Bug 1196584 - (CVE-2022-0847) VUL-0: CVE-2022-0847: kernel-source: overwrite data in arbitrary (read-only) files in kernels 5.8 until 5.16.11 aka "Dirty Pipe"
(CVE-2022-0847)
VUL-0: CVE-2022-0847: kernel-source: overwrite data in arbitrary (read-only) ...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P1 - Urgent : Major
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/325027/
CVSSv3.1:SUSE:CVE-2022-0847:7.8:(AV:L...
:
Depends on:
Blocks: 1196601
  Show dependency treegraph
 
Reported: 2022-03-01 08:30 UTC by Gianluca Gabrielli
Modified: 2022-08-01 08:31 UTC (History)
21 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Gianluca Gabrielli 2022-03-01 08:30:21 UTC
from linux-distro ML
--------------------

a vulnerability was fixed in Linux 5.16.11 which allowed local
attackers to overwrite data in arbitrary (read-only) files.

It was fixed by this patch:

https://lore.kernel.org/lkml/20220221100313.1504449-1-max.kellermann@ionos.com/

This maps to Linus's tree here:
https://git.kernel.org/linus/9d2231c5d74e13b2a0546fee6737ee4446017903

And, as you say, has been backported into -stable already:

5.16.11  eddef98207d678f21261c2bd07da55938680df4e
5.15.25  114e9f141822e6977633d322c1b03e89bd209932
5.10.102 b19ec7afa9297d862ed86443e0164643b97250ab
5.4.181  87c575d2a238febe8a04241008f18252fe5d093d
4.19.231 d46c42d8d2742742eddf9290e72df4b563f2e301
4.14.268 a162b11c975ef9a03a75027c04052906ed7710da
4.9.303  c460ef6e0596eb5ca844c45338c20f6023f1e43c
Comment 3 Gianluca Gabrielli 2022-03-01 08:34:59 UTC
affected branches:
 - cve/linux-5.3
 - cve/linux-4.12
 - SLE12-SP5
 - SLE15-SP3

Already fixed:
 - SLE15-SP4
 - stable
Comment 35 Marcus Meissner 2022-03-07 12:11:41 UTC
From: Max Kellermann <max.kellermann@ionos.com>
Date: Mon, 7 Mar 2022 13:01:19 +0100
Subject: [oss-security] CVE-2022-0847: Linux kernel: overwriting read-only files

Hi oss-security,

two weeks ago, I found a vulnerability in the Linux kernel since
version 5.8 commit f6dd975583bd ("pipe: merge anon_pipe_buf*_ops") due
to uninitialized variables.  It enables anybody to write arbitrary
data to arbitrary files, even if the file is O_RDONLY, immutable or on
a MS_RDONLY filesystem.  It can be used to inject code into arbitrary
processes.

It is similar to CVE-2016-5195 "Dirty Cow", but is easier to exploit.

The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.

A proof-of-concept exploit is attached.

For anybody curious, here's an article about how I discovered this:
 https://dirtypipe.cm4all.com/

Max
Comment 41 Takashi Iwai 2022-03-08 13:40:50 UTC
Reassigned back to security team.
Comment 42 Swamp Workflow Management 2022-03-08 23:21:56 UTC
openSUSE-SU-2022:0760-1: An update that solves 6 vulnerabilities, contains three features and has 50 fixes is now available.

