Bug 1194094 - (CVE-2021-45485) VUL-1: CVE-2021-45485: kernel-source-rt, kernel-source-azure, kernel-source: information leak in the IPv6 implementation in the Linux kernel before 5.13.3
(CVE-2021-45485)
VUL-1: CVE-2021-45485: kernel-source-rt, kernel-source-azure, kernel-source: ...
Status: NEW
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/318835/
CVSSv3.1:SUSE:CVE-2021-45485:3.7:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-12-27 14:01 UTC by Thomas Leroy
Modified: 2022-05-07 16:22 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2021-12-27 14:01:07 UTC
CVE-2021-45485

In the IPv6 implementation in the Linux kernel before 5.13.3,
net/ipv6/output_core.c has an information leak because of certain use of a hash
table which, although big, doesn't properly consider that IPv6-based attackers
can typically choose among many IPv6 source addresses.

Upstream commit:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-45485
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45485
http://www.cvedetails.com/cve/CVE-2021-45485/
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62f20e068ccc50d6ab66fdb72ba90da2b9418c99
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3
https://arxiv.org/pdf/2112.09604.pdf
Comment 1 Thomas Leroy 2021-12-27 15:57:38 UTC
Finding the buggy commit looks quite tricky here.
Commit [0] introduced siphash for IPv6 fragmentation header ID calculation, but I think the problem is not here. 
As far as I understand, the range of possible IPv6 source address allows an easier bruteforce for ID prediction. And adding a bigger hashtable would not fix the issue. The problem relies on the positive increment algorithm, and not on the hashing function used, or on the amount of entropy added.

[0] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=df453700e8d81b1bdafdf684365ee2b9431fb702
Comment 9 Swamp Workflow Management 2022-01-11 20:23:25 UTC
openSUSE-SU-2022:0056-1: An update that solves 14 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1
Comment 10 Swamp Workflow Management 2022-01-11 20:31:41 UTC
SUSE-SU-2022:0056-1: An update that solves 14 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Denis Kirjanov 2022-01-12 14:04:04 UTC
The patch is backported to:
- SLE12-SP5
- SLE15-SP2
- SLE15-SP3
- cve/linux-4.12
- cve/linux-4.4
Reassigned back to security team.
Comment 12 Swamp Workflow Management 2022-01-13 17:22:25 UTC
SUSE-SU-2022:0068-1: An update that solves 16 vulnerabilities and has 26 fixes is now available.

Category: security (important)
Bug References: 1114648,1124431,1167162,1169514,1172073,1179599,1183678,1183897,1184804,1185727,1185762,1187167,1189126,1189158,1189305,1189841,1190317,1190358,1190428,1191229,1191384,1191731,1191876,1192032,1192145,1192267,1192740,1192845,1192847,1192866,1192877,1192946,1192974,1193231,1193306,1193318,1193440,1193442,1193575,1193731,1194087,1194094
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.106.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.106.1, kernel-obs-build-4.12.14-122.106.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.106.1, kernel-source-4.12.14-122.106.1, kernel-syms-4.12.14-122.106.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.106.1, kgraft-patch-SLE12-SP5_Update_27-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.106.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2022-01-14 14:24:53 UTC
SUSE-SU-2022:0079-1: An update that solves 14 vulnerabilities, contains four features and has 58 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192845,1192847,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: ECO-3666,SLE-17823,SLE-20042,SLE-23139
Sources used:
SUSE MicroOS 5.1 (src):    kernel-rt-5.3.18-68.1
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-68.1, kernel-rt_debug-5.3.18-68.1, kernel-source-rt-5.3.18-68.1, kernel-syms-rt-5.3.18-68.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 14 Swamp Workflow Management 2022-01-14 14:30:14 UTC
SUSE-SU-2022:0080-1: An update that solves 18 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 1114648,1124431,1167162,1169514,1172073,1179599,1183678,1183897,1184804,1185727,1185762,1187167,1189126,1189158,1189305,1189841,1190317,1190358,1190428,1191229,1191384,1191731,1191876,1192032,1192145,1192267,1192740,1192845,1192847,1192866,1192877,1192946,1192974,1192987,1193231,1193306,1193318,1193440,1193442,1193575,1193669,1193727,1193731,1194001,1194087,1194094
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.85.1, kernel-source-azure-4.12.14-16.85.1, kernel-syms-azure-4.12.14-16.85.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 16 Swamp Workflow Management 2022-01-17 20:21:17 UTC
SUSE-SU-2022:0090-1: An update that solves 15 vulnerabilities, contains one feature and has 18 fixes is now available.

