First Last Prev Next    This bug is not in your last search results.
Bug 1193767 - (CVE-2021-44733) VUL-0: CVE-2021-44733: kernel-source-rt,kernel-source-azure,kernel-source: use-after-free in the TEE subsystem
(CVE-2021-44733)
VUL-0: CVE-2021-44733: kernel-source-rt,kernel-source-azure,kernel-source: us...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/317533/
CVSSv3.1:SUSE:CVE-2021-44733:4.2:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-12-15 14:48 UTC by Alexander Bergmann
Modified: 2023-01-18 17:20 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2021-12-15 14:48:24 UTC 
rh#2030747

There is use-after-free design issue with the lifetime tracking of the tee_shm:dmabuf object.
If dmabuf in the process of being destroyed, and at the same time other process do a call to the IOCTL command TEE_IOC_OPEN_SESSION or TEE_IOC_INVOKE referencing that shared memory, then exploitable use-after-free could happen.
It is hard to trigger the issue, so this is like race condition and to trigger it the CONFIG_CPU_SW_DOMAIN_PAN must be disabled and both the kernel must be configured with CONFIG_PREEMPT.

Reference and patch:
https://lore.kernel.org/lkml/20211214123540.1789434-1-jens.wiklander@linaro.org/

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2030747
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-44733
Comment 7 Swamp Workflow Management 2022-01-26 11:31:18 UTC 
SUSE-SU-2022:0197-1: An update that solves 22 vulnerabilities and has 59 fixes is now available.

Category: security (important)
Bug References: 1071995,1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176940,1176956,1177440,1178270,1179211,1179424,1179426,1179427,1179599,1179960,1181148,1181507,1181710,1183534,1183540,1183897,1184209,1185726,1185902,1187541,1189126,1189158,1191271,1191793,1191876,1192267,1192507,1192511,1192569,1192606,1192845,1192847,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193169,1193255,1193306,1193318,1193349,1193440,1193442,1193660,1193669,1193727,1193767,1193901,1193927,1194001,1194087,1194094,1194302,1194516,1194517,1194529,1194888,1194985
CVE References: CVE-2020-27820,CVE-2020-27825,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45485,CVE-2021-45486,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.99.1, kernel-livepatch-SLE15-SP2_Update_23-1-5.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.99.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 8 Borislav Petkov 2022-01-26 15:43:59 UTC 
stable: has it
15sp4: queued.
cve/linux-5.3: queued.
cve/linux-4.12: queued.

Commit which added TEE subsystem is in

$ git describe 967c9cca2cc5
v4.11-rc1-2-g967c9cca2cc5

so earlier not affected.

Bouncing back.
Comment 15 Swamp Workflow Management 2022-02-02 14:26:20 UTC 
SUSE-SU-2022:0289-1: An update that solves 10 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1071995,1184209,1191271,1193255,1193660,1193669,1193727,1193767,1193901,1193927,1194001,1194087,1194094,1194302,1194516,1194517,1194529,1194888,1194985
CVE References: CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-44733,CVE-2021-45485,CVE-2021-45486,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-68.1, kernel-rt_debug-5.3.18-68.1, kernel-source-rt-5.3.18-68.1, kernel-syms-rt-5.3.18-68.1
SUSE Linux Enterprise Micro 5.0 (src):    kernel-rt-5.3.18-68.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Swamp Workflow Management 2022-02-02 14:48:17 UTC 
SUSE-SU-2022:0288-1: An update that solves 9 vulnerabilities, contains 7 features and has 30 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1154353,1154492,1156395,1167773,1176447,1176774,1177437,1190256,1191271,1192931,1193255,1193328,1193669,1193727,1193767,1193901,1193927,1194001,1194027,1194302,1194493,1194516,1194517,1194518,1194529,1194580,1194584,1194586,1194587,1194589,1194590,1194591,1194592,1194888,1194953,1194985,1195062
CVE References: CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-44733,CVE-2021-46283,CVE-2022-0185,CVE-2022-0322
JIRA References: SLE-13294,SLE-13533,SLE-14777,SLE-15172,SLE-16683,SLE-23432,SLE-8464
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.71.1, kernel-rt_debug-5.3.18-150300.71.1, kernel-source-rt-5.3.18-150300.71.1, kernel-syms-rt-5.3.18-150300.71.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.71.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2022-02-10 20:21:31 UTC 
openSUSE-SU-2022:0366-1: An update that solves 27 vulnerabilities and has 23 fixes is now available.

Category: security (critical)
Bug References: 1071995,1124431,1167162,1169514,1172073,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191241,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1193927,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195166,1195254
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-197.105.1, kernel-default-4.12.14-197.105.1, kernel-kvmsmall-4.12.14-197.105.1, kernel-vanilla-4.12.14-197.105.1, kernel-zfcpdump-4.12.14-197.105.1
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-197.105.1, kernel-default-4.12.14-197.105.1, kernel-kvmsmall-4.12.14-197.105.1, kernel-vanilla-4.12.14-197.105.1, kernel-zfcpdump-4.12.14-197.105.1
Comment 25 Swamp Workflow Management 2022-02-10 20:24:50 UTC 
openSUSE-SU-2022:0363-1: An update that solves 12 vulnerabilities and has 20 fixes is now available.

