Bug 1199505 – VUL-0: CVE-2022-30594: kernel-source,kernel-source-azure,kernel-source-rt: mishandled seccomp permissions

Bug 1199505 - (CVE-2022-30594) VUL-0: CVE-2022-30594: kernel-source,kernel-source-azure,kernel-source-rt: mishandled seccomp permissions

(CVE-2022-30594)
Summary:	VUL-0: CVE-2022-30594: kernel-source,kernel-source-azure,kernel-source-rt: mi...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/331596/
Whiteboard:	CVSSv3.1:SUSE:CVE-2022-30594:8.4:(AV:...
Keywords:

Depends on:
Blocks:	1199602
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2022-05-13 07:31 UTC by Thomas Leroy
Modified:	2023-01-18 17:40 UTC (History)
CC List:	4 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Leroy 2022-05-13 07:31:44 UTC

rh#2085300

The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions on setting the PT_SUSPEND_SECCOMP flag.

Fixing commit:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3

Commit introducing the bug:
https://github.com/torvalds/linux/commit/13c4a90119d28cfcb6b5bdd820c233b86c2b0237

References:
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2
https://bugs.chromium.org/p/project-zero/issues/detail?id=2276
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3
https://github.com/torvalds/linux/commit/ee1fee900537b5d9560e9f937402de5ddc8412f3
https://bugzilla.redhat.com/show_bug.cgi?id=2085300
https://bugs.chromium.org/p/project-zero/issues/detail?id=2276
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-30594
https://github.com/torvalds/linux/commit/ee1fee900537b5d9560e9f937402de5ddc8412f3
http://www.cvedetails.com/cve/CVE-2022-30594/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30594
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.17.2
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3

Comment 1 Thomas Leroy 2022-05-13 08:08:18 UTC

The following branches contain the buggy commit without the fixing one:
- SLE15-SP4-GA
- cve/linux-4.12
- cve/linux-4.4
- cve/linux-5.3

With bnc#1198413, it seems that SLE12-SP5, SLE15-SP3 and SLE15-SP4 have the fix, but the changes files don't mention the CVE id since it was not assigned yet. We will need to mention it on these branches for the next kernel update...

Comment 2 Takashi Iwai 2022-05-13 08:39:34 UTC

How much CVSS is this?  Whether allowed to be merge into SLE15-SP4-GA depends on it.

I updated the patch references in SLE12-SP5 and SLE15-SP3 branches, backported the fix to cve/linux-4.4, cve/linux-4.12 and cve/linux-5.3 branches.

Comment 3 Thomas Leroy 2022-05-13 08:46:19 UTC

(In reply to Takashi Iwai from comment #2)
> How much CVSS is this?  Whether allowed to be merge into SLE15-SP4-GA
> depends on it.

Ah alright, didn't know that. I just gave it 8.4.

> I updated the patch references in SLE12-SP5 and SLE15-SP3 branches,
> backported the fix to cve/linux-4.4, cve/linux-4.12 and cve/linux-5.3
> branches.

Thanks a lot Takashi!

Comment 4 Takashi Iwai 2022-05-13 08:49:36 UTC

Thanks, then, it should go into SLE15-SP4-GA.  Now backported in SLE15-SP4-GA, too.

Reassigned back to security team.

Comment 23 Swamp Workflow Management 2022-06-14 22:19:09 UTC

SUSE-SU-2022:2077-1: An update that solves 29 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1055710,1065729,1084513,1087082,1126703,1158266,1173265,1182171,1183646,1183723,1187055,1191647,1196426,1197343,1198031,1198032,1198516,1198577,1198660,1198687,1198742,1199012,1199063,1199426,1199505,1199507,1199605,1199650,1200143,1200144,1200249
CVE References: CVE-2017-13695,CVE-2018-20784,CVE-2018-7755,CVE-2019-19377,CVE-2020-10769,CVE-2021-20292,CVE-2021-20321,CVE-2021-28688,CVE-2021-33061,CVE-2021-38208,CVE-2022-1011,CVE-2022-1184,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-1652,CVE-2022-1729,CVE-2022-1734,CVE-2022-1974,CVE-2022-1975,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-28388,CVE-2022-28390,CVE-2022-30594
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.175.2, kernel-source-4.4.121-92.175.2, kernel-syms-4.4.121-92.175.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Swamp Workflow Management 2022-06-14 22:22:43 UTC

SUSE-SU-2022:2080-1: An update that solves 18 vulnerabilities and has 27 fixes is now available.