Category: security (important)
Bug References: 1114648,1124431,1167162,1179599,1183678,1183897,1184804,1185727,1185762,1187167,1189126,1189305,1189841,1190358,1191229,1191384,1192032,1192145,1192267,1192740,1192845,1192847,1192877,1192946,1192974,1193231,1193306,1193318,1193440,1193442,1193731,1194087,1194094
CVE References: CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-17288
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.73.1, kernel-rt_debug-4.12.14-10.73.1, kernel-source-rt-4.12.14-10.73.1, kernel-syms-rt-4.12.14-10.73.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2022-01-19 20:25:59 UTC
SUSE-SU-2022:0131-1: An update that solves 13 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
SUSE MicroOS 5.1 (src):    kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.40.1, kernel-livepatch-SLE15-SP3_Update_11-1-7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.40.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2022-01-19 20:34:33 UTC
openSUSE-SU-2022:0131-1: An update that solves 13 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.40.1, kernel-64kb-5.3.18-59.40.1, kernel-debug-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-docs-5.3.18-59.40.1, kernel-kvmsmall-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-obs-qa-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1
Comment 23 Swamp Workflow Management 2022-01-25 14:20:39 UTC
openSUSE-SU-2022:0169-1: An update that solves 10 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1154353,1154492,1156395,1167773,1176447,1176774,1177437,1190256,1191271,1191929,1192931,1193255,1193328,1193660,1193669,1193727,1193901,1193927,1194001,1194027,1194087,1194094,1194302,1194493,1194516,1194517,1194518,1194529,1194578,1194580,1194584,1194586,1194587,1194589,1194590,1194591,1194592,1194888,1194953,1194985
CVE References: CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-45485,CVE-2021-45486,CVE-2021-46283,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.37.1, kernel-source-azure-5.3.18-150300.38.37.1, kernel-syms-azure-5.3.18-150300.38.37.1
Comment 24 Swamp Workflow Management 2022-01-25 14:26:22 UTC
SUSE-SU-2022:0169-1: An update that solves 10 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1154353,1154492,1156395,1167773,1176447,1176774,1177437,1190256,1191271,1191929,1192931,1193255,1193328,1193660,1193669,1193727,1193901,1193927,1194001,1194027,1194087,1194094,1194302,1194493,1194516,1194517,1194518,1194529,1194578,1194580,1194584,1194586,1194587,1194589,1194590,1194591,1194592,1194888,1194953,1194985
CVE References: CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-45485,CVE-2021-45486,CVE-2021-46283,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.37.1, kernel-source-azure-5.3.18-150300.38.37.1, kernel-syms-azure-5.3.18-150300.38.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2022-01-26 11:20:26 UTC
SUSE-SU-2022:0198-1: An update that solves 10 vulnerabilities and has 33 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1154353,1154492,1156395,1167773,1176447,1176774,1177437,1190256,1191271,1191929,1192931,1193255,1193328,1193660,1193669,1193727,1193901,1193927,1194001,1194027,1194087,1194094,1194266,1194302,1194493,1194516,1194517,1194518,1194529,1194578,1194580,1194584,1194586,1194587,1194589,1194590,1194591,1194592,1194888,1194953,1194985
CVE References: CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-45485,CVE-2021-45486,CVE-2021-46283,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
SUSE MicroOS 5.1 (src):    kernel-default-5.3.18-150300.59.43.1, kernel-default-base-5.3.18-150300.59.43.1.150300.18.27.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.43.1, kernel-preempt-5.3.18-150300.59.43.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.43.1, kernel-livepatch-SLE15-SP3_Update_12-1-150300.7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.43.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.43.1, kernel-obs-build-5.3.18-150300.59.43.1, kernel-preempt-5.3.18-150300.59.43.1, kernel-source-5.3.18-150300.59.43.1, kernel-syms-5.3.18-150300.59.43.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.43.1, kernel-default-5.3.18-150300.59.43.1, kernel-default-base-5.3.18-150300.59.43.1.150300.18.27.1, kernel-preempt-5.3.18-150300.59.43.1, kernel-source-5.3.18-150300.59.43.1, kernel-zfcpdump-5.3.18-150300.59.43.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.43.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2022-01-26 11:31:43 UTC
SUSE-SU-2022:0197-1: An update that solves 22 vulnerabilities and has 59 fixes is now available.

