Bug 1205671 – VUL-0: CVE-2022-41858: kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip

Bug 1205671 - (CVE-2022-41858) VUL-0: CVE-2022-41858: kernel: null-ptr-deref vulnerabilities in sl_tx_timeout in drivers/net/slip

(CVE-2022-41858)
Summary:	VUL-0: CVE-2022-41858: kernel: null-ptr-deref vulnerabilities in sl_tx_timeou...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Minor
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/348695/
Whiteboard:	CVSSv3.1:SUSE:CVE-2022-41858:4.4:(AV:...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2022-11-23 08:06 UTC by Robert Frohl
Modified:	2023-02-15 14:26 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Frohl 2022-11-23 08:06:05 UTC

rh#2144379

There are null-ptr-deref vulnerabilities in drivers/net/slip of linux that allow attacker to
crash linux kernel by simulating slip network card from user-space of linux.

------------------------------------------

[Root cause]

When a slip driver is detaching, the slip_close() will act to
cleanup necessary resources and sl->tty is set to NULL in
slip_close(). Meanwhile, the packet we transmit is blocked,
sl_tx_timeout() will be called. Although slip_close() and
sl_tx_timeout() use sl->lock to synchronize, we don`t judge
whether sl->tty equals to NULL in sl_tx_timeout() and the
null pointer dereference bug will happen.

(Thread 1) | (Thread 2)
| slip_close()
| spin_lock_bh(&sl->lock)
| ...
... | sl->tty = NULL //(1)
sl_tx_timeout() | spin_unlock_bh(&sl->lock)
spin_lock(&sl->lock); |
... | ...
tty_chars_in_buffer(sl->tty)|
if (tty->ops->..) //(2) |
... | synchronize_rcu()

We set NULL to sl->tty in position (1) and dereference sl->tty
in position (2).

------------------------------------------

References:
https://bugzilla.redhat.com/show_bug.cgi?id=2144379
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41858

Comment 1 Robert Frohl 2022-11-23 08:09:25 UTC

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec4eb8a86ade4d22633e1da2a7d85a846b7d1798

Comment 2 Robert Frohl 2022-11-23 08:26:16 UTC

tracking as affected:

- cve/linux-3.0
- cve/linux-4.4
- cve/linux-4.12
- cve/linux-5.3
- SLE15-SP4

Comment 3 Karasulli 2022-11-23 08:52:18 UTC

Reassigning to a concrete person to ensure progress [1] (feel free to pass to next one), see also the process at [2].
 
 
[1] https://confluence.suse.com/display/KSS/Kernel+Security+Sentinel
[2] https://wiki.suse.net/index.php/SUSE-Labs/Kernel/Security

Comment 4 Karasulli 2022-11-24 08:30:25 UTC

PR created for the branches:

- cve/linux-3.0
- cve/linux-4.4
- cve/linux-4.12
- cve/linux-5.3
- SLE15-SP4

Assigning back to the security team.

Comment 35 Swamp Workflow Management 2022-12-16 17:23:14 UTC

SUSE-SU-2022:4505-1: An update that solves 16 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1106594,1156395,1164051,1184350,1199365,1200845,1201455,1203183,1203746,1203860,1203960,1204017,1204142,1204414,1204446,1204631,1204636,1204810,1204850,1204868,1204963,1205006,1205128,1205130,1205220,1205234,1205264,1205473,1205514,1205617,1205671,1205705,1205709,1205796,1205901,1205902,1205903,1205904,1205905,1205906,1205907,1205908,1206032,1206037,1206113,1206114,1206117,1206118,1206119,1206120,1206207,1206213
CVE References: CVE-2022-28693,CVE-2022-3567,CVE-2022-3628,CVE-2022-3635,CVE-2022-3643,CVE-2022-3903,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.120.1, kernel-source-azure-4.12.14-16.120.1, kernel-syms-azure-4.12.14-16.120.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Swamp Workflow Management 2022-12-16 17:28:28 UTC

