Bug 1199487 - (CVE-2022-1679) VUL-0: CVE-2022-1679: kernel-source,kernel-source-rt,kernel-source-azure: kernel: Use-After-Free in ath9k_htc_probe_device() could cause an escalation of privileges
(CVE-2022-1679)
VUL-0: CVE-2022-1679: kernel-source,kernel-source-rt,kernel-source-azure: ker...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/331563/
CVSSv3.1:SUSE:CVE-2022-1679:7.0:(AV:L...
:
Depends on:
Blocks: 1201080
  Show dependency treegraph
 
Reported: 2022-05-12 15:08 UTC by Carlos López
Modified: 2023-02-15 14:23 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Carlos López 2022-05-12 15:08:26 UTC
rh#2084125

A vulnerability was found in ath9k_htc_probe_device in drivers/net/wireless/ath/ath9k/htc_drv_init.c in the Linux kernel. In this flaw, a local user may gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
In more details. After ieee80211_alloc_hw executes finished, it saves variable priv into htc_handle->drv_priv. Then, if function ath9k_htc_wait_for_target executes failed, it directly frees variable hw by function ieee80211_free_hw, but it doesn't clear htc_handle->drv_priv. At now, the usb communication channel has been established. Function ath9k_hif_usb_rx_stream is used to process received messages. It calls macro RX_STAT_INC to count packets' number. And this macro uses htc_handle->drv_priv which has been freed before.

Reference:
https://lore.kernel.org/lkml/87ilqc7jv9.fsf@kernel.org/t/

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2084125
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-1679
Comment 1 Carlos López 2022-05-12 15:23:25 UTC
Looks like all branches are affected. No merged upstream patches yet.
Comment 2 Takashi Iwai 2022-05-13 08:51:10 UTC
Let's wait the upstream reaction.  It seems that the upstream devs are trying to queue this sooner or later.
Comment 3 Takashi Iwai 2022-05-27 16:15:34 UTC
The fix is still not merged to the upstream yet, as it seems.
Comment 4 Takashi Iwai 2022-06-10 13:09:55 UTC
I pinged upstream
  https://lore.kernel.org/all/87bkv0vg2p.wl-tiwai@suse.de/

Let's see how it goes.
Comment 5 Takashi Iwai 2022-06-21 15:32:23 UTC
The fix is now in upstream ath.git tree, commit 0ac4827f78c7ffe8eef074bc010e7e34bc22f533
  ath9k: fix use-after-free in ath9k_hif_usb_rx_cb

I backported to SLE15-SP4, cve/linux-5.3, cve/linux-4.12, cve/linux-4.4 and cve/linux-3.0 branches as well was stable branch.  cve/linux-2.6.32 doesn't contain the relevant code.

Reassigned back to security team.
Comment 29 Swamp Workflow Management 2022-07-12 22:17:31 UTC
SUSE-SU-2022:2376-1: An update that solves 9 vulnerabilities and has 40 fixes is now available.

Category: security (important)
Bug References: 1065729,1179195,1180814,1185762,1192761,1193629,1194013,1195504,1195775,1196901,1197362,1197754,1198020,1199487,1199489,1199657,1200217,1200263,1200442,1200571,1200599,1200600,1200608,1200619,1200622,1200692,1200806,1200807,1200809,1200810,1200813,1200816,1200820,1200821,1200822,1200825,1200828,1200829,1200925,1201050,1201080,1201143,1201147,1201149,1201160,1201171,1201177,1201193,1201222
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1679,CVE-2022-20132,CVE-2022-20154,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981,CVE-2022-34918
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.69.1, kernel-source-azure-5.3.18-150300.38.69.1, kernel-syms-azure-5.3.18-150300.38.69.1
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.69.1, kernel-source-azure-5.3.18-150300.38.69.1, kernel-syms-azure-5.3.18-150300.38.69.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2022-07-12 22:21:18 UTC
SUSE-SU-2022:2377-1: An update that solves 15 vulnerabilities and has 22 fixes is now available.

Category: security (important)
Bug References: 1065729,1129770,1177282,1194013,1196964,1197170,1199482,1199487,1199657,1200343,1200571,1200599,1200600,1200604,1200605,1200608,1200619,1200692,1200762,1200806,1200807,1200809,1200810,1200813,1200820,1200821,1200822,1200829,1200868,1200869,1200870,1200871,1200872,1200873,1200925,1201080,1201251
CVE References: CVE-2020-26541,CVE-2021-4157,CVE-2022-1012,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-2318,CVE-2022-26365,CVE-2022-29900,CVE-2022-29901,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33981
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.103.1, kernel-source-azure-4.12.14-16.103.1, kernel-syms-azure-4.12.14-16.103.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2022-07-13 13:18:11 UTC
SUSE-SU-2022:2382-1: An update that solves 15 vulnerabilities and has 22 fixes is now available.

