Bug 1203770 (CVE-2022-41674) - VUL-0: CVE-2022-41674: kernel: remote crash/code execution with wlan frames
Summary: VUL-0: CVE-2022-41674: kernel: remote crash/code execution with wlan frames
Status: RESOLVED FIXED
Alias: CVE-2022-41674
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P1 - Urgent : Critical
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/343657/
Whiteboard: CVSSv3.1:SUSE:CVE-2022-41674:8.8:(AV:...
Keywords:
Depends on: 1203994
Blocks:
  Show dependency treegraph
 
Reported: 2022-09-27 07:07 UTC by Marcus Meissner
Modified: 2025-02-27 06:09 UTC (History)
7 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
CVE-2022-41674.patch (1.24 KB, patch)
2022-09-29 09:46 UTC, Marcus Meissner
Details | Diff
CVE-2022-41674-2.patch (1.81 KB, patch)
2022-09-29 09:50 UTC, Marcus Meissner
Details | Diff
CVE-2022-41674-3.patch (3.39 KB, patch)
2022-09-29 09:50 UTC, Marcus Meissner
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Comment 31 Robert Frohl 2022-10-13 12:42:26 UTC
wifi: cfg80211: fix u8 overflow in cfg80211_update_notlisted_nontrans()
In the copy code of the elements, we do the following calculation
to reach the end of the MBSSID element:

	/* copy the IEs after MBSSID */
	cpy_len = mbssid[1] + 2;

This looks fine, however, cpy_len is a u8, the same as mbssid[1],
so the addition of two can overflow. In this case the subsequent
memcpy() will overflow the allocated buffer, since it copies 256
bytes too much due to the way the allocation and memcpy() sizes
are calculated.

Fix this by using size_t for the cpy_len variable.

This fixes CVE-2022-41674.

https://git.kernel.org/pub/scm/linux/kernel/git/wireless/wireless.git/commit/?id=aebe9f4639b13a1f4e9a6b42cdd2e38c617b442d
Comment 37 Takashi Iwai 2022-10-18 07:09:33 UTC
Reassigned back to security team.
Comment 45 Swamp Workflow Management 2022-10-24 16:22:15 UTC
SUSE-SU-2022:3704-1: An update that solves 15 vulnerabilities, contains one feature and has three fixes is now available.

Category: security (important)
Bug References: 1177471,1199564,1200288,1201309,1201310,1202095,1202385,1202677,1202960,1203552,1203622,1203769,1203770,1203987,1203992,1204051,1204059,1204060
CVE References: CVE-2020-16119,CVE-2022-20008,CVE-2022-2503,CVE-2022-2586,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-41218,CVE-2022-41222,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721
JIRA References: PED-529
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-obs-build-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-obs-build-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-obs-build-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.134.1, kernel-livepatch-SLE15-SP2_Update_31-1-150200.5.3.2
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-obs-build-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-obs-build-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.134.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.134.1, kernel-default-base-5.3.18-150200.24.134.1.150200.9.63.2, kernel-docs-5.3.18-150200.24.134.1, kernel-obs-build-5.3.18-150200.24.134.1, kernel-preempt-5.3.18-150200.24.134.1, kernel-source-5.3.18-150200.24.134.1, kernel-syms-5.3.18-150200.24.134.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Swamp Workflow Management 2022-10-26 14:15:33 UTC
SUSE-SU-2022:3775-1: An update that solves 17 vulnerabilities, contains one feature and has 29 fixes is now available.