SUSE-SU-2022:4503-1: An update that solves 17 vulnerabilities and has 33 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1156395,1184350,1189297,1192761,1200845,1201455,1203144,1203746,1203960,1204017,1204142,1204215,1204228,1204241,1204328,1204446,1204636,1204693,1204780,1204791,1204810,1204827,1204850,1204868,1204934,1204957,1204963,1204967,1205220,1205264,1205329,1205330,1205428,1205514,1205567,1205617,1205671,1205700,1205705,1205709,1205753,1205984,1205985,1205986,1205987,1205988,1205989,1206207
CVE References: CVE-2022-2602,CVE-2022-28693,CVE-2022-3567,CVE-2022-3628,CVE-2022-3635,CVE-2022-3707,CVE-2022-3903,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.88.1, kernel-source-azure-5.3.18-150300.38.88.1, kernel-syms-azure-5.3.18-150300.38.88.1
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.88.1, kernel-source-azure-5.3.18-150300.38.88.1, kernel-syms-azure-5.3.18-150300.38.88.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Swamp Workflow Management 2022-12-19 17:24:37 UTC

SUSE-SU-2022:4561-1: An update that solves 31 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 1012382,1129898,1177282,1196018,1198702,1202097,1202686,1203008,1203290,1203322,1203514,1203960,1203987,1204166,1204168,1204170,1204354,1204402,1204414,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205128,1205130,1205220,1205514,1205671,1205796,1206091
CVE References: CVE-2019-3874,CVE-2020-26541,CVE-2021-4037,CVE-2022-2663,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3524,CVE-2022-3542,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-42703,CVE-2022-43750,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.196.2, kernel-source-4.4.121-92.196.2, kernel-syms-4.4.121-92.196.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 41 Swamp Workflow Management 2022-12-19 17:28:44 UTC

SUSE-SU-2022:4566-1: An update that solves 16 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1106594,1156395,1164051,1184350,1199365,1200845,1201455,1203183,1203746,1203860,1203960,1204017,1204142,1204414,1204446,1204631,1204636,1204810,1204850,1204868,1204963,1205006,1205128,1205130,1205220,1205234,1205264,1205473,1205514,1205617,1205671,1205705,1205709,1205796,1205901,1205902,1205903,1205904,1205905,1205906,1205907,1205908,1206032,1206037,1206113,1206114,1206117,1206118,1206119,1206120,1206207,1206213
CVE References: CVE-2022-28693,CVE-2022-3567,CVE-2022-3628,CVE-2022-3635,CVE-2022-3643,CVE-2022-3903,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.144.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.144.1, kernel-obs-build-4.12.14-122.144.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.144.1, kernel-source-4.12.14-122.144.1, kernel-syms-4.12.14-122.144.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.144.1, kgraft-patch-SLE12-SP5_Update_38-1-8.5.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.144.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 43 Swamp Workflow Management 2022-12-19 20:29:12 UTC

SUSE-SU-2022:4574-1: An update that solves 36 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1198702,1199365,1200788,1200845,1201455,1202686,1203008,1203183,1203290,1203322,1203514,1203860,1203960,1204017,1204166,1204170,1204354,1204355,1204402,1204414,1204415,1204424,1204431,1204432,1204439,1204446,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204850,1204868,1205006,1205128,1205220,1205473,1205514,1205617,1205671,1205796,1206113,1206114,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28693,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-150100.197.131.1, kernel-default-4.12.14-150100.197.131.1, kernel-kvmsmall-4.12.14-150100.197.131.1, kernel-vanilla-4.12.14-150100.197.131.1, kernel-zfcpdump-4.12.14-150100.197.131.1
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-150100.197.131.1, kernel-default-4.12.14-150100.197.131.1, kernel-kvmsmall-4.12.14-150100.197.131.1, kernel-vanilla-4.12.14-150100.197.131.1, kernel-zfcpdump-4.12.14-150100.197.131.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1, kernel-zfcpdump-4.12.14-150100.197.131.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-150100.197.131.1, kernel-livepatch-SLE15-SP1_Update_36-1-150100.3.5.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-150100.197.131.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 44 Swamp Workflow Management 2022-12-19 20:34:46 UTC

SUSE-SU-2022:4573-1: An update that solves 38 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1196018,1198702,1200692,1200788,1201455,1202686,1203008,1203183,1203290,1203322,1203514,1203960,1204166,1204168,1204170,1204354,1204355,1204402,1204414,1204415,1204424,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205006,1205128,1205130,1205220,1205473,1205514,1205671,1205705,1205709,1205796,1206113,1206114,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-33981,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1, kernel-zfcpdump-4.12.14-150000.150.109.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150000.150.109.1, kernel-livepatch-SLE15_Update_35-1-150000.1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150000.150.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 45 Swamp Workflow Management 2022-12-20 17:35:17 UTC

SUSE-SU-2022:4589-1: An update that solves 44 vulnerabilities and has 23 fixes is now available.