Category: security (important)
Bug References: 1024718,1055117,1061840,1065729,1129770,1158266,1162338,1162369,1173871,1188885,1194124,1195612,1195651,1196426,1196570,1197219,1197601,1198438,1198577,1198899,1198989,1199035,1199063,1199237,1199239,1199314,1199399,1199426,1199505,1199507,1199526,1199602,1199605,1199606,1199631,1199650,1199671,1199839,1200015,1200045,1200057,1200143,1200144,1200173,1200249
CVE References: CVE-2019-19377,CVE-2021-33061,CVE-2021-39711,CVE-2022-1184,CVE-2022-1652,CVE-2022-1729,CVE-2022-1734,CVE-2022-1966,CVE-2022-1974,CVE-2022-1975,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-24448,CVE-2022-30594
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.100.2, kernel-source-azure-4.12.14-16.100.1, kernel-syms-azure-4.12.14-16.100.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 25 Swamp Workflow Management 2022-06-14 22:27:21 UTC

SUSE-SU-2022:2082-1: An update that solves 29 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 1051510,1055710,1065729,1084513,1087082,1126703,1158266,1173265,1182171,1183646,1183723,1187055,1191647,1195651,1196426,1197343,1198031,1198032,1198516,1198577,1198660,1198687,1198742,1198962,1198997,1199012,1199063,1199314,1199426,1199505,1199507,1199605,1199650,1199785,1200143,1200144,1200249
CVE References: CVE-2017-13695,CVE-2018-20784,CVE-2018-7755,CVE-2019-19377,CVE-2020-10769,CVE-2021-20292,CVE-2021-20321,CVE-2021-28688,CVE-2021-33061,CVE-2021-38208,CVE-2022-1011,CVE-2022-1184,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-1652,CVE-2022-1729,CVE-2022-1734,CVE-2022-1974,CVE-2022-1975,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-28388,CVE-2022-28390,CVE-2022-30594
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.164.3, kernel-source-4.4.180-94.164.2, kernel-syms-4.4.180-94.164.2, kgraft-patch-SLE12-SP3_Update_45-1-4.3.2
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.164.3, kernel-source-4.4.180-94.164.2, kernel-syms-4.4.180-94.164.2, kgraft-patch-SLE12-SP3_Update_45-1-4.3.2
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.164.3, kernel-source-4.4.180-94.164.2, kernel-syms-4.4.180-94.164.2, kgraft-patch-SLE12-SP3_Update_45-1-4.3.2
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.164.3, kernel-source-4.4.180-94.164.2, kernel-syms-4.4.180-94.164.2, kgraft-patch-SLE12-SP3_Update_45-1-4.3.2
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.164.3, kernel-source-4.4.180-94.164.2, kernel-syms-4.4.180-94.164.2
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.164.3
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.164.3, kernel-source-4.4.180-94.164.2, kernel-syms-4.4.180-94.164.2, kgraft-patch-SLE12-SP3_Update_45-1-4.3.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 26 Swamp Workflow Management 2022-06-14 22:32:48 UTC

SUSE-SU-2022:2079-1: An update that solves 15 vulnerabilities, contains two features and has 36 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1103269,1118212,1152472,1152489,1153274,1154353,1156395,1158266,1167773,1176447,1178134,1180100,1183405,1188885,1195612,1195651,1195826,1196426,1196478,1196570,1196840,1197446,1197472,1197601,1197675,1198438,1198534,1198577,1198971,1198989,1199035,1199052,1199063,1199114,1199314,1199505,1199507,1199564,1199626,1199631,1199650,1199670,1199839,1200019,1200045,1200046,1200192,1200216
CVE References: CVE-2019-19377,CVE-2021-33061,CVE-2022-0168,CVE-2022-1184,CVE-2022-1652,CVE-2022-1729,CVE-2022-1972,CVE-2022-20008,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-24448,CVE-2022-30594
JIRA References: SLE-13521,SLE-16387
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.59.1, kernel-source-azure-5.3.18-150300.38.59.1, kernel-syms-azure-5.3.18-150300.38.59.1
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.59.1, kernel-source-azure-5.3.18-150300.38.59.1, kernel-syms-azure-5.3.18-150300.38.59.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 27 Swamp Workflow Management 2022-06-14 22:37:40 UTC