Category: security (important)
Bug References: 1089644,1154353,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195286,1195352,1195378,1195506,1195516,1195543,1195668,1195701,1195798,1195799,1195823,1195908,1195928,1195947,1195957,1195995,1196195,1196235,1196339,1196373,1196400,1196403,1196516,1196584,1196585,1196601,1196612,1196776
CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0516,CVE-2022-0847,CVE-2022-25375
JIRA References: SLE-20807,SLE-22135,SLE-22494
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.54.1, kernel-preempt-5.3.18-150300.59.54.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.54.1, kernel-64kb-5.3.18-150300.59.54.1, kernel-debug-5.3.18-150300.59.54.1, kernel-default-5.3.18-150300.59.54.1, kernel-default-base-5.3.18-150300.59.54.1.150300.18.35.3, kernel-docs-5.3.18-150300.59.54.1, kernel-kvmsmall-5.3.18-150300.59.54.1, kernel-obs-build-5.3.18-150300.59.54.1, kernel-obs-qa-5.3.18-150300.59.54.1, kernel-preempt-5.3.18-150300.59.54.1, kernel-source-5.3.18-150300.59.54.1, kernel-syms-5.3.18-150300.59.54.1, kernel-zfcpdump-5.3.18-150300.59.54.1
Comment 43 Swamp Workflow Management 2022-03-08 23:23:14 UTC
SUSE-SU-2022:0764-1: An update that solves two vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1191580,1192483,1195701,1195995,1196584
CVE References: CVE-2022-0001,CVE-2022-0002
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-76.1, kernel-rt_debug-5.3.18-76.1, kernel-source-rt-5.3.18-76.1, kernel-syms-rt-5.3.18-76.1
SUSE Linux Enterprise Micro 5.0 (src):    kernel-rt-5.3.18-76.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 44 Swamp Workflow Management 2022-03-08 23:29:33 UTC
SUSE-SU-2022:0763-1: An update that solves three vulnerabilities, contains three features and has 43 fixes is now available.

Category: security (important)
Bug References: 1089644,1154353,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195286,1195352,1195378,1195506,1195668,1195701,1195798,1195799,1195823,1195928,1195957,1195995,1196195,1196235,1196339,1196400,1196516,1196584
CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-25375
JIRA References: SLE-20807,SLE-22135,SLE-22494
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.79.1, kernel-rt_debug-5.3.18-150300.79.1, kernel-source-rt-5.3.18-150300.79.1, kernel-syms-rt-5.3.18-150300.79.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.79.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Swamp Workflow Management 2022-03-08 23:32:44 UTC
SUSE-SU-2022:0759-1: An update that solves 14 vulnerabilities, contains one feature and has 12 fixes is now available.

Category: security (important)
Bug References: 1189126,1191580,1192483,1194516,1195254,1195286,1195516,1195543,1195612,1195701,1195897,1195905,1195908,1195947,1195949,1195987,1195995,1196079,1196095,1196132,1196155,1196235,1196584,1196601,1196612,1196776
CVE References: CVE-2021-44879,CVE-2022-0001,CVE-2022-0002,CVE-2022-0487,CVE-2022-0492,CVE-2022-0516,CVE-2022-0617,CVE-2022-0644,CVE-2022-0847,CVE-2022-24448,CVE-2022-24958,CVE-2022-24959,CVE-2022-25258,CVE-2022-25375
JIRA References: SLE-23652
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Linux Enterprise Realtime Extension 15-SP2 (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.107.1, kernel-livepatch-SLE15-SP2_Update_25-1-5.5.1
SUSE Linux Enterprise Micro 5.0 (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.107.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-24.107.1, kernel-default-base-5.3.18-24.107.1.9.50.2, kernel-docs-5.3.18-24.107.1, kernel-obs-build-5.3.18-24.107.1, kernel-preempt-5.3.18-24.107.1, kernel-source-5.3.18-24.107.1, kernel-syms-5.3.18-24.107.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Swamp Workflow Management 2022-03-08 23:38:37 UTC
SUSE-SU-2022:0755-1: An update that solves 6 vulnerabilities, contains three features and has 56 fixes is now available.