Category: security (important)
Bug References: 1177471,1185032,1194023,1196444,1197659,1199564,1200313,1200622,1201309,1201310,1201489,1201645,1201865,1201990,1202095,1202341,1202385,1202677,1202960,1202984,1203159,1203290,1203313,1203389,1203410,1203424,1203514,1203552,1203622,1203737,1203769,1203770,1203906,1203909,1203935,1203939,1203987,1203992,1204051,1204059,1204060,1204125,1204289,1204290,1204291,1204292
CVE References: CVE-2020-16119,CVE-2022-20008,CVE-2022-2503,CVE-2022-2586,CVE-2022-3169,CVE-2022-3239,CVE-2022-3303,CVE-2022-40768,CVE-2022-41218,CVE-2022-41222,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722
JIRA References: PED-529
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-default-5.3.18-150300.59.98.1, kernel-default-base-5.3.18-150300.59.98.1.150300.18.56.3
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.98.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.98.1, kernel-64kb-5.3.18-150300.59.98.1, kernel-debug-5.3.18-150300.59.98.1, kernel-default-5.3.18-150300.59.98.1, kernel-default-base-5.3.18-150300.59.98.1.150300.18.56.3, kernel-docs-5.3.18-150300.59.98.1, kernel-kvmsmall-5.3.18-150300.59.98.1, kernel-obs-build-5.3.18-150300.59.98.1, kernel-obs-qa-5.3.18-150300.59.98.1, kernel-preempt-5.3.18-150300.59.98.1, kernel-source-5.3.18-150300.59.98.1, kernel-syms-5.3.18-150300.59.98.1, kernel-zfcpdump-5.3.18-150300.59.98.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.98.1, kernel-preempt-5.3.18-150300.59.98.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.98.1, kernel-livepatch-SLE15-SP3_Update_25-1-150300.7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.98.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.98.1, kernel-obs-build-5.3.18-150300.59.98.1, kernel-preempt-5.3.18-150300.59.98.1, kernel-source-5.3.18-150300.59.98.1, kernel-syms-5.3.18-150300.59.98.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.98.1, kernel-default-5.3.18-150300.59.98.1, kernel-default-base-5.3.18-150300.59.98.1.150300.18.56.3, kernel-preempt-5.3.18-150300.59.98.1, kernel-source-5.3.18-150300.59.98.1, kernel-zfcpdump-5.3.18-150300.59.98.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.98.1, kernel-default-base-5.3.18-150300.59.98.1.150300.18.56.3
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.98.1, kernel-default-base-5.3.18-150300.59.98.1.150300.18.56.3
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.98.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 47 Swamp Workflow Management 2022-10-31 14:33:23 UTC
SUSE-SU-2022:3809-1: An update that solves 32 vulnerabilities, contains two features and has 84 fixes is now available.

Category: security (important)
Bug References: 1023051,1065729,1152489,1156395,1177471,1179722,1179723,1181862,1185032,1191662,1191667,1191881,1192594,1194023,1194272,1194535,1196444,1197158,1197659,1197755,1197756,1197757,1197760,1197763,1197920,1198971,1199291,1200288,1200313,1200431,1200622,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201309,1201310,1201420,1201489,1201610,1201705,1201726,1201865,1201948,1201990,1202095,1202096,1202097,1202341,1202346,1202347,1202385,1202393,1202396,1202447,1202577,1202636,1202638,1202672,1202677,1202701,1202708,1202709,1202710,1202711,1202712,1202713,1202714,1202715,1202716,1202717,1202718,1202720,1202722,1202745,1202756,1202810,1202811,1202860,1202895,1202898,1202960,1202984,1203063,1203098,1203107,1203117,1203135,1203136,1203137,1203159,1203290,1203389,1203410,1203424,1203514,1203552,1203622,1203737,1203769,1203770,1203802,1203906,1203909,1203935,1203939,1203987,1203992,1204051,1204059,1204060,1204125
CVE References: CVE-2016-3695,CVE-2020-16119,CVE-2020-27784,CVE-2021-4155,CVE-2021-4203,CVE-2022-20368,CVE-2022-20369,CVE-2022-2503,CVE-2022-2586,CVE-2022-2588,CVE-2022-26373,CVE-2022-2663,CVE-2022-2905,CVE-2022-2977,CVE-2022-3028,CVE-2022-3169,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-36879,CVE-2022-39188,CVE-2022-39190,CVE-2022-40768,CVE-2022-41218,CVE-2022-41222,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722
JIRA References: PED-529,SLE-24635
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-rt-5.3.18-150300.106.1
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.106.1, kernel-rt_debug-5.3.18-150300.106.1, kernel-source-rt-5.3.18-150300.106.1, kernel-syms-rt-5.3.18-150300.106.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.106.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.106.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Swamp Workflow Management 2022-11-01 23:24:18 UTC
SUSE-SU-2022:3844-1: An update that solves 15 vulnerabilities, contains 12 features and has 33 fixes is now available.