Category: security (important)
Bug References: 1065729,1129770,1177282,1194013,1196964,1197170,1199482,1199487,1199657,1200343,1200571,1200599,1200600,1200604,1200605,1200608,1200619,1200692,1200762,1200806,1200807,1200809,1200810,1200813,1200820,1200821,1200822,1200829,1200868,1200869,1200870,1200871,1200872,1200873,1200925,1201080,1201251
CVE References: CVE-2020-26541,CVE-2021-4157,CVE-2022-1012,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-2318,CVE-2022-26365,CVE-2022-29900,CVE-2022-29901,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33981
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.127.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.127.1, kernel-obs-build-4.12.14-122.127.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.127.1, kernel-source-4.12.14-122.127.1, kernel-syms-4.12.14-122.127.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.127.1, kgraft-patch-SLE12-SP5_Update_33-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.127.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2022-07-13 13:22:26 UTC
SUSE-SU-2022:2379-1: An update that solves 9 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1066618,1146519,1194013,1196901,1199487,1199657,1200571,1200604,1200605,1200619,1200692,1201050,1201080
CVE References: CVE-2017-16525,CVE-2021-26341,CVE-2021-4157,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.178.1, kernel-source-4.4.121-92.178.1, kernel-syms-4.4.121-92.178.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2022-07-14 13:21:18 UTC
SUSE-SU-2022:2393-1: An update that solves 21 vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 1158266,1162338,1162369,1173871,1177282,1194013,1196901,1198577,1199426,1199487,1199507,1199657,1200059,1200143,1200144,1200249,1200571,1200599,1200604,1200605,1200608,1200619,1200692,1200762,1201050,1201080,1201251
CVE References: CVE-2019-19377,CVE-2020-26541,CVE-2021-26341,CVE-2021-4157,CVE-2022-1184,CVE-2022-1679,CVE-2022-1729,CVE-2022-1974,CVE-2022-1975,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-21499,CVE-2022-2318,CVE-2022-26365,CVE-2022-29900,CVE-2022-29901,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33981
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.102.1, kernel-source-4.12.14-95.102.1, kernel-syms-4.12.14-95.102.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.102.1, kernel-source-4.12.14-95.102.1, kernel-syms-4.12.14-95.102.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.102.1, kernel-source-4.12.14-95.102.1, kernel-syms-4.12.14-95.102.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.102.1, kernel-source-4.12.14-95.102.1, kernel-syms-4.12.14-95.102.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.102.1, kgraft-patch-SLE12-SP4_Update_28-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.102.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2022-07-15 13:18:41 UTC
SUSE-SU-2022:2407-1: An update that solves 15 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1177282,1194013,1196901,1199487,1199657,1200571,1200599,1200604,1200605,1200608,1200619,1200692,1200762,1201050,1201080,1201251
CVE References: CVE-2020-26541,CVE-2021-26341,CVE-2021-4157,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-2318,CVE-2022-26365,CVE-2022-29900,CVE-2022-29901,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33981
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150000.150.95.1, kernel-docs-4.12.14-150000.150.95.1, kernel-obs-build-4.12.14-150000.150.95.1, kernel-source-4.12.14-150000.150.95.1, kernel-syms-4.12.14-150000.150.95.1, kernel-vanilla-4.12.14-150000.150.95.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150000.150.95.1, kernel-docs-4.12.14-150000.150.95.1, kernel-obs-build-4.12.14-150000.150.95.1, kernel-source-4.12.14-150000.150.95.1, kernel-syms-4.12.14-150000.150.95.1, kernel-vanilla-4.12.14-150000.150.95.1, kernel-zfcpdump-4.12.14-150000.150.95.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150000.150.95.1, kernel-livepatch-SLE15_Update_31-1-150000.1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150000.150.95.1, kernel-docs-4.12.14-150000.150.95.1, kernel-obs-build-4.12.14-150000.150.95.1, kernel-source-4.12.14-150000.150.95.1, kernel-syms-4.12.14-150000.150.95.1, kernel-vanilla-4.12.14-150000.150.95.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150000.150.95.1, kernel-docs-4.12.14-150000.150.95.1, kernel-obs-build-4.12.14-150000.150.95.1, kernel-source-4.12.14-150000.150.95.1, kernel-syms-4.12.14-150000.150.95.1, kernel-vanilla-4.12.14-150000.150.95.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150000.150.95.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2022-07-15 16:18:29 UTC
SUSE-SU-2022:2411-1: An update that solves 14 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1194013,1196901,1199487,1199657,1200571,1200599,1200604,1200605,1200608,1200619,1200692,1200762,1201050,1201080,1201251
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-2318,CVE-2022-26365,CVE-2022-29900,CVE-2022-29901,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33981
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-150100.197.117.1, kernel-default-4.12.14-150100.197.117.1, kernel-kvmsmall-4.12.14-150100.197.117.1, kernel-vanilla-4.12.14-150100.197.117.1, kernel-zfcpdump-4.12.14-150100.197.117.1
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-150100.197.117.1, kernel-default-4.12.14-150100.197.117.1, kernel-kvmsmall-4.12.14-150100.197.117.1, kernel-vanilla-4.12.14-150100.197.117.1, kernel-zfcpdump-4.12.14-150100.197.117.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-150100.197.117.1, kernel-docs-4.12.14-150100.197.117.1, kernel-obs-build-4.12.14-150100.197.117.1, kernel-source-4.12.14-150100.197.117.1, kernel-syms-4.12.14-150100.197.117.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.117.1, kernel-docs-4.12.14-150100.197.117.1, kernel-obs-build-4.12.14-150100.197.117.1, kernel-source-4.12.14-150100.197.117.1, kernel-syms-4.12.14-150100.197.117.1, kernel-zfcpdump-4.12.14-150100.197.117.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-150100.197.117.1, kernel-docs-4.12.14-150100.197.117.1, kernel-obs-build-4.12.14-150100.197.117.1, kernel-source-4.12.14-150100.197.117.1, kernel-syms-4.12.14-150100.197.117.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-150100.197.117.1, kernel-livepatch-SLE15-SP1_Update_32-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.117.1, kernel-docs-4.12.14-150100.197.117.1, kernel-obs-build-4.12.14-150100.197.117.1, kernel-source-4.12.14-150100.197.117.1, kernel-syms-4.12.14-150100.197.117.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-150100.197.117.1, kernel-docs-4.12.14-150100.197.117.1, kernel-obs-build-4.12.14-150100.197.117.1, kernel-source-4.12.14-150100.197.117.1, kernel-syms-4.12.14-150100.197.117.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-150100.197.117.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-150100.197.117.1, kernel-docs-4.12.14-150100.197.117.1, kernel-obs-build-4.12.14-150100.197.117.1, kernel-source-4.12.14-150100.197.117.1, kernel-syms-4.12.14-150100.197.117.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-150100.197.117.1, kernel-docs-4.12.14-150100.197.117.1, kernel-obs-build-4.12.14-150100.197.117.1, kernel-source-4.12.14-150100.197.117.1, kernel-syms-4.12.14-150100.197.117.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2022-07-18 10:17:24 UTC
SUSE-SU-2022:2423-1: An update that solves 9 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1194013,1195775,1196901,1197362,1199487,1199489,1199657,1200263,1200442,1200571,1200599,1200604,1200605,1200608,1200619,1200692,1201050,1201080
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-obs-build-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-obs-build-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-obs-build-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.120.1, kernel-livepatch-SLE15-SP2_Update_28-1-150200.5.5.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-obs-build-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-obs-build-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.120.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.120.1, kernel-default-base-5.3.18-150200.24.120.1.150200.9.56.2, kernel-docs-5.3.18-150200.24.120.1, kernel-obs-build-5.3.18-150200.24.120.1, kernel-preempt-5.3.18-150200.24.120.1, kernel-source-5.3.18-150200.24.120.1, kernel-syms-5.3.18-150200.24.120.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2022-07-18 10:20:32 UTC
SUSE-SU-2022:2424-1: An update that solves 10 vulnerabilities, contains one feature and has 43 fixes is now available.