Category: security (important)
Bug References: 1089644,1154353,1156395,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195142,1195352,1195378,1195476,1195477,1195478,1195479,1195480,1195481,1195482,1195506,1195516,1195543,1195668,1195701,1195798,1195799,1195823,1195908,1195928,1195947,1195957,1195995,1196195,1196235,1196339,1196400,1196403,1196516,1196584,1196601,1196612,1196776
CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0516,CVE-2022-0847,CVE-2022-25375
JIRA References: SLE-20807,SLE-22135,SLE-22494
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.47.1, kernel-source-azure-5.3.18-150300.38.47.1, kernel-syms-azure-5.3.18-150300.38.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 47 Swamp Workflow Management 2022-03-08 23:41:00 UTC
SUSE-SU-2022:0766-1: An update that solves 9 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 1107207,1185973,1191580,1194516,1195536,1195543,1195612,1195840,1195897,1195908,1195949,1195987,1196079,1196155,1196584,1196612
CVE References: CVE-2021-44879,CVE-2022-0001,CVE-2022-0002,CVE-2022-0487,CVE-2022-0492,CVE-2022-0617,CVE-2022-0644,CVE-2022-24448,CVE-2022-24959
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.86.1, kernel-docs-4.12.14-150.86.1, kernel-obs-build-4.12.14-150.86.1, kernel-source-4.12.14-150.86.1, kernel-syms-4.12.14-150.86.1, kernel-vanilla-4.12.14-150.86.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.86.1, kernel-docs-4.12.14-150.86.1, kernel-obs-build-4.12.14-150.86.1, kernel-source-4.12.14-150.86.1, kernel-syms-4.12.14-150.86.1, kernel-vanilla-4.12.14-150.86.1, kernel-zfcpdump-4.12.14-150.86.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.86.1, kernel-livepatch-SLE15_Update_28-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.86.1, kernel-docs-4.12.14-150.86.1, kernel-obs-build-4.12.14-150.86.1, kernel-source-4.12.14-150.86.1, kernel-syms-4.12.14-150.86.1, kernel-vanilla-4.12.14-150.86.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.86.1, kernel-docs-4.12.14-150.86.1, kernel-obs-build-4.12.14-150.86.1, kernel-source-4.12.14-150.86.1, kernel-syms-4.12.14-150.86.1, kernel-vanilla-4.12.14-150.86.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.86.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Swamp Workflow Management 2022-03-08 23:46:48 UTC
openSUSE-SU-2022:0755-1: An update that solves 6 vulnerabilities, contains three features and has 56 fixes is now available.

Category: security (important)
Bug References: 1089644,1154353,1156395,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195142,1195352,1195378,1195476,1195477,1195478,1195479,1195480,1195481,1195482,1195506,1195516,1195543,1195668,1195701,1195798,1195799,1195823,1195908,1195928,1195947,1195957,1195995,1196195,1196235,1196339,1196400,1196403,1196516,1196584,1196601,1196612,1196776
CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0516,CVE-2022-0847,CVE-2022-25375
JIRA References: SLE-20807,SLE-22135,SLE-22494
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.47.1, kernel-source-azure-5.3.18-150300.38.47.1, kernel-syms-azure-5.3.18-150300.38.47.1
Comment 49 Swamp Workflow Management 2022-03-08 23:49:08 UTC
SUSE-SU-2022:0768-1: An update that solves 9 vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 1185973,1191580,1194516,1195536,1195543,1195612,1195840,1195897,1195908,1195949,1195987,1196079,1196155,1196584,1196612
CVE References: CVE-2021-44879,CVE-2022-0001,CVE-2022-0002,CVE-2022-0487,CVE-2022-0492,CVE-2022-0617,CVE-2022-0644,CVE-2022-24448,CVE-2022-24959
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.108.1, kernel-docs-4.12.14-197.108.1, kernel-obs-build-4.12.14-197.108.1, kernel-source-4.12.14-197.108.1, kernel-syms-4.12.14-197.108.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.108.1, kernel-docs-4.12.14-197.108.1, kernel-obs-build-4.12.14-197.108.1, kernel-source-4.12.14-197.108.1, kernel-syms-4.12.14-197.108.1, kernel-zfcpdump-4.12.14-197.108.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.108.1, kernel-docs-4.12.14-197.108.1, kernel-obs-build-4.12.14-197.108.1, kernel-source-4.12.14-197.108.1, kernel-syms-4.12.14-197.108.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.108.1, kernel-livepatch-SLE15-SP1_Update_29-1-3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.108.1, kernel-docs-4.12.14-197.108.1, kernel-obs-build-4.12.14-197.108.1, kernel-source-4.12.14-197.108.1, kernel-syms-4.12.14-197.108.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.108.1, kernel-docs-4.12.14-197.108.1, kernel-obs-build-4.12.14-197.108.1, kernel-source-4.12.14-197.108.1, kernel-syms-4.12.14-197.108.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.108.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.108.1, kernel-docs-4.12.14-197.108.1, kernel-obs-build-4.12.14-197.108.1, kernel-source-4.12.14-197.108.1, kernel-syms-4.12.14-197.108.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.108.1, kernel-docs-4.12.14-197.108.1, kernel-obs-build-4.12.14-197.108.1, kernel-source-4.12.14-197.108.1, kernel-syms-4.12.14-197.108.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 50 Swamp Workflow Management 2022-03-08 23:52:56 UTC
openSUSE-SU-2022:0768-1: An update that solves 9 vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 1185973,1191580,1194516,1195536,1195543,1195612,1195840,1195897,1195908,1195949,1195987,1196079,1196155,1196584,1196612
CVE References: CVE-2021-44879,CVE-2022-0001,CVE-2022-0002,CVE-2022-0487,CVE-2022-0492,CVE-2022-0617,CVE-2022-0644,CVE-2022-24448,CVE-2022-24959
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-197.108.1, kernel-default-4.12.14-197.108.1, kernel-kvmsmall-4.12.14-197.108.1, kernel-vanilla-4.12.14-197.108.1, kernel-zfcpdump-4.12.14-197.108.1
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-197.108.1, kernel-default-4.12.14-197.108.1, kernel-kvmsmall-4.12.14-197.108.1, kernel-vanilla-4.12.14-197.108.1, kernel-zfcpdump-4.12.14-197.108.1
Comment 51 Swamp Workflow Management 2022-03-08 23:58:25 UTC
SUSE-SU-2022:0760-1: An update that solves 6 vulnerabilities, contains three features and has 50 fixes is now available.