SUSE-SU-2022:2078-1: An update that solves 14 vulnerabilities, contains two features and has 32 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1103269,1118212,1153274,1154353,1156395,1158266,1167773,1176447,1178134,1180100,1183405,1188885,1195826,1196426,1196478,1196570,1196840,1197446,1197472,1197601,1197675,1198438,1198577,1198971,1198989,1199035,1199052,1199063,1199114,1199314,1199505,1199507,1199564,1199626,1199631,1199650,1199670,1199839,1200019,1200045,1200046,1200192,1200216
CVE References: CVE-2019-19377,CVE-2021-33061,CVE-2022-0168,CVE-2022-1184,CVE-2022-1652,CVE-2022-1729,CVE-2022-1972,CVE-2022-20008,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-30594
JIRA References: SLE-13521,SLE-16387
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.71.1, kernel-preempt-5.3.18-150300.59.71.2
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.71.1, kernel-64kb-5.3.18-150300.59.71.2, kernel-debug-5.3.18-150300.59.71.2, kernel-default-5.3.18-150300.59.71.2, kernel-default-base-5.3.18-150300.59.71.2.150300.18.43.2, kernel-docs-5.3.18-150300.59.71.2, kernel-kvmsmall-5.3.18-150300.59.71.2, kernel-obs-build-5.3.18-150300.59.71.2, kernel-obs-qa-5.3.18-150300.59.71.1, kernel-preempt-5.3.18-150300.59.71.2, kernel-source-5.3.18-150300.59.71.2, kernel-syms-5.3.18-150300.59.71.1, kernel-zfcpdump-5.3.18-150300.59.71.2
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.71.2, kernel-preempt-5.3.18-150300.59.71.2
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.71.2, kernel-livepatch-SLE15-SP3_Update_19-1-150300.7.3.2
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.71.2
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.71.2, kernel-obs-build-5.3.18-150300.59.71.2, kernel-preempt-5.3.18-150300.59.71.2, kernel-source-5.3.18-150300.59.71.2, kernel-syms-5.3.18-150300.59.71.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.71.2, kernel-default-5.3.18-150300.59.71.2, kernel-default-base-5.3.18-150300.59.71.2.150300.18.43.2, kernel-preempt-5.3.18-150300.59.71.2, kernel-source-5.3.18-150300.59.71.2, kernel-zfcpdump-5.3.18-150300.59.71.2
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.71.2, kernel-default-base-5.3.18-150300.59.71.2.150300.18.43.2
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.71.2, kernel-default-base-5.3.18-150300.59.71.2.150300.18.43.2
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.71.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Swamp Workflow Management 2022-06-15 01:18:51 UTC

SUSE-SU-2022:2083-1: An update that solves 19 vulnerabilities, contains one feature and has 10 fixes is now available.

Category: security (important)
Bug References: 1028340,1065729,1071995,1114648,1172456,1182171,1183723,1187055,1191647,1191958,1195651,1196426,1197099,1197219,1197343,1198400,1198516,1198660,1198687,1198742,1198825,1199012,1199063,1199314,1199399,1199426,1199505,1199605,1199650
CVE References: CVE-2019-20811,CVE-2021-20292,CVE-2021-20321,CVE-2021-33061,CVE-2021-38208,CVE-2021-39711,CVE-2021-43389,CVE-2022-1011,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-1652,CVE-2022-1734,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-30594
JIRA References: SLE-24124
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.99.3, kernel-source-4.12.14-95.99.2, kernel-syms-4.12.14-95.99.2
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.99.3, kernel-source-4.12.14-95.99.2, kernel-syms-4.12.14-95.99.2
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.99.3, kernel-source-4.12.14-95.99.2, kernel-syms-4.12.14-95.99.2
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.99.3, kernel-source-4.12.14-95.99.2, kernel-syms-4.12.14-95.99.2
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.99.3, kgraft-patch-SLE12-SP4_Update_27-1-6.3.3
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.99.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2022-06-16 19:19:15 UTC