Category: security (important)
Bug References: 1185032,1190497,1194023,1194869,1195917,1196444,1196869,1197659,1198189,1200288,1200622,1201309,1201310,1201987,1202095,1202960,1203039,1203066,1203101,1203197,1203263,1203338,1203360,1203361,1203389,1203410,1203505,1203552,1203664,1203693,1203699,1203767,1203769,1203770,1203794,1203798,1203893,1203902,1203906,1203908,1203935,1203939,1203987,1203992,1204051,1204059,1204060,1204125
CVE References: CVE-2022-1263,CVE-2022-2586,CVE-2022-3202,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-39189,CVE-2022-41218,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722
JIRA References: PED-387,PED-529,PED-652,PED-664,PED-682,PED-688,PED-720,PED-729,PED-755,PED-763,SLE-19924,SLE-24814
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.28.1, kernel-64kb-5.14.21-150400.24.28.1, kernel-debug-5.14.21-150400.24.28.1, kernel-default-5.14.21-150400.24.28.1, kernel-default-base-5.14.21-150400.24.28.1.150400.24.9.5, kernel-docs-5.14.21-150400.24.28.1, kernel-kvmsmall-5.14.21-150400.24.28.1, kernel-obs-build-5.14.21-150400.24.28.1, kernel-obs-qa-5.14.21-150400.24.28.1, kernel-source-5.14.21-150400.24.28.1, kernel-syms-5.14.21-150400.24.28.1, kernel-zfcpdump-5.14.21-150400.24.28.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.28.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.28.1, kernel-livepatch-SLE15-SP4_Update_4-1-150400.9.3.5
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.28.1
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.28.1, kernel-obs-build-5.14.21-150400.24.28.1, kernel-source-5.14.21-150400.24.28.1, kernel-syms-5.14.21-150400.24.28.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.28.1, kernel-default-5.14.21-150400.24.28.1, kernel-default-base-5.14.21-150400.24.28.1.150400.24.9.5, kernel-source-5.14.21-150400.24.28.1, kernel-zfcpdump-5.14.21-150400.24.28.1
SUSE Linux Enterprise Micro 5.3 (src):    kernel-default-5.14.21-150400.24.28.1, kernel-default-base-5.14.21-150400.24.28.1.150400.24.9.5
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 51 Swamp Workflow Management 2022-11-08 14:33:27 UTC
SUSE-SU-2022:3897-1: An update that solves 33 vulnerabilities, contains one feature and has 15 fixes is now available.