Category: security (critical)
Bug References: 1154353,1154488,1160634,1176447,1177599,1183405,1185377,1187428,1187723,1188605,1191881,1193096,1193506,1193767,1193802,1193861,1193864,1193867,1194048,1194227,1194291,1194880,1195009,1195062,1195065,1195073,1195183,1195184,1195254,1195267,1195293,1195371
CVE References: CVE-2020-28097,CVE-2021-22600,CVE-2021-39648,CVE-2021-39657,CVE-2021-39685,CVE-2021-4159,CVE-2021-44733,CVE-2021-45095,CVE-2022-0286,CVE-2022-0330,CVE-2022-0435,CVE-2022-22942
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.40.4, kernel-source-azure-5.3.18-150300.38.40.4, kernel-syms-azure-5.3.18-150300.38.40.1
Comment 26 Swamp Workflow Management 2022-02-10 20:34:14 UTC 
SUSE-SU-2022:0363-1: An update that solves 12 vulnerabilities and has 20 fixes is now available.

Category: security (critical)
Bug References: 1154353,1154488,1160634,1176447,1177599,1183405,1185377,1187428,1187723,1188605,1191881,1193096,1193506,1193767,1193802,1193861,1193864,1193867,1194048,1194227,1194291,1194880,1195009,1195062,1195065,1195073,1195183,1195184,1195254,1195267,1195293,1195371
CVE References: CVE-2020-28097,CVE-2021-22600,CVE-2021-39648,CVE-2021-39657,CVE-2021-39685,CVE-2021-4159,CVE-2021-44733,CVE-2021-45095,CVE-2022-0286,CVE-2022-0330,CVE-2022-0435,CVE-2022-22942
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.40.4, kernel-source-azure-5.3.18-150300.38.40.4, kernel-syms-azure-5.3.18-150300.38.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2022-02-10 20:40:05 UTC 
SUSE-SU-2022:0367-1: An update that solves 27 vulnerabilities and has 23 fixes is now available.

Category: security (critical)
Bug References: 1071995,1124431,1167162,1169514,1172073,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191241,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193506,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195166,1195254
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1, kernel-zfcpdump-4.12.14-150.83.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.83.1, kernel-livepatch-SLE15_Update_27-1-1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.83.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2022-02-10 20:45:29 UTC 
SUSE-SU-2022:0366-1: An update that solves 27 vulnerabilities and has 23 fixes is now available.

Category: security (critical)
Bug References: 1071995,1124431,1167162,1169514,1172073,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191241,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1193927,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195166,1195254
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1, kernel-zfcpdump-4.12.14-197.105.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.105.1, kernel-livepatch-SLE15-SP1_Update_28-1-3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.105.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2022-02-10 20:49:54 UTC 
SUSE-SU-2022:0364-1: An update that solves 14 vulnerabilities and has 29 fixes is now available.

Category: security (critical)
Bug References: 1065729,1071995,1082555,1163405,1177599,1183405,1184209,1186207,1186222,1187428,1187723,1188605,1190973,1192729,1193096,1193234,1193235,1193242,1193507,1193660,1193669,1193727,1193767,1193861,1193864,1193927,1194001,1194027,1194227,1194302,1194410,1194493,1194516,1194529,1194814,1194880,1194888,1194965,1194985,1195065,1195073,1195254,1195272
CVE References: CVE-2020-28097,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-44733,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435,CVE-2022-22942
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.110.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.110.2, kernel-obs-build-4.12.14-122.110.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.110.1, kernel-source-4.12.14-122.110.1, kernel-syms-4.12.14-122.110.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.110.1, kgraft-patch-SLE12-SP5_Update_28-1-8.3.2
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.110.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2022-02-11 11:20:51 UTC 
SUSE-SU-2022:0370-1: An update that solves 11 vulnerabilities and has 29 fixes is now available.