Category: security (important)
Bug References: 1065729,1179195,1180814,1184924,1185762,1192761,1193629,1194013,1195504,1195775,1196901,1197362,1197754,1198020,1198924,1199482,1199487,1199489,1199657,1200217,1200263,1200343,1200442,1200571,1200599,1200600,1200608,1200619,1200622,1200692,1200806,1200807,1200809,1200810,1200813,1200816,1200820,1200821,1200822,1200825,1200828,1200829,1200925,1201050,1201080,1201143,1201147,1201149,1201160,1201171,1201177,1201193,1201222
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1012,CVE-2022-1679,CVE-2022-20132,CVE-2022-20154,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981,CVE-2022-34918
JIRA References: SLE-15442
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.96.1, kernel-rt_debug-5.3.18-150300.96.1, kernel-source-rt-5.3.18-150300.96.1, kernel-syms-rt-5.3.18-150300.96.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.96.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.96.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 Swamp Workflow Management 2022-07-18 10:26:57 UTC
SUSE-SU-2022:2422-1: An update that solves 11 vulnerabilities and has 44 fixes is now available.

Category: security (important)
Bug References: 1065729,1179195,1180814,1184924,1185762,1192761,1193629,1194013,1195504,1195775,1196901,1197362,1197754,1198020,1198924,1199482,1199487,1199489,1199657,1200217,1200263,1200343,1200442,1200571,1200599,1200600,1200604,1200605,1200608,1200619,1200622,1200692,1200806,1200807,1200809,1200810,1200813,1200816,1200820,1200821,1200822,1200825,1200828,1200829,1200925,1201050,1201080,1201143,1201147,1201149,1201160,1201171,1201177,1201193,1201222
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1012,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981,CVE-2022-34918
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.81.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.81.1, kernel-64kb-5.3.18-150300.59.81.1, kernel-debug-5.3.18-150300.59.81.1, kernel-default-5.3.18-150300.59.81.1, kernel-default-base-5.3.18-150300.59.81.1.150300.18.47.2, kernel-docs-5.3.18-150300.59.81.1, kernel-kvmsmall-5.3.18-150300.59.81.1, kernel-obs-build-5.3.18-150300.59.81.1, kernel-obs-qa-5.3.18-150300.59.81.1, kernel-preempt-5.3.18-150300.59.81.1, kernel-source-5.3.18-150300.59.81.1, kernel-syms-5.3.18-150300.59.81.1, kernel-zfcpdump-5.3.18-150300.59.81.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.81.1, kernel-preempt-5.3.18-150300.59.81.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.81.1, kernel-livepatch-SLE15-SP3_Update_21-1-150300.7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.81.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.81.1, kernel-obs-build-5.3.18-150300.59.81.1, kernel-preempt-5.3.18-150300.59.81.1, kernel-source-5.3.18-150300.59.81.1, kernel-syms-5.3.18-150300.59.81.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.81.1, kernel-default-5.3.18-150300.59.81.1, kernel-default-base-5.3.18-150300.59.81.1.150300.18.47.2, kernel-preempt-5.3.18-150300.59.81.1, kernel-source-5.3.18-150300.59.81.1, kernel-zfcpdump-5.3.18-150300.59.81.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.81.1, kernel-default-base-5.3.18-150300.59.81.1.150300.18.47.2
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.81.1, kernel-default-base-5.3.18-150300.59.81.1.150300.18.47.2
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.81.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Swamp Workflow Management 2022-07-21 13:19:00 UTC
SUSE-SU-2022:2478-1: An update that solves 9 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1066618,1146519,1194013,1196901,1199487,1199657,1200571,1200604,1200605,1200619,1200692,1201050,1201080
CVE References: CVE-2017-16525,CVE-2021-26341,CVE-2021-4157,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.167.1, kernel-source-4.4.180-94.167.1, kernel-syms-4.4.180-94.167.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 42 Swamp Workflow Management 2022-07-21 22:36:10 UTC
SUSE-SU-2022:2520-1: An update that solves 49 vulnerabilities, contains 26 features and has 207 