SUSE-SU-2022:2103-1: An update that solves 26 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1028340,1055710,1071995,1087082,1114648,1158266,1172456,1183723,1187055,1191647,1191958,1195651,1196367,1196426,1197219,1197343,1198400,1198516,1198577,1198687,1198742,1198776,1198825,1199012,1199063,1199314,1199399,1199426,1199505,1199507,1199605,1199650,1200143,1200144,1200249
CVE References: CVE-2017-13695,CVE-2019-19377,CVE-2019-20811,CVE-2021-20292,CVE-2021-20321,CVE-2021-33061,CVE-2021-38208,CVE-2021-39711,CVE-2021-43389,CVE-2022-1011,CVE-2022-1184,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-1652,CVE-2022-1729,CVE-2022-1734,CVE-2022-1974,CVE-2022-1975,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-30594
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150000.150.92.2, kernel-docs-4.12.14-150000.150.92.2, kernel-obs-build-4.12.14-150000.150.92.2, kernel-source-4.12.14-150000.150.92.2, kernel-syms-4.12.14-150000.150.92.2, kernel-vanilla-4.12.14-150000.150.92.2
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150000.150.92.2, kernel-docs-4.12.14-150000.150.92.2, kernel-obs-build-4.12.14-150000.150.92.2, kernel-source-4.12.14-150000.150.92.2, kernel-syms-4.12.14-150000.150.92.2, kernel-vanilla-4.12.14-150000.150.92.2, kernel-zfcpdump-4.12.14-150000.150.92.2
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150000.150.92.2, kernel-livepatch-SLE15_Update_30-1-150000.1.3.2
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150000.150.92.2, kernel-docs-4.12.14-150000.150.92.2, kernel-obs-build-4.12.14-150000.150.92.2, kernel-source-4.12.14-150000.150.92.2, kernel-syms-4.12.14-150000.150.92.2, kernel-vanilla-4.12.14-150000.150.92.2
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150000.150.92.2, kernel-docs-4.12.14-150000.150.92.2, kernel-obs-build-4.12.14-150000.150.92.2, kernel-source-4.12.14-150000.150.92.2, kernel-syms-4.12.14-150000.150.92.2, kernel-vanilla-4.12.14-150000.150.92.2
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150000.150.92.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Swamp Workflow Management 2022-06-16 19:29:04 UTC

SUSE-SU-2022:2104-1: An update that solves 23 vulnerabilities, contains one feature and has 19 fixes is now available.

Category: security (important)
Bug References: 1028340,1065729,1071995,1158266,1177282,1191647,1195651,1195926,1196114,1196367,1196426,1196433,1196514,1196570,1196942,1197157,1197343,1197472,1197656,1197660,1197895,1198330,1198400,1198484,1198516,1198577,1198660,1198687,1198778,1198825,1199012,1199063,1199314,1199505,1199507,1199605,1199650,1199918,1200015,1200143,1200144,1200249
CVE References: CVE-2019-19377,CVE-2020-26541,CVE-2021-20321,CVE-2021-33061,CVE-2022-0168,CVE-2022-1011,CVE-2022-1158,CVE-2022-1184,CVE-2022-1353,CVE-2022-1516,CVE-2022-1652,CVE-2022-1729,CVE-2022-1734,CVE-2022-1966,CVE-2022-1974,CVE-2022-1975,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-28893,CVE-2022-30594
JIRA References: SLE-18234
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-obs-build-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-obs-build-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-obs-build-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.115.1, kernel-livepatch-SLE15-SP2_Update_27-1-150200.5.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-obs-build-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-obs-build-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.115.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.115.1, kernel-default-base-5.3.18-150200.24.115.1.150200.9.54.1, kernel-docs-5.3.18-150200.24.115.1, kernel-obs-build-5.3.18-150200.24.115.1, kernel-preempt-5.3.18-150200.24.115.1, kernel-source-5.3.18-150200.24.115.1, kernel-syms-5.3.18-150200.24.115.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2022-06-17 13:21:03 UTC