Category: security (important)
Bug References: 1071995,1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176940,1176956,1177440,1178270,1179211,1179424,1179426,1179427,1179599,1179960,1181148,1181507,1181710,1183534,1183540,1183897,1184209,1185726,1185902,1187541,1189126,1189158,1191271,1191793,1191876,1192267,1192507,1192511,1192569,1192606,1192845,1192847,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193169,1193255,1193306,1193318,1193349,1193440,1193442,1193660,1193669,1193727,1193767,1193901,1193927,1194001,1194087,1194094,1194302,1194516,1194517,1194529,1194888,1194985
CVE References: CVE-2020-27820,CVE-2020-27825,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45485,CVE-2021-45486,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.99.1, kernel-livepatch-SLE15-SP2_Update_23-1-5.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.99.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2022-01-26 11:35:53 UTC
openSUSE-SU-2022:0198-1: An update that solves 10 vulnerabilities and has 33 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1154353,1154492,1156395,1167773,1176447,1176774,1177437,1190256,1191271,1191929,1192931,1193255,1193328,1193660,1193669,1193727,1193901,1193927,1194001,1194027,1194087,1194094,1194266,1194302,1194493,1194516,1194517,1194518,1194529,1194578,1194580,1194584,1194586,1194587,1194589,1194590,1194591,1194592,1194888,1194953,1194985
CVE References: CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-45485,CVE-2021-45486,CVE-2021-46283,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.43.1, kernel-preempt-5.3.18-150300.59.43.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.43.1, kernel-64kb-5.3.18-150300.59.43.1, kernel-debug-5.3.18-150300.59.43.1, kernel-default-5.3.18-150300.59.43.1, kernel-default-base-5.3.18-150300.59.43.1.150300.18.27.1, kernel-docs-5.3.18-150300.59.43.1, kernel-kvmsmall-5.3.18-150300.59.43.1, kernel-obs-build-5.3.18-150300.59.43.1, kernel-obs-qa-5.3.18-150300.59.43.1, kernel-preempt-5.3.18-150300.59.43.1, kernel-source-5.3.18-150300.59.43.1, kernel-syms-5.3.18-150300.59.43.1, kernel-zfcpdump-5.3.18-150300.59.43.1
Comment 31 Swamp Workflow Management 2022-02-02 14:26:46 UTC
SUSE-SU-2022:0289-1: An update that solves 10 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1071995,1184209,1191271,1193255,1193660,1193669,1193727,1193767,1193901,1193927,1194001,1194087,1194094,1194302,1194516,1194517,1194529,1194888,1194985
CVE References: CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-44733,CVE-2021-45485,CVE-2021-45486,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-68.1, kernel-rt_debug-5.3.18-68.1, kernel-source-rt-5.3.18-68.1, kernel-syms-rt-5.3.18-68.1
SUSE Linux Enterprise Micro 5.0 (src):    kernel-rt-5.3.18-68.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2022-02-10 20:29:19 UTC
SUSE-SU-2022:0362-1: An update that solves 23 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1012382,1179960,1183696,1186207,1192032,1192267,1192847,1192877,1192946,1193157,1193440,1193442,1193507,1193575,1193669,1193727,1193861,1193864,1193867,1194001,1194087,1194094,1194272,1194302,1194516,1194529,1194880
CVE References: CVE-2018-25020,CVE-2019-0136,CVE-2020-35519,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4155,CVE-2021-4197,CVE-2021-4202,CVE-2021-43976,CVE-2021-45095,CVE-2021-45485,CVE-2021-45486,CVE-2022-0330
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.153.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2022-02-17 17:25:37 UTC
SUSE-SU-2022:0477-1: An update that solves 23 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1012382,1179960,1183696,1186207,1192032,1192847,1192877,1192946,1193157,1193440,1193442,1193575,1193669,1193727,1193861,1193864,1193867,1194001,1194087,1194094,1194272,1194302,1194516,1194529,1194880
CVE References: CVE-2018-25020,CVE-2019-0136,CVE-2020-35519,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4155,CVE-2021-4197,CVE-2021-4202,CVE-2021-43976,CVE-2021-45095,CVE-2021-45485,CVE-2021-45486,CVE-2022-0330
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.164.1, kernel-source-4.4.121-92.164.1, kernel-syms-4.4.121-92.164.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2022-03-01 20:32:00 UTC
openSUSE-SU-2022:0056-1: An update that solves 17 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194175,1194176,1194177,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486,CVE-2022-23096,CVE-2022-23097,CVE-2022-23098
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1
openSUSE Backports SLE-15-SP3 (src):    connman-1.41-bp153.2.3.1
Comment 36 Swamp Workflow Management 2022-05-07 16:22:26 UTC
openSUSE-SU-2022:0131-1: An update that solves 14 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1195323
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-2032,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
openSUSE Leap 15.4 (src):    keycloak-18.0.0-lp154.2.3.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.40.1, kernel-64kb-5.3.18-59.40.1, kernel-debug-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-docs-5.3.18-59.40.1, kernel-kvmsmall-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-obs-qa-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1