Category: security (important)
Bug References: 1196018,1198702,1199365,1200788,1200845,1201455,1201725,1202686,1202700,1203008,1203066,1203067,1203290,1203322,1203391,1203496,1203511,1203514,1203860,1203960,1204017,1204053,1204166,1204168,1204170,1204228,1204354,1204355,1204402,1204414,1204415,1204417,1204424,1204431,1204432,1204439,1204446,1204470,1204479,1204486,1204574,1204575,1204576,1204631,1204635,1204636,1204637,1204646,1204647,1204653,1204745,1204780,1204850,1204868,1205128,1205130,1205220,1205473,1205514,1205617,1205671,1205700,1205705,1205709,1205711,1205796,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-2602,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-3176,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-3707,CVE-2022-3903,CVE-2022-39189,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-livepatch-SLE15-SP2_Update_32-1-150200.5.5.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.139.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 46 Swamp Workflow Management 2022-12-20 17:42:33 UTC

SUSE-SU-2022:4585-1: An update that solves 22 vulnerabilities, contains 7 features and has 52 fixes is now available.

Category: security (important)
Bug References: 1065729,1156395,1164051,1184350,1189297,1190256,1193629,1194869,1202341,1203183,1203391,1203511,1203960,1204228,1204405,1204414,1204631,1204636,1204693,1204780,1204810,1204850,1205007,1205100,1205111,1205113,1205128,1205130,1205149,1205153,1205220,1205264,1205282,1205331,1205332,1205427,1205428,1205473,1205507,1205514,1205521,1205567,1205616,1205617,1205653,1205671,1205679,1205683,1205700,1205705,1205709,1205711,1205744,1205764,1205796,1205882,1205993,1206035,1206036,1206037,1206045,1206046,1206047,1206048,1206049,1206050,1206051,1206056,1206057,1206113,1206114,1206147,1206149,1206207
CVE References: CVE-2022-2602,CVE-2022-3176,CVE-2022-3566,CVE-2022-3567,CVE-2022-3635,CVE-2022-3643,CVE-2022-3707,CVE-2022-3903,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45869,CVE-2022-45888,CVE-2022-45934
JIRA References: PED-1573,PED-1706,PED-1936,PED-2684,PED-611,PED-824,PED-849
Sources used:
openSUSE Leap Micro 5.3 (src):    kernel-default-5.14.21-150400.24.38.1, kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.38.1, kernel-64kb-5.14.21-150400.24.38.1, kernel-debug-5.14.21-150400.24.38.1, kernel-default-5.14.21-150400.24.38.1, kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2, kernel-docs-5.14.21-150400.24.38.1, kernel-kvmsmall-5.14.21-150400.24.38.1, kernel-obs-build-5.14.21-150400.24.38.1, kernel-obs-qa-5.14.21-150400.24.38.1, kernel-source-5.14.21-150400.24.38.1, kernel-syms-5.14.21-150400.24.38.1, kernel-zfcpdump-5.14.21-150400.24.38.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.38.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.38.1, kernel-livepatch-SLE15-SP4_Update_6-1-150400.9.3.2
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.38.1
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.38.1, kernel-obs-build-5.14.21-150400.24.38.1, kernel-source-5.14.21-150400.24.38.1, kernel-syms-5.14.21-150400.24.38.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.38.1, kernel-default-5.14.21-150400.24.38.1, kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2, kernel-source-5.14.21-150400.24.38.1, kernel-zfcpdump-5.14.21-150400.24.38.1
SUSE Linux Enterprise Micro 5.3 (src):    kernel-default-5.14.21-150400.24.38.1, kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.38.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Swamp Workflow Management 2022-12-23 14:27:13 UTC

SUSE-SU-2022:4614-1: An update that solves 43 vulnerabilities and has 16 fixes is now available.