SUSE-SU-2022:2111-1: An update that solves 30 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1028340,1055710,1065729,1071995,1084513,1087082,1114648,1158266,1172456,1177282,1182171,1183723,1187055,1191647,1191958,1195065,1195651,1196018,1196367,1196426,1196999,1197219,1197343,1197663,1198400,1198516,1198577,1198660,1198687,1198742,1198777,1198825,1199012,1199063,1199314,1199399,1199426,1199505,1199507,1199605,1199650,1200143,1200144,1200249
CVE References: CVE-2017-13695,CVE-2018-7755,CVE-2019-19377,CVE-2019-20811,CVE-2020-26541,CVE-2021-20292,CVE-2021-20321,CVE-2021-33061,CVE-2021-38208,CVE-2021-39711,CVE-2021-43389,CVE-2022-1011,CVE-2022-1184,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-1652,CVE-2022-1729,CVE-2022-1734,CVE-2022-1974,CVE-2022-1975,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-22942,CVE-2022-28748,CVE-2022-30594
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-150100.197.114.2, kernel-default-4.12.14-150100.197.114.2, kernel-kvmsmall-4.12.14-150100.197.114.2, kernel-vanilla-4.12.14-150100.197.114.2, kernel-zfcpdump-4.12.14-150100.197.114.2
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-150100.197.114.2, kernel-default-4.12.14-150100.197.114.2, kernel-kvmsmall-4.12.14-150100.197.114.2, kernel-vanilla-4.12.14-150100.197.114.2, kernel-zfcpdump-4.12.14-150100.197.114.2
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2, kernel-zfcpdump-4.12.14-150100.197.114.2
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-150100.197.114.2, kernel-livepatch-SLE15-SP1_Update_31-1-150100.3.3.2
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-150100.197.114.2
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2022-06-20 13:20:10 UTC

SUSE-SU-2022:2116-1: An update that solves 17 vulnerabilities and has 26 fixes is now available.

Category: security (important)
Bug References: 1024718,1055117,1061840,1065729,1129770,1158266,1162338,1162369,1173871,1188885,1194124,1195651,1196426,1196570,1197219,1197601,1198438,1198577,1198899,1199035,1199063,1199237,1199239,1199314,1199399,1199426,1199505,1199507,1199526,1199602,1199605,1199606,1199631,1199650,1199671,1199839,1200015,1200045,1200057,1200143,1200144,1200173,1200249
CVE References: CVE-2019-19377,CVE-2021-33061,CVE-2021-39711,CVE-2022-1184,CVE-2022-1652,CVE-2022-1729,CVE-2022-1734,CVE-2022-1966,CVE-2022-1974,CVE-2022-1975,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-30594
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.124.3
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.124.2, kernel-obs-build-4.12.14-122.124.3
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.124.3, kernel-source-4.12.14-122.124.2, kernel-syms-4.12.14-122.124.2
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.124.3, kgraft-patch-SLE12-SP5_Update_32-1-8.3.3
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.124.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Swamp Workflow Management 2022-06-24 16:23:44 UTC

SUSE-SU-2022:2177-1: An update that solves 20 vulnerabilities, contains three features and has 39 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1103269,1118212,1153274,1154353,1156395,1158266,1167773,1176447,1177282,1178134,1180100,1183405,1188885,1195826,1196426,1196478,1196570,1196840,1197446,1197472,1197601,1197675,1198438,1198577,1198971,1198989,1199035,1199052,1199063,1199114,1199314,1199365,1199505,1199507,1199564,1199626,1199631,1199650,1199670,1199839,1200015,1200019,1200045,1200046,1200143,1200144,1200192,1200206,1200207,1200216,1200249,1200259,1200263,1200529,1200549,1200604
CVE References: CVE-2019-19377,CVE-2020-26541,CVE-2021-33061,CVE-2022-0168,CVE-2022-1184,CVE-2022-1652,CVE-2022-1729,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1975,CVE-2022-20008,CVE-2022-20141,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-30594,CVE-2022-32250
JIRA References: SLE-13521,SLE-16387,SLE-8371
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.93.1, kernel-rt_debug-5.3.18-150300.93.1, kernel-source-rt-5.3.18-150300.93.1, kernel-syms-rt-5.3.18-150300.93.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.93.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.93.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 45 Swamp Workflow Management 2022-07-21 22:36:14 UTC