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1071995,1089644,1103269,1118212,1121726,1137728,1156395,1157038,1157923,1175667,1179439,1179639,1180814,1183682,1183872,1184318,1184924,1187716,1188885,1189998,1190137,1190208,1190336,1190497,1190768,1190786,1190812,1191271,1191663,1192483,1193064,1193277,1193289,1193431,1193556,1193629,1193640,1193787,1193823,1193852,1194086,1194111,1194191,1194409,1194501,1194523,1194526,1194583,1194585,1194586,1194625,1194765,1194826,1194869,1195099,1195287,1195478,1195482,1195504,1195651,1195668,1195669,1195775,1195823,1195826,1195913,1195915,1195926,1195944,1195957,1195987,1196079,1196114,1196130,1196213,1196306,1196367,1196400,1196426,1196478,1196514,1196570,1196723,1196779,1196830,1196836,1196866,1196868,1196869,1196901,1196930,1196942,1196960,1197016,1197157,1197227,1197243,1197292,1197302,1197303,1197304,1197362,1197386,1197501,1197601,1197661,1197675,1197761,1197817,1197819,1197820,1197888,1197889,1197894,1197915,1197917,1197918,1197920,1197921,1197922,1197926,1198009,1198010,1198012,1198013,1198014,1198015,1198016,1198017,1198018,1198019,1198020,1198021,1198022,1198023,1198024,1198027,1198030,1198034,1198058,1198217,1198379,1198400,1198402,1198410,1198412,1198413,1198438,1198484,1198577,1198585,1198660,1198802,1198803,1198806,1198811,1198826,1198829,1198835,1198968,1198971,1199011,1199024,1199035,1199046,1199052,1199063,1199163,1199173,1199260,1199314,1199390,1199426,1199433,1199439,1199482,1199487,1199505,1199507,1199605,1199611,1199626,1199631,1199650,1199657,1199674,1199736,1199793,1199839,1199875,1199909,1200015,1200019,1200045,1200046,1200144,1200205,1200211,1200259,1200263,1200284,1200315,1200343,1200420,1200442,1200475,1200502,1200567,1200569,1200571,1200599,1200600,1200608,1200611,1200619,1200692,1200762,1200763,1200806,1200807,1200808,1200809,1200810,1200812,1200813,1200815,1200816,1200820,1200821,1200822,1200824,1200825,1200827,1200828,1200829,1200830,1200845,1200882,1200925,1201050,1201080,1201160,1201171,1201177,1201193,1201196,1201218,1201222,1201228,1201251,1201381,1201471,1201524
CVE References: CVE-2021-26341,CVE-2021-33061,CVE-2021-4204,CVE-2021-44879,CVE-2021-45402,CVE-2022-0264,CVE-2022-0494,CVE-2022-0617,CVE-2022-1012,CVE-2022-1016,CVE-2022-1184,CVE-2022-1198,CVE-2022-1205,CVE-2022-1462,CVE-2022-1508,CVE-2022-1651,CVE-2022-1652,CVE-2022-1671,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1789,CVE-2022-1852,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1998,CVE-2022-20132,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-23222,CVE-2022-26365,CVE-2022-26490,CVE-2022-29582,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33743,CVE-2022-33981,CVE-2022-34918
JIRA References: SLE-13513,SLE-13521,SLE-15442,SLE-17855,SLE-18194,SLE-18234,SLE-18375,SLE-18377,SLE-18378,SLE-18382,SLE-18385,SLE-18901,SLE-18938,SLE-18978,SLE-19001,SLE-19026,SLE-19242,SLE-19249,SLE-19253,SLE-19924,SLE-21315,SLE-23643,SLE-24072,SLE-24093,SLE-24350,SLE-24549
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.11.1, kernel-64kb-5.14.21-150400.24.11.1, kernel-debug-5.14.21-150400.24.11.1, kernel-default-5.14.21-150400.24.11.1, kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6, kernel-docs-5.14.21-150400.24.11.1, kernel-kvmsmall-5.14.21-150400.24.11.1, kernel-obs-build-5.14.21-150400.24.11.1, kernel-obs-qa-5.14.21-150400.24.11.1, kernel-source-5.14.21-150400.24.11.1, kernel-syms-5.14.21-150400.24.11.1, kernel-zfcpdump-5.14.21-150400.24.11.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1, kernel-livepatch-SLE15-SP4_Update_1-1-150400.9.5.3
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.11.1, kernel-obs-build-5.14.21-150400.24.11.1, kernel-source-5.14.21-150400.24.11.1, kernel-syms-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.11.1, kernel-default-5.14.21-150400.24.11.1, kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6, kernel-source-5.14.21-150400.24.11.1, kernel-zfcpdump-5.14.21-150400.24.11.1
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Swamp Workflow Management 2022-07-26 16:21:13 UTC
SUSE-SU-2022:2549-1: An update that solves 11 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 1065729,1179195,1180814,1184924,1185762,1192761,1193629,1194013,1195504,1195775,1196901,1197362,1197754,1198020,1198924,1199482,1199487,1199489,1199657,1200217,1200263,1200343,1200442,1200571,1200599,1200600,1200604,1200605,1200608,1200619,1200622,1200692,1200806,1200807,1200809,1200810,1200813,1200816,1200820,1200821,1200822,1200825,1200828,1200829,1200925,1201050,1201080,1201143,1201147,1201149,1201160,1201171,1201177,1201193,1201222,1201644,1201664,1201672,1201673,1201676
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1012,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981,CVE-2022-34918