Category: security (important)
Bug References: 1089644,1154353,1157038,1157923,1176447,1176940,1178134,1181147,1181588,1183872,1187716,1188404,1189126,1190812,1190972,1191580,1191655,1191741,1192210,1192483,1193096,1193233,1193243,1193787,1194163,1194967,1195012,1195081,1195286,1195352,1195378,1195506,1195516,1195543,1195668,1195701,1195798,1195799,1195823,1195908,1195928,1195947,1195957,1195995,1196195,1196235,1196339,1196373,1196400,1196403,1196516,1196584,1196585,1196601,1196612,1196776
CVE References: CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0516,CVE-2022-0847,CVE-2022-25375
JIRA References: SLE-20807,SLE-22135,SLE-22494
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.54.1, kernel-preempt-5.3.18-150300.59.54.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.54.1, kernel-livepatch-SLE15-SP3_Update_15-1-150300.7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.54.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.54.1, kernel-obs-build-5.3.18-150300.59.54.1, kernel-preempt-5.3.18-150300.59.54.1, kernel-source-5.3.18-150300.59.54.1, kernel-syms-5.3.18-150300.59.54.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.54.1, kernel-default-5.3.18-150300.59.54.1, kernel-default-base-5.3.18-150300.59.54.1.150300.18.35.3, kernel-preempt-5.3.18-150300.59.54.1, kernel-source-5.3.18-150300.59.54.1, kernel-zfcpdump-5.3.18-150300.59.54.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.54.1, kernel-default-base-5.3.18-150300.59.54.1.150300.18.35.3
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.54.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 52 Swamp Workflow Management 2022-03-09 00:04:39 UTC
SUSE-SU-2022:0761-1: An update that solves 7 vulnerabilities, contains one feature and has 47 fixes is now available.

Category: security (important)
Bug References: 1046306,1050244,1089644,1094978,1097583,1097584,1097585,1097586,1097587,1097588,1101674,1101816,1103991,1109837,1111981,1112374,1114648,1114685,1114893,1117495,1118661,1119113,1136460,1136461,1157038,1157923,1158533,1174852,1185973,1187716,1189126,1191271,1191580,1191655,1193857,1195080,1195377,1195536,1195543,1195638,1195795,1195823,1195840,1195897,1195908,1195934,1195987,1195995,1196079,1196155,1196400,1196516,1196584,1196612
CVE References: CVE-2021-44879,CVE-2022-0001,CVE-2022-0002,CVE-2022-0492,CVE-2022-0617,CVE-2022-0644,CVE-2022-24959
JIRA References: SLE-20809
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.81.1, kernel-rt_debug-4.12.14-10.81.1, kernel-source-rt-4.12.14-10.81.1, kernel-syms-rt-4.12.14-10.81.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 53 Swamp Workflow Management 2022-03-09 00:11:09 UTC
SUSE-SU-2022:0767-1: An update that solves 10 vulnerabilities, contains one feature and has 50 fixes is now available.