SUSE-SU-2022:2520-1: An update that solves 49 vulnerabilities, contains 26 features and has 207 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1071995,1089644,1103269,1118212,1121726,1137728,1156395,1157038,1157923,1175667,1179439,1179639,1180814,1183682,1183872,1184318,1184924,1187716,1188885,1189998,1190137,1190208,1190336,1190497,1190768,1190786,1190812,1191271,1191663,1192483,1193064,1193277,1193289,1193431,1193556,1193629,1193640,1193787,1193823,1193852,1194086,1194111,1194191,1194409,1194501,1194523,1194526,1194583,1194585,1194586,1194625,1194765,1194826,1194869,1195099,1195287,1195478,1195482,1195504,1195651,1195668,1195669,1195775,1195823,1195826,1195913,1195915,1195926,1195944,1195957,1195987,1196079,1196114,1196130,1196213,1196306,1196367,1196400,1196426,1196478,1196514,1196570,1196723,1196779,1196830,1196836,1196866,1196868,1196869,1196901,1196930,1196942,1196960,1197016,1197157,1197227,1197243,1197292,1197302,1197303,1197304,1197362,1197386,1197501,1197601,1197661,1197675,1197761,1197817,1197819,1197820,1197888,1197889,1197894,1197915,1197917,1197918,1197920,1197921,1197922,1197926,1198009,1198010,1198012,1198013,1198014,1198015,1198016,1198017,1198018,1198019,1198020,1198021,1198022,1198023,1198024,1198027,1198030,1198034,1198058,1198217,1198379,1198400,1198402,1198410,1198412,1198413,1198438,1198484,1198577,1198585,1198660,1198802,1198803,1198806,1198811,1198826,1198829,1198835,1198968,1198971,1199011,1199024,1199035,1199046,1199052,1199063,1199163,1199173,1199260,1199314,1199390,1199426,1199433,1199439,1199482,1199487,1199505,1199507,1199605,1199611,1199626,1199631,1199650,1199657,1199674,1199736,1199793,1199839,1199875,1199909,1200015,1200019,1200045,1200046,1200144,1200205,1200211,1200259,1200263,1200284,1200315,1200343,1200420,1200442,1200475,1200502,1200567,1200569,1200571,1200599,1200600,1200608,1200611,1200619,1200692,1200762,1200763,1200806,1200807,1200808,1200809,1200810,1200812,1200813,1200815,1200816,1200820,1200821,1200822,1200824,1200825,1200827,1200828,1200829,1200830,1200845,1200882,1200925,1201050,1201080,1201160,1201171,1201177,1201193,1201196,1201218,1201222,1201228,1201251,1201381,1201471,1201524
CVE References: CVE-2021-26341,CVE-2021-33061,CVE-2021-4204,CVE-2021-44879,CVE-2021-45402,CVE-2022-0264,CVE-2022-0494,CVE-2022-0617,CVE-2022-1012,CVE-2022-1016,CVE-2022-1184,CVE-2022-1198,CVE-2022-1205,CVE-2022-1462,CVE-2022-1508,CVE-2022-1651,CVE-2022-1652,CVE-2022-1671,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1789,CVE-2022-1852,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1998,CVE-2022-20132,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-23222,CVE-2022-26365,CVE-2022-26490,CVE-2022-29582,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33743,CVE-2022-33981,CVE-2022-34918
JIRA References: SLE-13513,SLE-13521,SLE-15442,SLE-17855,SLE-18194,SLE-18234,SLE-18375,SLE-18377,SLE-18378,SLE-18382,SLE-18385,SLE-18901,SLE-18938,SLE-18978,SLE-19001,SLE-19026,SLE-19242,SLE-19249,SLE-19253,SLE-19924,SLE-21315,SLE-23643,SLE-24072,SLE-24093,SLE-24350,SLE-24549
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.11.1, kernel-64kb-5.14.21-150400.24.11.1, kernel-debug-5.14.21-150400.24.11.1, kernel-default-5.14.21-150400.24.11.1, kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6, kernel-docs-5.14.21-150400.24.11.1, kernel-kvmsmall-5.14.21-150400.24.11.1, kernel-obs-build-5.14.21-150400.24.11.1, kernel-obs-qa-5.14.21-150400.24.11.1, kernel-source-5.14.21-150400.24.11.1, kernel-syms-5.14.21-150400.24.11.1, kernel-zfcpdump-5.14.21-150400.24.11.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1, kernel-livepatch-SLE15-SP4_Update_1-1-150400.9.5.3
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.11.1, kernel-obs-build-5.14.21-150400.24.11.1, kernel-source-5.14.21-150400.24.11.1, kernel-syms-5.14.21-150400.24.11.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.11.1, kernel-default-5.14.21-150400.24.11.1, kernel-default-base-5.14.21-150400.24.11.1.150400.24.3.6, kernel-source-5.14.21-150400.24.11.1, kernel-zfcpdump-5.14.21-150400.24.11.1
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Swamp Workflow Management 2022-08-01 13:38:34 UTC