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.87.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.87.1, kernel-64kb-5.3.18-150300.59.87.1, kernel-debug-5.3.18-150300.59.87.1, kernel-default-5.3.18-150300.59.87.1, kernel-default-base-5.3.18-150300.59.87.1.150300.18.50.2, kernel-docs-5.3.18-150300.59.87.1, kernel-kvmsmall-5.3.18-150300.59.87.1, kernel-obs-build-5.3.18-150300.59.87.1, kernel-obs-qa-5.3.18-150300.59.87.1, kernel-preempt-5.3.18-150300.59.87.1, kernel-source-5.3.18-150300.59.87.1, kernel-syms-5.3.18-150300.59.87.1, kernel-zfcpdump-5.3.18-150300.59.87.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.87.1, kernel-preempt-5.3.18-150300.59.87.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.87.1, kernel-livepatch-SLE15-SP3_Update_22-1-150300.7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.87.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.87.1, kernel-obs-build-5.3.18-150300.59.87.1, kernel-preempt-5.3.18-150300.59.87.1, kernel-source-5.3.18-150300.59.87.1, kernel-syms-5.3.18-150300.59.87.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.87.1, kernel-default-5.3.18-150300.59.87.1, kernel-default-base-5.3.18-150300.59.87.1.150300.18.50.2, kernel-preempt-5.3.18-150300.59.87.1, kernel-source-5.3.18-150300.59.87.1, kernel-zfcpdump-5.3.18-150300.59.87.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.87.1, kernel-default-base-5.3.18-150300.59.87.1.150300.18.50.2
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.87.1, kernel-default-base-5.3.18-150300.59.87.1.150300.18.50.2
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.87.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Swamp Workflow Management 2022-08-01 13:38:29 UTC
SUSE-SU-2022:2615-1: An update that solves 48 vulnerabilities, contains 26 features and has 202 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1071995,1089644,1103269,1118212,1121726,1137728,1156395,1157038,1157923,1175667,1179439,1179639,1180814,1183682,1183872,1184318,1184924,1187716,1188885,1189998,1190137,1190208,1190336,1190497,1190768,1190786,1190812,1191271,1191663,1192483,1193064,1193277,1193289,1193431,1193556,1193629,1193640,1193787,1193823,1193852,1194086,1194111,1194191,1194409,1194501,1194523,1194526,1194583,1194585,1194586,1194625,1194765,1194826,1194869,1195099,1195287,1195478,1195482,1195504,1195651,1195668,1195669,1195775,1195823,1195826,1195913,1195915,1195926,1195944,1195957,1195987,1196079,1196114,1196130,1196213,1196306,1196367,1196400,1196426,1196478,1196514,1196570,1196723,1196779,1196830,1196836,1196866,1196868,1196869,1196901,1196930,1196942,1196960,1197016,1197157,1197227,1197243,1197292,1197302,1197303,1197304,1197362,1197386,1197501,1197601,1197661,1197675,1197761,1197817,1197819,1197820,1197888,1197889,1197894,1197915,1197917,1197918,1197920,1197921,1197922,1197926,1198009,1198010,1198012,1198013,1198014,1198015,1198016,1198017,1198018,1198019,1198020,1198021,1198022,1198023,1198024,1198027,1198030,1198034,1198058,1198217,1198379,1198400,1198402,1198412,1198413,1198438,1198484,1198577,1198585,1198660,1198802,1198803,1198806,1198811,1198826,1198835,1198968,1198971,1199011,1199024,1199035,1199046,1199052,1199063,1199163,1199173,1199260,1199314,1199390,1199426,1199433,1199439,1199482,1199487,1199505,1199507,1199605,1199611,1199626,1199631,1199650,1199657,1199674,1199736,1199793,1199839,1199875,1199909,1200015,1200019,1200045,1200046,1200144,1200205,1200211,1200259,1200263,1200284,1200315,1200343,1200420,1200442,1200475,1200502,1200567,1200569,1200571,1200572,1200599,1200600,1200608,1200611,1200619,1200692,1200762,1200763,1200806,1200807,1200808,1200809,1200810,1200812,1200815,1200816,1200820,1200822,1200824,1200825,1200827,1200828,1200829,1200830,1200845,1200882,1200925,1201050,1201160,1201171,1201177,1201193,1201196,1201218,1201222,1201228,1201251,150300
CVE References: CVE-2021-26341,CVE-2021-33061,CVE-2021-4204,CVE-2021-44879,CVE-2021-45402,CVE-2022-0264,CVE-2022-0494,CVE-2022-0617,CVE-2022-1012,CVE-2022-1016,CVE-2022-1184,CVE-2022-1198,CVE-2022-1205,CVE-2022-1508,CVE-2022-1651,CVE-2022-1652,CVE-2022-1671,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1789,CVE-2022-1852,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1998,CVE-2022-20132,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-23222,CVE-2022-26365,CVE-2022-26490,CVE-2022-29582,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33743,CVE-2022-33981,CVE-2022-34918
JIRA References: SLE-13513,SLE-13521,SLE-15442,SLE-17855,SLE-18194,SLE-18234,SLE-18375,SLE-18377,SLE-18378,SLE-18382,SLE-18385,SLE-18901,SLE-18938,SLE-18978,SLE-19001,SLE-19026,SLE-19242,SLE-19249,SLE-19253,SLE-19924,SLE-21315,SLE-23643,SLE-24072,SLE-24093,SLE-24350,SLE-24549
Sources used:
openSUSE Leap 15.4 (src):    kernel-azure-5.14.21-150400.14.7.1, kernel-source-azure-5.14.21-150400.14.7.1, kernel-syms-azure-5.14.21-150400.14.7.1
SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src):    kernel-azure-5.14.21-150400.14.7.1, kernel-source-azure-5.14.21-150400.14.7.1, kernel-syms-azure-5.14.21-150400.14.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Swamp Workflow Management 2022-08-02 19:18:48 UTC
SUSE-SU-2022:2629-1: An update that solves 33 vulnerabilities and has 41 fixes is now available.

