel-default-base-5.3.18-lp152.41.1.lp152.8.6.2, kernel-docs-5.3.18-lp152.41.1, kernel-kvmsmall-5.3.18-lp152.41.1, kernel-obs-build-5.3.18-lp152.41.1, kernel-obs-qa-5.3.18-lp152.41.1, kernel-preempt-5.3.18-lp152.41.1, kernel-source-5.3.18-lp152.41.1, kernel-syms-5.3.18-lp152.41.1

Comment 25 Swamp Workflow Management 2020-09-08 19:19:45 UTC

SUSE-SU-2020:2574-1: An update that solves 7 vulnerabilities and has 131 fixes is now available.

Category: security (important)
Bug References: 1058115,1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.37.1, kgraft-patch-SLE12-SP5_Update_9-1-8.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 26 Swamp Workflow Management 2020-09-08 19:34:09 UTC

SUSE-SU-2020:2574-1: An update that solves 7 vulnerabilities and has 131 fixes is now available.

Category: security (important)
Bug References: 1058115,1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.37.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.37.1, kernel-obs-build-4.12.14-122.37.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.37.1, kernel-source-4.12.14-122.37.1, kernel-syms-4.12.14-122.37.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.37.1, kgraft-patch-SLE12-SP5_Update_9-1-8.5.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Swamp Workflow Management 2020-09-09 10:19:51 UTC

SUSE-SU-2020:2575-1: An update that solves 8 vulnerabilities and has 121 fixes is now available.

Category: security (important)
Bug References: 1058115,1065600,1065729,1071995,1083548,1085030,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1171988,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.56.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.56.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.56.1, kernel-obs-build-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-syms-4.12.14-197.56.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-zfcpdump-4.12.14-197.56.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.56.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2020-09-09 10:39:44 UTC

SUSE-SU-2020:2576-1: An update that solves 5 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1152107,1173798,1174205,1174757,1175691,1176069
CVE References: CVE-2019-16746,CVE-2020-14314,CVE-2020-14331,CVE-2020-14386,CVE-2020-16166
JIRA References: 
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.141.1, kernel-source-4.4.121-92.141.1, kernel-syms-4.4.121-92.141.1, kgraft-patch-SLE12-SP2_Update_37-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.141.1, kernel-source-4.4.121-92.141.1, kernel-syms-4.4.121-92.141.1, kgraft-patch-SLE12-SP2_Update_37-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.141.1, kernel-source-4.4.121-92.141.1, kernel-syms-4.4.121-92.141.1, kgraft-patch-SLE12-SP2_Update_37-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.141.1, kernel-source-4.4.121-92.141.1, kernel-syms-4.4.121-92.141.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.141.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Swamp Workflow Management 2020-09-09 11:00:25 UTC

SUSE-SU-2020:2575-1: An update that solves 8 vulnerabilities and has 121 fixes is now available.

Category: security (important)
Bug References: 1058115,1065600,1065729,1071995,1083548,1085030,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1171988,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.56.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.56.1, kernel-livepatch-SLE15-SP1_Update_15-1-3.3.2
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.56.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.56.1, kernel-obs-build-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-syms-4.12.14-197.56.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-zfcpdump-4.12.14-197.56.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.56.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2020-09-09 19:14:28 UTC

SUSE-SU-2020:2582-1: An update that solves 5 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1152107,1173798,1174205,1174757,1174771,1175112,1175127,1175228,1175691,1176069
CVE References: CVE-2019-16746,CVE-2020-14314,CVE-2020-14331,CVE-2020-14386,CVE-2020-16166
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.130.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2020-09-11 10:20:41 UTC

SUSE-SU-2020:2605-1: An update that solves 8 vulnerabilities and has 122 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1144333,1171988,1172108,1172247,1172418,1172428,1172781,1172782,1172783,1172871,1172872,1172963,1173485,1173798,1173954,1174026,1174070,1174161,1174205,1174247,1174343,1174356,1174387,1174409,1174438,1174462,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174887,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175518,1175526,1175550,1175654,1175666,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175992
CVE References: CVE-2018-3639,CVE-2020-0305,CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.16.1, kernel-rt_debug-4.12.14-10.16.1, kernel-source-rt-4.12.14-10.16.1, kernel-syms-rt-4.12.14-10.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Swamp Workflow Management 2020-09-11 13:15:34 UTC

SUSE-SU-2020:2610-1: An update that solves 8 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1058115,1071995,1154366,1165629,1165631,1171988,1172428,1173798,1174205,1174757,1175112,1175122,1175128,1175204,1175213,1175515,1175518,1175691,1175992,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1, kernel-zfcpdump-4.12.14-150.58.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.58.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Swamp Workflow Management 2020-09-11 13:22:30 UTC