Category: security (critical)
Bug References: 1154353,1154488,1156395,1160634,1176447,1177599,1183405,1185377,1187428,1187723,1188605,1191881,1193096,1193506,1193767,1193802,1193861,1193864,1193867,1194048,1194227,1194291,1194880,1195009,1195062,1195065,1195073,1195183,1195184,1195254,1195267,1195293,1195371,1195476,1195477,1195478,1195479,1195480,1195481,1195482
CVE References: CVE-2020-28097,CVE-2021-22600,CVE-2021-39648,CVE-2021-39657,CVE-2021-39685,CVE-2021-44733,CVE-2021-45095,CVE-2022-0286,CVE-2022-0330,CVE-2022-0435,CVE-2022-22942
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.49.1, kernel-preempt-5.3.18-150300.59.49.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.49.1, kernel-livepatch-SLE15-SP3_Update_14-1-150300.7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.49.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.49.1, kernel-obs-build-5.3.18-150300.59.49.1, kernel-preempt-5.3.18-150300.59.49.1, kernel-source-5.3.18-150300.59.49.1, kernel-syms-5.3.18-150300.59.49.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.49.1, kernel-default-5.3.18-150300.59.49.1, kernel-default-base-5.3.18-150300.59.49.1.150300.18.31.1, kernel-preempt-5.3.18-150300.59.49.1, kernel-source-5.3.18-150300.59.49.1, kernel-zfcpdump-5.3.18-150300.59.49.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.49.1, kernel-default-base-5.3.18-150300.59.49.1.150300.18.31.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.49.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2022-02-11 11:24:56 UTC 
openSUSE-SU-2022:0370-1: An update that solves 11 vulnerabilities and has 29 fixes is now available.

Category: security (critical)
Bug References: 1154353,1154488,1156395,1160634,1176447,1177599,1183405,1185377,1187428,1187723,1188605,1191881,1193096,1193506,1193767,1193802,1193861,1193864,1193867,1194048,1194227,1194291,1194880,1195009,1195062,1195065,1195073,1195183,1195184,1195254,1195267,1195293,1195371,1195476,1195477,1195478,1195479,1195480,1195481,1195482
CVE References: CVE-2020-28097,CVE-2021-22600,CVE-2021-39648,CVE-2021-39657,CVE-2021-39685,CVE-2021-44733,CVE-2021-45095,CVE-2022-0286,CVE-2022-0330,CVE-2022-0435,CVE-2022-22942
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.49.1, kernel-preempt-5.3.18-150300.59.49.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.49.1, kernel-64kb-5.3.18-150300.59.49.1, kernel-debug-5.3.18-150300.59.49.1, kernel-default-5.3.18-150300.59.49.1, kernel-default-base-5.3.18-150300.59.49.1.150300.18.31.1, kernel-docs-5.3.18-150300.59.49.1, kernel-kvmsmall-5.3.18-150300.59.49.1, kernel-obs-build-5.3.18-150300.59.49.1, kernel-obs-qa-5.3.18-150300.59.49.1, kernel-preempt-5.3.18-150300.59.49.1, kernel-source-5.3.18-150300.59.49.1, kernel-syms-5.3.18-150300.59.49.1, kernel-zfcpdump-5.3.18-150300.59.49.1
Comment 32 Swamp Workflow Management 2022-02-11 11:31:33 UTC 
SUSE-SU-2022:0371-1: An update that solves 27 vulnerabilities and has 22 fixes is now available.

Category: security (important)
Bug References: 1071995,1124431,1167162,1169514,1172073,1177101,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193507,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195254
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.88.1, kgraft-patch-SLE12-SP4_Update_24-1-6.5.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.88.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2022-02-11 11:35:38 UTC 
SUSE-SU-2022:0372-1: An update that solves 13 vulnerabilities and has 28 fixes is now available.

Category: security (critical)
Bug References: 1065729,1071995,1082555,1163405,1177599,1183405,1184209,1186207,1186222,1187428,1187723,1188605,1190973,1192729,1193096,1193234,1193235,1193242,1193507,1193660,1193727,1193767,1193861,1193864,1193927,1194027,1194227,1194302,1194410,1194493,1194516,1194529,1194814,1194880,1194888,1194965,1194985,1195065,1195073,1195254,1195272
CVE References: CVE-2020-28097,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4083,CVE-2021-4135,CVE-2021-4197,CVE-2021-4202,CVE-2021-44733,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435,CVE-2022-22942
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.88.1, kernel-source-azure-4.12.14-16.88.1, kernel-syms-azure-4.12.14-16.88.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2022-02-22 20:18:51 UTC 
SUSE-SU-2022:0555-1: An update that solves 16 vulnerabilities and has 31 fixes is now available.

Category: security (critical)
Bug References: 1065729,1071995,1082555,1163405,1177599,1183405,1184209,1185377,1186207,1186222,1187428,1187723,1188605,1190973,1192729,1193096,1193234,1193235,1193242,1193507,1193660,1193669,1193727,1193767,1193861,1193864,1193867,1193927,1194001,1194027,1194048,1194227,1194302,1194410,1194493,1194516,1194529,1194814,1194880,1194888,1194965,1194985,1195065,1195073,1195254,1195272,1195612
CVE References: CVE-2020-28097,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-44733,CVE-2021-45095,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435,CVE-2022-22942,CVE-2022-24448
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.78.1, kernel-rt_debug-4.12.14-10.78.1, kernel-source-rt-4.12.14-10.78.1, kernel-syms-rt-4.12.14-10.78.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
First Last Prev Next    This bug is not in your last search results.