Category: security (important)
Bug References: 1024718,1055117,1061840,1065729,1129770,1158266,1177282,1188885,1194013,1194124,1196426,1196570,1196901,1196964,1197170,1197219,1197601,1198438,1198577,1198866,1198899,1199035,1199063,1199237,1199239,1199314,1199399,1199426,1199482,1199487,1199505,1199507,1199526,1199605,1199631,1199650,1199657,1199671,1199839,1200015,1200045,1200143,1200144,1200173,1200249,1200343,1200549,1200571,1200599,1200600,1200604,1200605,1200608,1200619,1200762,1200806,1200807,1200809,1200810,1200813,1200820,1200821,1200822,1200829,1200868,1200869,1200870,1200871,1200872,1200873,1200925,1201050,1201080,1201251
CVE References: CVE-2019-19377,CVE-2020-26541,CVE-2021-26341,CVE-2021-33061,CVE-2021-39711,CVE-2021-4157,CVE-2022-1012,CVE-2022-1184,CVE-2022-1652,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1836,CVE-2022-1966,CVE-2022-1974,CVE-2022-1975,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-26365,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.94.1, kernel-rt_debug-4.12.14-10.94.1, kernel-source-rt-4.12.14-10.94.1, kernel-syms-rt-4.12.14-10.94.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 47 Swamp Workflow Management 2022-08-15 22:18:08 UTC
SUSE-SU-2022:2809-1: An update that solves 22 vulnerabilities and has 19 fixes is now available.