Category: security (important)
Bug References: 1046306,1050244,1089644,1094978,1097583,1097584,1097585,1097586,1097587,1097588,1101674,1101816,1103991,1109837,1111981,1112374,1114648,1114685,1114893,1117495,1118661,1119113,1136460,1136461,1157038,1157923,1158533,1174852,1185377,1185973,1187716,1189126,1191271,1191580,1191655,1193857,1193867,1194048,1194516,1195080,1195377,1195536,1195543,1195612,1195638,1195795,1195823,1195840,1195897,1195908,1195934,1195949,1195987,1195995,1196079,1196155,1196400,1196516,1196584,1196612
CVE References: CVE-2021-44879,CVE-2021-45095,CVE-2022-0001,CVE-2022-0002,CVE-2022-0487,CVE-2022-0492,CVE-2022-0617,CVE-2022-0644,CVE-2022-24448,CVE-2022-24959
JIRA References: SLE-20809
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.113.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.113.1, kernel-obs-build-4.12.14-122.113.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.113.1, kernel-source-4.12.14-122.113.1, kernel-syms-4.12.14-122.113.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.113.1, kgraft-patch-SLE12-SP5_Update_29-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.113.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 54 Swamp Workflow Management 2022-03-09 00:17:23 UTC
SUSE-SU-2022:0765-1: An update that solves 10 vulnerabilities, contains one feature and has 50 fixes is now available.

Category: security (important)
Bug References: 1046306,1050244,1089644,1094978,1097583,1097584,1097585,1097586,1097587,1097588,1101674,1101816,1103991,1109837,1111981,1112374,1114648,1114685,1114893,1117495,1118661,1119113,1136460,1136461,1157038,1157923,1158533,1174852,1185377,1185973,1187716,1189126,1191271,1191580,1191655,1193857,1193867,1194048,1194516,1195080,1195377,1195536,1195543,1195612,1195638,1195795,1195823,1195840,1195897,1195908,1195934,1195949,1195987,1195995,1196079,1196155,1196400,1196516,1196584,1196612
CVE References: CVE-2021-44879,CVE-2021-45095,CVE-2022-0001,CVE-2022-0002,CVE-2022-0487,CVE-2022-0492,CVE-2022-0617,CVE-2022-0644,CVE-2022-24448,CVE-2022-24959
JIRA References: SLE-20809
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.91.1, kernel-source-azure-4.12.14-16.91.1, kernel-syms-azure-4.12.14-16.91.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 55 Swamp Workflow Management 2022-03-09 00:21:31 UTC
SUSE-SU-2022:0757-1: An update that solves 10 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1107207,1114893,1185973,1191580,1194516,1195536,1195543,1195612,1195840,1195897,1195908,1195934,1195949,1195987,1196079,1196155,1196584,1196601,1196612
CVE References: CVE-2021-44879,CVE-2022-0001,CVE-2022-0002,CVE-2022-0487,CVE-2022-0492,CVE-2022-0617,CVE-2022-0644,CVE-2022-0847,CVE-2022-24448,CVE-2022-24959
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.93.1, kernel-source-4.12.14-95.93.1, kernel-syms-4.12.14-95.93.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.93.1, kernel-source-4.12.14-95.93.1, kernel-syms-4.12.14-95.93.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.93.1, kernel-source-4.12.14-95.93.1, kernel-syms-4.12.14-95.93.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.93.1, kernel-source-4.12.14-95.93.1, kernel-syms-4.12.14-95.93.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.93.1, kgraft-patch-SLE12-SP4_Update_25-1-6.5.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.93.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 57 Leilei Shen 2022-03-11 06:57:27 UTC
No CVE number in the changelog of kernel patch :

SLES12 SP5 
* Tue Mar 01 2022 tiwai@suse.de
- lib/iov_iter: initialize "flags" in new pipe_buffer
  (bsc#1196584).
- commit 589ad87

Could we add the CVE number to the changelog?
Comment 58 Gianluca Gabrielli 2022-03-11 08:35:27 UTC
Hi Leilei,

there's no CVE ID in changelogs because it wasn't yet assigned at submission time. The next kernel update round (April) would be the right occasion to add the CVE ID to all the changelogs.
Comment 75 Gabriele Sonnu 2022-05-11 13:01:31 UTC
Done.