SUSE-SU-2022:2615-1: An update that solves 48 vulnerabilities, contains 26 features and has 202 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1071995,1089644,1103269,1118212,1121726,1137728,1156395,1157038,1157923,1175667,1179439,1179639,1180814,1183682,1183872,1184318,1184924,1187716,1188885,1189998,1190137,1190208,1190336,1190497,1190768,1190786,1190812,1191271,1191663,1192483,1193064,1193277,1193289,1193431,1193556,1193629,1193640,1193787,1193823,1193852,1194086,1194111,1194191,1194409,1194501,1194523,1194526,1194583,1194585,1194586,1194625,1194765,1194826,1194869,1195099,1195287,1195478,1195482,1195504,1195651,1195668,1195669,1195775,1195823,1195826,1195913,1195915,1195926,1195944,1195957,1195987,1196079,1196114,1196130,1196213,1196306,1196367,1196400,1196426,1196478,1196514,1196570,1196723,1196779,1196830,1196836,1196866,1196868,1196869,1196901,1196930,1196942,1196960,1197016,1197157,1197227,1197243,1197292,1197302,1197303,1197304,1197362,1197386,1197501,1197601,1197661,1197675,1197761,1197817,1197819,1197820,1197888,1197889,1197894,1197915,1197917,1197918,1197920,1197921,1197922,1197926,1198009,1198010,1198012,1198013,1198014,1198015,1198016,1198017,1198018,1198019,1198020,1198021,1198022,1198023,1198024,1198027,1198030,1198034,1198058,1198217,1198379,1198400,1198402,1198412,1198413,1198438,1198484,1198577,1198585,1198660,1198802,1198803,1198806,1198811,1198826,1198835,1198968,1198971,1199011,1199024,1199035,1199046,1199052,1199063,1199163,1199173,1199260,1199314,1199390,1199426,1199433,1199439,1199482,1199487,1199505,1199507,1199605,1199611,1199626,1199631,1199650,1199657,1199674,1199736,1199793,1199839,1199875,1199909,1200015,1200019,1200045,1200046,1200144,1200205,1200211,1200259,1200263,1200284,1200315,1200343,1200420,1200442,1200475,1200502,1200567,1200569,1200571,1200572,1200599,1200600,1200608,1200611,1200619,1200692,1200762,1200763,1200806,1200807,1200808,1200809,1200810,1200812,1200815,1200816,1200820,1200822,1200824,1200825,1200827,1200828,1200829,1200830,1200845,1200882,1200925,1201050,1201160,1201171,1201177,1201193,1201196,1201218,1201222,1201228,1201251,150300
CVE References: CVE-2021-26341,CVE-2021-33061,CVE-2021-4204,CVE-2021-44879,CVE-2021-45402,CVE-2022-0264,CVE-2022-0494,CVE-2022-0617,CVE-2022-1012,CVE-2022-1016,CVE-2022-1184,CVE-2022-1198,CVE-2022-1205,CVE-2022-1508,CVE-2022-1651,CVE-2022-1652,CVE-2022-1671,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1789,CVE-2022-1852,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1998,CVE-2022-20132,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-23222,CVE-2022-26365,CVE-2022-26490,CVE-2022-29582,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-33743,CVE-2022-33981,CVE-2022-34918
JIRA References: SLE-13513,SLE-13521,SLE-15442,SLE-17855,SLE-18194,SLE-18234,SLE-18375,SLE-18377,SLE-18378,SLE-18382,SLE-18385,SLE-18901,SLE-18938,SLE-18978,SLE-19001,SLE-19026,SLE-19242,SLE-19249,SLE-19253,SLE-19924,SLE-21315,SLE-23643,SLE-24072,SLE-24093,SLE-24350,SLE-24549
Sources used:
openSUSE Leap 15.4 (src):    kernel-azure-5.14.21-150400.14.7.1, kernel-source-azure-5.14.21-150400.14.7.1, kernel-syms-azure-5.14.21-150400.14.7.1
SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src):    kernel-azure-5.14.21-150400.14.7.1, kernel-source-azure-5.14.21-150400.14.7.1, kernel-syms-azure-5.14.21-150400.14.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Swamp Workflow Management 2022-08-02 19:18:52 UTC