SUSE-SU-2020:2610-1: An update that solves 8 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1058115,1071995,1154366,1165629,1165631,1171988,1172428,1173798,1174205,1174757,1175112,1175122,1175128,1175204,1175213,1175515,1175518,1175691,1175992,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1, kernel-zfcpdump-4.12.14-150.58.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.58.1, kernel-livepatch-SLE15_Update_20-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.58.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Swamp Workflow Management 2020-09-14 16:15:31 UTC

SUSE-SU-2020:2623-1: An update that solves 8 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1058115,1071995,1144333,1154366,1165629,1171988,1172428,1172963,1173798,1173954,1174205,1174689,1174699,1174757,1174784,1174978,1175112,1175127,1175213,1175228,1175515,1175518,1175691,1175749,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.60.1, kgraft-patch-SLE12-SP4_Update_16-1-6.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 37 Swamp Workflow Management 2020-09-14 16:18:48 UTC

SUSE-SU-2020:2623-1: An update that solves 8 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1058115,1071995,1144333,1154366,1165629,1171988,1172428,1172963,1173798,1173954,1174205,1174689,1174699,1174757,1174784,1174978,1175112,1175127,1175213,1175228,1175515,1175518,1175691,1175749,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.60.1, kgraft-patch-SLE12-SP4_Update_16-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.60.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Swamp Workflow Management 2020-09-14 22:19:38 UTC

SUSE-SU-2020:2631-1: An update that solves 5 vulnerabilities and has 124 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1144333,1169790,1171688,1172108,1172247,1172418,1172428,1172781,1172782,1172783,1172871,1172872,1172963,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174247,1174298,1174299,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174887,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1175992
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.31.1, kernel-rt_debug-4.12.14-14.31.1, kernel-source-rt-4.12.14-14.31.1, kernel-syms-rt-4.12.14-14.31.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Swamp Workflow Management 2021-02-05 20:58:18 UTC

openSUSE-SU-2021:0242-1: An update that solves 79 vulnerabilities and has 676 fixes is now available.