Category: security (important)
Bug References: 1032323,1065729,1152489,1196018,1198702,1200465,1200788,1201725,1202638,1202686,1202700,1203066,1203098,1203290,1203387,1203391,1203496,1203514,1203770,1203802,1204051,1204053,1204059,1204060,1204125,1204166,1204168,1204354,1204355,1204382,1204402,1204415,1204417,1204431,1204439,1204470,1204479,1204574,1204575,1204619,1204635,1204637,1204646,1204647,1204653,1204728,1204753,1204754
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-3176,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3623,CVE-2022-3625,CVE-2022-3629,CVE-2022-3640,CVE-2022-3646,CVE-2022-3649,CVE-2022-39189,CVE-2022-40768,CVE-2022-41674,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-43750
JIRA References: PED-1931
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.83.1, kernel-source-azure-5.3.18-150300.38.83.1, kernel-syms-azure-5.3.18-150300.38.83.1
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.83.1, kernel-source-azure-5.3.18-150300.38.83.1, kernel-syms-azure-5.3.18-150300.38.83.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 52 Swamp Workflow Management 2022-11-15 20:24:37 UTC
SUSE-SU-2022:3998-1: An update that solves 37 vulnerabilities, contains 25 features and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1152472,1152489,1188238,1194869,1196018,1196632,1199904,1200567,1200692,1200788,1202187,1202686,1202700,1202914,1203098,1203229,1203290,1203435,1203514,1203699,1203701,1203767,1203770,1203802,1203922,1203979,1204017,1204051,1204059,1204060,1204125,1204142,1204166,1204168,1204171,1204241,1204353,1204354,1204355,1204402,1204413,1204415,1204417,1204428,1204431,1204439,1204470,1204479,1204498,1204533,1204569,1204574,1204575,1204619,1204635,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204753,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970
CVE References: CVE-2022-1882,CVE-2022-2153,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3640,CVE-2022-3646,CVE-2022-3649,CVE-2022-40476,CVE-2022-40768,CVE-2022-41674,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-43750
JIRA References: PED-1082,PED-1084,PED-1085,PED-1096,PED-1211,PED-1649,PED-634,PED-676,PED-678,PED-679,PED-707,PED-732,PED-813,PED-817,PED-822,PED-825,PED-833,PED-842,PED-846,PED-850,PED-851,PED-856,PED-857,SLE-13847,SLE-9246
Sources used:
openSUSE Leap 15.4 (src):    kernel-azure-5.14.21-150400.14.21.2, kernel-source-azure-5.14.21-150400.14.21.1, kernel-syms-azure-5.14.21-150400.14.21.1
SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src):    kernel-azure-5.14.21-150400.14.21.2, kernel-source-azure-5.14.21-150400.14.21.1, kernel-syms-azure-5.14.21-150400.14.21.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 58 Swamp Workflow Management 2022-12-23 15:19:27 UTC
SUSE-SU-2022:4617-1: An update that solves 96 vulnerabilities, contains 50 features and has 246 fixes is now available.