Category: security (important)
Bug References: 1198702,1199365,1200845,1201725,1202686,1202700,1203008,1203066,1203067,1203322,1203391,1203496,1203514,1203860,1203960,1204017,1204053,1204168,1204170,1204354,1204355,1204402,1204414,1204415,1204417,1204424,1204431,1204432,1204439,1204446,1204470,1204479,1204486,1204574,1204575,1204576,1204631,1204635,1204636,1204637,1204646,1204647,1204653,1204780,1204850,1205128,1205130,1205220,1205473,1205514,1205617,1205671,1205700,1205705,1205709,1205711,1205796,1206207,1206228
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-2602,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-3176,CVE-2022-3521,CVE-2022-3524,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-3707,CVE-2022-3903,CVE-2022-39189,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.109.1, kernel-rt_debug-4.12.14-10.109.1, kernel-source-rt-4.12.14-10.109.1, kernel-syms-rt-4.12.14-10.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Swamp Workflow Management 2022-12-23 14:33:50 UTC

SUSE-SU-2022:4615-1: An update that solves 38 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1196018,1198702,1200788,1201455,1202686,1203008,1203183,1203290,1203322,1203514,1203960,1203987,1204166,1204168,1204170,1204354,1204355,1204402,1204414,1204415,1204424,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205006,1205128,1205130,1205220,1205473,1205514,1205671,1205705,1205709,1205796,1206113,1206114,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.114.1, kgraft-patch-SLE12-SP4_Update_32-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.114.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 49 Swamp Workflow Management 2022-12-23 14:41:15 UTC

SUSE-SU-2022:4616-1: An update that solves 19 vulnerabilities and has 40 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1156395,1184350,1189297,1192761,1199657,1200845,1201455,1201469,1203144,1203746,1203960,1204017,1204142,1204215,1204228,1204241,1204328,1204414,1204446,1204636,1204693,1204780,1204791,1204810,1204827,1204850,1204868,1204934,1204957,1204963,1204967,1205128,1205130,1205220,1205264,1205329,1205330,1205428,1205473,1205514,1205567,1205617,1205671,1205700,1205705,1205709,1205753,1205796,1205984,1205985,1205986,1205987,1205988,1205989,1206032,1206037,1206207
CVE References: CVE-2022-2602,CVE-2022-28693,CVE-2022-29900,CVE-2022-29901,CVE-2022-3567,CVE-2022-3628,CVE-2022-3635,CVE-2022-3707,CVE-2022-3903,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.106.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.106.1, kernel-64kb-5.3.18-150300.59.106.1, kernel-debug-5.3.18-150300.59.106.1, kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-docs-5.3.18-150300.59.106.1, kernel-kvmsmall-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-obs-qa-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1, kernel-zfcpdump-5.3.18-150300.59.106.1
SUSE Manager Server 4.2 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-zfcpdump-5.3.18-150300.59.106.1
SUSE Manager Retail Branch Server 4.2 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1
SUSE Manager Proxy 4.2 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1
SUSE Linux Enterprise Server for SAP 15-SP3 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-docs-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1
SUSE Linux Enterprise Server 15-SP3-LTSS (src):    kernel-64kb-5.3.18-150300.59.106.1, kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-docs-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1, kernel-zfcpdump-5.3.18-150300.59.106.1
SUSE Linux Enterprise Server 15-SP3-BCL (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-docs-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1
SUSE Linux Enterprise Realtime Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-docs-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-livepatch-SLE15-SP3_Update_27-1-150300.7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.106.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.106.1, kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-zfcpdump-5.3.18-150300.59.106.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (src):    kernel-64kb-5.3.18-150300.59.106.1, kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-docs-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (src):    kernel-64kb-5.3.18-150300.59.106.1, kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-docs-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.106.1
SUSE Enterprise Storage 7.1 (src):    kernel-64kb-5.3.18-150300.59.106.1, kernel-default-5.3.18-150300.59.106.1, kernel-default-base-5.3.18-150300.59.106.1.150300.18.60.2, kernel-docs-5.3.18-150300.59.106.1, kernel-obs-build-5.3.18-150300.59.106.1, kernel-preempt-5.3.18-150300.59.106.1, kernel-source-5.3.18-150300.59.106.1, kernel-syms-5.3.18-150300.59.106.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 50 Swamp Workflow Management 2022-12-23 14:47:27 UTC