Category: security (moderate)
Bug References: 1034995,1040855,1043347,1044120,1044767,1055014,1055117,1055186,1058115,1061843,1065600,1065729,1066382,1071995,1077428,1085030,1094244,1094840,1109695,1115431,1120163,1129923,1133021,1134760,1136666,1138374,1139944,1148868,1149032,1152148,1152457,1152472,1152489,1153274,1154353,1154488,1154492,1154824,1155518,1155798,1156315,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1158775,1158983,1159058,1159781,1159867,1159886,1160388,1160634,1160947,1161099,1161495,1162002,1162063,1162209,1162400,1162702,1163592,1163727,1164648,1164777,1164780,1165211,1165455,1165629,1165692,1165933,1165975,1166146,1166166,1166340,1166965,1166985,1167030,1167104,1167527,1167651,1167657,1167773,1167851,1168230,1168461,1168468,1168779,1168838,1168952,1168959,1169021,1169094,1169194,1169263,1169514,1169681,1169763,1169771,1169790,1169795,1170011,1170139,1170232,1170284,1170415,1170442,1170617,1170621,1170774,1170879,1170891,1170895,1171000,1171068,1171073,1171078,1171117,1171150,1171156,1171189,1171191,1171218,1171219,1171220,1171236,1171242,1171246,1171285,1171293,1171374,1171390,1171391,1171392,1171417,1171426,1171507,1171513,1171514,1171529,1171530,1171558,1171634,1171644,1171662,1171675,1171688,1171699,1171709,1171730,1171732,1171736,1171739,1171742,1171743,1171759,1171773,1171774,1171775,1171776,1171777,1171778,1171779,1171780,1171781,1171782,1171783,1171784,1171785,1171786,1171787,1171788,1171789,1171790,1171791,1171792,1171793,1171794,1171795,1171796,1171797,1171798,1171799,1171810,1171827,1171828,1171832,1171833,1171834,1171835,1171839,1171840,1171841,1171842,1171843,1171844,1171849,1171857,1171868,1171904,1171915,1171982,1171983,1171988,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172108,1172145,1172169,1172170,1172197,1172201,1172208,1172223,1172247,1172317,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172418,1172419,1172453,1172458,1172467,1172484,1172537,1172543,1172687,1172719,1172733,1172739,1172751,1172757,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172871,1172873,1172938,1172939,1172940,1172956,1172963,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173017,1173068,1173074,1173085,1173115,1173139,1173206,1173267,1173271,1173280,1173284,1173428,1173438,1173461,1173468,1173485,1173514,1173552,1173573,1173625,1173746,1173776,1173798,1173813,1173817,1173818,1173820,1173822,1173823,1173824,1173825,1173826,1173827,1173828,1173830,1173831,1173832,1173833,1173834,1173836,1173837,1173838,1173839,1173841,1173843,1173844,1173845,1173847,1173849,1173860,1173894,1173941,1173954,1174002,1174003,1174018,1174026,1174029,1174072,1174098,1174110,1174111,1174116,1174126,1174127,1174128,1174129,1174146,1174185,1174205,1174244,1174263,1174264,1174331,1174332,1174333,1174345,1174356,1174358,1174362,1174387,1174396,1174398,1174407,1174409,1174411,1174438,1174462,1174484,1174486,1174513,1174527,1174625,1174627,1174645,1174689,1174699,1174737,1174748,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174899,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175079,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175306,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175480,1175493,1175546,1175550,1175599,1175621,1175654,1175667,1175691,1175718,1175721,1175749,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175787,1175807,1175834,1175873,1175882,1175898,1175918,1175952,1175995,1175996,1175997,1175998,1175999,1176000,1176001,1176019,1176022,1176038,1176063,1176069,1176109,1176137,1176180,1176200,1176235,1176236,1176237,1176242,1176354,1176357,1176358,1176359,1176360,1176361,1176362,1176363,1176364,1176365,1176366,1176367,1176381,1176396,1176400,1176423,1176449,1176481,1176485,1176486,1176507,1176536,1176537,1176538,1176539,1176540,1176541,1176542,1176543,1176544,1176545,1176546,1176548,1176558,1176559,1176564,1176586,1176587,1176588,1176659,1176698,1176699,1176700,1176713,1176721,1176722,1176725,1176732,1176763,1176775,1176788,1176789,1176833,1176855,1176869,1176877,1176907,1176925,1176942,1176956,1176962,1176979,1176980,1176983,1176990,1177021,1177030,1177066,1177070,1177086,1177090,1177109,1177121,1177193,1177194,1177206,1177258,1177271,1177281,1177283,1177284,1177285,1177286,1177297,1177326,1177353,1177384,1177397,1177410,1177411,1177470,1177500,1177511,1177617,1177666,1177679,1177681,1177683,1177687,1177694,1177697,1177698,1177703,1177719,1177724,1177725,1177726,1177733,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177820,1177854,1177855,1177856,1177861,1178002,1178049,1178079,1178123,1178166,1178173,1178175,1178176,1178177,1178182,1178183,1178184,1178185,1178186,1178190,1178191,1178203,1178227,1178246,1178255,1178270,1178286,1178307,1178330,1178393,1178395,1178401,1178426,1178461,1178579,1178581,1178584,1178585,1178589,1178590,1178612,1178634,1178635,1178653,1178659,1178660,1178661,1178669,1178686,1178740,1178755,1178756,1178762,1178780,1178838,1178853,1178886,1179001,1179012,1179014,1179015,1179045,1179076,1179082,1179107,1179140,1179141,1179160,1179201,1179204,1179211,1179217,1179419,1179424,1179425,1179426,1179427,1179429,1179432,1179434,1179435,1179442,1179519,1179550,1179575,1179578,1179601,1179604,1179639,1179652,1179656,1179670,1179671,1179672,1179673,1179675,1179676,1179677,1179678,1179679,1179680,1179681,1179682,1179683,1179684,1179685,1179687,1179688,1179689,1179690,1179703,1179704,1179707,1179709,1179710,1179711,1179712,1179713,1179714,1179715,1179716,1179745,1179763,1179887,1179888,1179892,1179896,1179960,1179963,1180027,1180029,1180031,1180052,1180056,1180086,1180117,1180258,1180261,1180349,1180506,1180541,1180559,1180566,173030,744692,789311,954532,995541
CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-0110,CVE-2020-0305,CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-0543,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-10781,CVE-2020-11668,CVE-2020-12351,CVE-2020-12352,CVE-2020-12652,CVE-2020-12656,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14314,CVE-2020-14331,CVE-2020-14351,CVE-2020-14356,CVE-2020-14385,CVE-2020-14386,CVE-2020-14390,CVE-2020-14416,CVE-2020-15393,CVE-2020-15436,CVE-2020-15437,CVE-2020-15780,CVE-2020-16120,CVE-2020-16166,CVE-2020-1749,CVE-2020-24490,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25669,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-27830,CVE-2020-28915,CVE-2020-28941,CVE-2020-28974,CVE-2020-29369,CVE-2020-29370,CVE-2020-29371,CVE-2020-29373,CVE-2020-29660,CVE-2020-29661,CVE-2020-36158,CVE-2020-4788,CVE-2020-8694
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-rt-5.3.18-lp152.3.5.1, kernel-rt_debug-5.3.18-lp152.3.5.1, kernel-source-rt-5.3.18-lp152.3.5.1, kernel-syms-rt-5.3.18-lp152.3.5.1

Comment 43 Marcus Meissner 2021-08-23 13:52:36 UTC

released