Category: security (important)
Bug References: 1023051,1032323,1065729,1071995,1152472,1152489,1156395,1164051,1177471,1184350,1185032,1188238,1189297,1189999,1190256,1190497,1190969,1192968,1193629,1194023,1194592,1194869,1194904,1195480,1195917,1196018,1196444,1196616,1196632,1196867,1196869,1197158,1197391,1197659,1197755,1197756,1197757,1197763,1198189,1198410,1198577,1198702,1198971,1199086,1199364,1199515,1199670,1199904,1200015,1200058,1200268,1200288,1200301,1200313,1200431,1200465,1200494,1200544,1200567,1200622,1200644,1200651,1200692,1200788,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201308,1201309,1201310,1201361,1201427,1201442,1201455,1201489,1201610,1201675,1201725,1201726,1201768,1201865,1201940,1201941,1201948,1201954,1201956,1201958,1202095,1202096,1202097,1202113,1202131,1202154,1202187,1202262,1202265,1202312,1202341,1202346,1202347,1202385,1202393,1202447,1202471,1202558,1202623,1202636,1202672,1202681,1202685,1202686,1202700,1202710,1202711,1202712,1202713,1202715,1202716,1202757,1202758,1202759,1202761,1202762,1202763,1202764,1202765,1202766,1202767,1202768,1202769,1202770,1202771,1202773,1202774,1202775,1202776,1202778,1202779,1202780,1202781,1202782,1202783,1202822,1202823,1202824,1202860,1202867,1202872,1202874,1202898,1202914,1202960,1202989,1202992,1202993,1203002,1203008,1203036,1203039,1203041,1203063,1203066,1203067,1203098,1203101,1203107,1203116,1203117,1203138,1203139,1203159,1203183,1203197,1203208,1203229,1203263,1203290,1203338,1203360,1203361,1203389,1203391,1203410,1203435,1203505,1203511,1203514,1203552,1203606,1203664,1203693,1203699,1203767,1203769,1203770,1203794,1203798,1203802,1203829,1203893,1203902,1203906,1203908,1203922,1203935,1203939,1203960,1203969,1203987,1203992,1203994,1204017,1204051,1204059,1204060,1204092,1204125,1204132,1204142,1204166,1204168,1204170,1204171,1204183,1204228,1204241,1204289,1204290,1204291,1204292,1204353,1204354,1204355,1204402,1204405,1204413,1204414,1204415,1204417,1204424,1204428,1204431,1204432,1204439,1204470,1204479,1204486,1204498,1204533,1204569,1204574,1204575,1204576,1204619,1204624,1204631,1204635,1204636,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204745,1204753,1204780,1204810,1204850,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970,1205007,1205100,1205111,1205113,1205128,1205130,1205149,1205153,1205220,1205257,1205264,1205282,1205313,1205331,1205332,1205427,1205428,1205473,1205496,1205507,1205514,1205521,1205567,1205616,1205617,1205653,1205671,1205679,1205683,1205700,1205705,1205709,1205711,1205744,1205764,1205796,1205882,1205993,1206035,1206036,1206037,1206045,1206046,1206047,1206048,1206049,1206050,1206051,1206056,1206057,1206113,1206114,1206147,1206149,1206207,1206273,1206391
CVE References: CVE-2016-3695,CVE-2020-16119,CVE-2020-36516,CVE-2021-33135,CVE-2021-4037,CVE-2022-1184,CVE-2022-1263,CVE-2022-1882,CVE-2022-20368,CVE-2022-20369,CVE-2022-2153,CVE-2022-2586,CVE-2022-2588,CVE-2022-2602,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-28356,CVE-2022-28693,CVE-2022-2873,CVE-2022-28748,CVE-2022-2905,CVE-2022-2938,CVE-2022-2959,CVE-2022-2964,CVE-2022-2977,CVE-2022-2978,CVE-2022-3028,CVE-2022-3078,CVE-2022-3114,CVE-2022-3169,CVE-2022-3176,CVE-2022-3202,CVE-2022-32250,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3566,CVE-2022-3567,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3635,CVE-2022-3640,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-36879,CVE-2022-36946,CVE-2022-3707,CVE-2022-3903,CVE-2022-39188,CVE-2022-39189,CVE-2022-39190,CVE-2022-40476,CVE-2022-40768,CVE-2022-4095,CVE-2022-41218,CVE-2022-4129,CVE-2022-4139,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45869,CVE-2022-45888,CVE-2022-45934
JIRA References: PED-1082,PED-1084,PED-1085,PED-1096,PED-1211,PED-1573,PED-1649,PED-1706,PED-1936,PED-2684,PED-387,PED-529,PED-611,PED-634,PED-652,PED-664,PED-676,PED-678,PED-679,PED-682,PED-688,PED-707,PED-720,PED-729,PED-732,PED-755,PED-763,PED-813,PED-817,PED-822,PED-824,PED-825,PED-833,PED-842,PED-846,PED-849,PED-850,PED-851,PED-856,PED-857,SLE-13847,SLE-18130,SLE-19359,SLE-19924,SLE-20183,SLE-23766,SLE-24572,SLE-24682,SLE-24814,SLE-9246
Sources used:
openSUSE Leap Micro 5.3 (src):    kernel-rt-5.14.21-150400.15.5.1
openSUSE Leap 15.4 (src):    kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1
SUSE Linux Enterprise Module for Realtime 15-SP4 (src):    kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-livepatch-SLE15-SP4-RT_Update_1-1-150400.1.3.1
SUSE Linux Enterprise Micro 5.3 (src):    kernel-rt-5.14.21-150400.15.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.