Category: security (important)
Bug References: 1114648,1194013,1195478,1195775,1196472,1196901,1197362,1198829,1199487,1199489,1199647,1199648,1199657,1200263,1200442,1200571,1200599,1200604,1200605,1200608,1200619,1200692,1200762,1200905,1200910,1201050,1201080,1201251,1201429,1201458,1201635,1201636,1201644,1201664,1201672,1201673,1201676,1201742,1201752,1201930,1201940
CVE References: CVE-2020-36557,CVE-2020-36558,CVE-2021-26341,CVE-2021-33655,CVE-2021-33656,CVE-2021-4157,CVE-2022-1116,CVE-2022-1462,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-21505,CVE-2022-2318,CVE-2022-26365,CVE-2022-29900,CVE-2022-29901,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33981,CVE-2022-36946
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-obs-build-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-obs-build-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-obs-build-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.126.1, kernel-livepatch-SLE15-SP2_Update_29-1-150200.5.5.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-obs-build-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-obs-build-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.126.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.126.1, kernel-default-base-5.3.18-150200.24.126.1.150200.9.59.2, kernel-docs-5.3.18-150200.24.126.1, kernel-obs-build-5.3.18-150200.24.126.1, kernel-preempt-5.3.18-150200.24.126.1, kernel-source-5.3.18-150200.24.126.1, kernel-syms-5.3.18-150200.24.126.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Swamp Workflow Management 2022-09-01 13:58:55 UTC
openSUSE-SU-2022:2549-1: An update that solves 11 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 1065729,1179195,1180814,1184924,1185762,1192761,1193629,1194013,1195504,1195775,1196901,1197362,1197754,1198020,1198924,1199482,1199487,1199489,1199657,1200217,1200263,1200343,1200442,1200571,1200599,1200600,1200604,1200605,1200608,1200619,1200622,1200692,1200806,1200807,1200809,1200810,1200813,1200816,1200820,1200821,1200822,1200825,1200828,1200829,1200925,1201050,1201080,1201143,1201147,1201149,1201160,1201171,1201177,1201193,1201222,1201644,1201664,1201672,1201673,1201676
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1012,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981,CVE-2022-34918
JIRA References: 
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-default-5.3.18-150300.59.87.1, kernel-default-base-5.3.18-150300.59.87.1.150300.18.50.2
Comment 49 Swamp Workflow Management 2022-09-01 14:11:05 UTC
openSUSE-SU-2022:2422-1: An update that solves 11 vulnerabilities and has 44 fixes is now available.