SUSE-SU-2022:2629-1: An update that solves 33 vulnerabilities and has 41 fixes is now available.

Category: security (important)
Bug References: 1024718,1055117,1061840,1065729,1129770,1158266,1177282,1188885,1194013,1194124,1196426,1196570,1196901,1196964,1197170,1197219,1197601,1198438,1198577,1198866,1198899,1199035,1199063,1199237,1199239,1199314,1199399,1199426,1199482,1199487,1199505,1199507,1199526,1199605,1199631,1199650,1199657,1199671,1199839,1200015,1200045,1200143,1200144,1200173,1200249,1200343,1200549,1200571,1200599,1200600,1200604,1200605,1200608,1200619,1200762,1200806,1200807,1200809,1200810,1200813,1200820,1200821,1200822,1200829,1200868,1200869,1200870,1200871,1200872,1200873,1200925,1201050,1201080,1201251
CVE References: CVE-2019-19377,CVE-2020-26541,CVE-2021-26341,CVE-2021-33061,CVE-2021-39711,CVE-2021-4157,CVE-2022-1012,CVE-2022-1184,CVE-2022-1652,CVE-2022-1679,CVE-2022-1729,CVE-2022-1734,CVE-2022-1836,CVE-2022-1966,CVE-2022-1974,CVE-2022-1975,CVE-2022-20132,CVE-2022-20141,CVE-2022-20154,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-2318,CVE-2022-26365,CVE-2022-29900,CVE-2022-29901,CVE-2022-30594,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.94.1, kernel-rt_debug-4.12.14-10.94.1, kernel-source-rt-4.12.14-10.94.1, kernel-syms-rt-4.12.14-10.94.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 49 Swamp Workflow Management 2022-09-01 14:20:23 UTC

openSUSE-SU-2022:2177-1: An update that solves 20 vulnerabilities, contains three features and has 39 fixes is now available.

Category: security (important)
Bug References: 1055117,1061840,1065729,1103269,1118212,1153274,1154353,1156395,1158266,1167773,1176447,1177282,1178134,1180100,1183405,1188885,1195826,1196426,1196478,1196570,1196840,1197446,1197472,1197601,1197675,1198438,1198577,1198971,1198989,1199035,1199052,1199063,1199114,1199314,1199365,1199505,1199507,1199564,1199626,1199631,1199650,1199670,1199839,1200015,1200019,1200045,1200046,1200143,1200144,1200192,1200206,1200207,1200216,1200249,1200259,1200263,1200529,1200549,1200604
CVE References: CVE-2019-19377,CVE-2020-26541,CVE-2021-33061,CVE-2022-0168,CVE-2022-1184,CVE-2022-1652,CVE-2022-1729,CVE-2022-1966,CVE-2022-1972,CVE-2022-1974,CVE-2022-1975,CVE-2022-20008,CVE-2022-20141,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-30594,CVE-2022-32250
JIRA References: SLE-13521,SLE-16387,SLE-8371
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-rt-5.3.18-150300.93.1