Category: security (important)
Bug References: 1065729,1179195,1180814,1184924,1185762,1192761,1193629,1194013,1195504,1195775,1196901,1197362,1197754,1198020,1198924,1199482,1199487,1199489,1199657,1200217,1200263,1200343,1200442,1200571,1200599,1200600,1200604,1200605,1200608,1200619,1200622,1200692,1200806,1200807,1200809,1200810,1200813,1200816,1200820,1200821,1200822,1200825,1200828,1200829,1200925,1201050,1201080,1201143,1201147,1201149,1201160,1201171,1201177,1201193,1201222
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1012,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981,CVE-2022-34918
JIRA References: 
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-default-5.3.18-150300.59.81.1, kernel-default-base-5.3.18-150300.59.81.1.150300.18.47.2
Comment 50 Swamp Workflow Management 2022-09-01 14:59:02 UTC
SUSE-SU-2022:2424-2: An update that solves 10 vulnerabilities, contains one feature and has 43 fixes is now available.

Category: security (important)
Bug References: 1065729,1179195,1180814,1184924,1185762,1192761,1193629,1194013,1195504,1195775,1196901,1197362,1197754,1198020,1198924,1199482,1199487,1199489,1199657,1200217,1200263,1200343,1200442,1200571,1200599,1200600,1200608,1200619,1200622,1200692,1200806,1200807,1200809,1200810,1200813,1200816,1200820,1200821,1200822,1200825,1200828,1200829,1200925,1201050,1201080,1201143,1201147,1201149,1201160,1201171,1201177,1201193,1201222
CVE References: CVE-2021-26341,CVE-2021-4157,CVE-2022-1012,CVE-2022-1679,CVE-2022-20132,CVE-2022-20154,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981,CVE-2022-34918
JIRA References: SLE-15442
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-rt-5.3.18-150300.96.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 52 Marcus Meissner 2022-11-03 16:57:32 UTC
done
Comment 58 Swamp Workflow Management 2023-02-15 14:23:54 UTC
SUSE-SU-2023:0416-1: An update that solves 62 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1055710,1084513,1131430,1133374,1154848,1166098,1173514,1177471,1191961,1196973,1197331,1197343,1197366,1197391,1198516,1198829,1199063,1199426,1199487,1199650,1199657,1200598,1200619,1200692,1200910,1201050,1201251,1201429,1201635,1201636,1201940,1201948,1202097,1202346,1202347,1202393,1202500,1202897,1202898,1202960,1203107,1203271,1203514,1203769,1203960,1203987,1204166,1204354,1204405,1204431,1204439,1204574,1204631,1204646,1204647,1204653,1204894,1204922,1205220,1205514,1205671,1205796,1206677
CVE References: CVE-2017-13695,CVE-2018-7755,CVE-2019-3837,CVE-2019-3900,CVE-2020-15393,CVE-2020-16119,CVE-2020-36557,CVE-2020-36558,CVE-2021-26341,CVE-2021-33655,CVE-2021-33656,CVE-2021-34981,CVE-2021-39713,CVE-2021-45868,CVE-2022-1011,CVE-2022-1048,CVE-2022-1353,CVE-2022-1462,CVE-2022-1652,CVE-2022-1679,CVE-2022-20132,CVE-2022-20166,CVE-2022-20368,CVE-2022-20369,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21385,CVE-2022-21499,CVE-2022-2318,CVE-2022-2663,CVE-2022-28356,CVE-2022-29900,CVE-2022-29901,CVE-2022-3028,CVE-2022-3303,CVE-2022-33981,CVE-2022-3424,CVE-2022-3524,CVE-2022-3565,CVE-2022-3566,CVE-2022-3586,CVE-2022-3621,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-36879,CVE-2022-36946,CVE-2022-3903,CVE-2022-39188,CVE-2022-40768,CVE-2022-4095,CVE-2022-41218,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-43750,CVE-2022-44032,CVE-2022-44033,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS-EXTREME-CORE (src):    kernel-default-3.0.101-108.138.1, kernel-ec2-3.0.101-108.138.1, kernel-source-3.0.101-108.138.1, kernel-syms-3.0.101-108.138.1, kernel-trace-3.0.101-108.138.1, kernel-xen-3.0.101-108.138.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.