SUSE-SU-2022:4613-1: An update that solves 17 vulnerabilities and has 37 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1156395,1184350,1189297,1192761,1200845,1201455,1203144,1203746,1204017,1204142,1204215,1204241,1204328,1204446,1204631,1204636,1204693,1204780,1204791,1204810,1204827,1204850,1204868,1204934,1204957,1204963,1204967,1205128,1205130,1205186,1205220,1205329,1205330,1205428,1205473,1205514,1205617,1205671,1205700,1205705,1205709,1205753,1205796,1205984,1205985,1205986,1205987,1205988,1205989,1206032,1206037,1206207
CVE References: CVE-2022-2602,CVE-2022-28693,CVE-2022-3567,CVE-2022-3628,CVE-2022-3635,CVE-2022-3707,CVE-2022-3903,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-rt-5.3.18-150300.112.1
openSUSE Leap 15.3 (src):    kernel-rt-5.3.18-150300.112.1, kernel-rt_debug-5.3.18-150300.112.1, kernel-source-rt-5.3.18-150300.112.1, kernel-syms-rt-5.3.18-150300.112.1
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.112.1, kernel-rt_debug-5.3.18-150300.112.1, kernel-source-rt-5.3.18-150300.112.1, kernel-syms-rt-5.3.18-150300.112.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.112.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.112.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 51 Swamp Workflow Management 2022-12-23 14:53:27 UTC

SUSE-SU-2022:4611-1: An update that solves 31 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 1129898,1177282,1196018,1198702,1201309,1202097,1202686,1203008,1203290,1203322,1203514,1203960,1203987,1204166,1204168,1204170,1204354,1204402,1204414,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205128,1205130,1205220,1205514,1205671,1205796,1206164
CVE References: CVE-2019-3874,CVE-2020-26541,CVE-2021-4037,CVE-2022-2663,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3524,CVE-2022-3542,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-42703,CVE-2022-43750,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.182.1, kernel-source-4.4.180-94.182.1, kernel-syms-4.4.180-94.182.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 52 Swamp Workflow Management 2022-12-23 15:27:42 UTC

SUSE-SU-2022:4617-1: An update that solves 96 vulnerabilities, contains 50 features and has 246 fixes is now available.

Category: security (important)
Bug References: 1023051,1032323,1065729,1071995,1152472,1152489,1156395,1164051,1177471,1184350,1185032,1188238,1189297,1189999,1190256,1190497,1190969,1192968,1193629,1194023,1194592,1194869,1194904,1195480,1195917,1196018,1196444,1196616,1196632,1196867,1196869,1197158,1197391,1197659,1197755,1197756,1197757,1197763,1198189,1198410,1198577,1198702,1198971,1199086,1199364,1199515,1199670,1199904,1200015,1200058,1200268,1200288,1200301,1200313,1200431,1200465,1200494,1200544,1200567,1200622,1200644,1200651,1200692,1200788,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201308,1201309,1201310,1201361,1201427,1201442,1201455,1201489,1201610,1201675,1201725,1201726,1201768,1201865,1201940,1201941,1201948,1201954,1201956,1201958,1202095,1202096,1202097,1202113,1202131,1202154,1202187,1202262,1202265,1202312,1202341,1202346,1202347,1202385,1202393,1202447,1202471,1202558,1202623,1202636,1202672,1202681,1202685,1202686,1202700,1202710,1202711,1202712,1202713,1202715,1202716,1202757,1202758,1202759,1202761,1202762,1202763,1202764,1202765,1202766,1202767,1202768,1202769,1202770,1202771,1202773,1202774,1202775,1202776,1202778,1202779,1202780,1202781,1202782,1202783,1202822,1202823,1202824,1202860,1202867,1202872,1202874,1202898,1202914,1202960,1202989,1202992,1202993,1203002,1203008,1203036,1203039,1203041,1203063,1203066,1203067,1203098,1203101,1203107,1203116,1203117,1203138,1203139,1203159,1203183,1203197,1203208,1203229,1203263,1203290,1203338,1203360,1203361,1203389,1203391,1203410,1203435,1203505,1203511,1203514,1203552,1203606,1203664,1203693,1203699,1203767,1203769,1203770,1203794,1203798,1203802,1203829,1203893,1203902,1203906,1203908,1203922,1203935,1203939,1203960,1203969,1203987,1203992,1203994,1204017,1204051,1204059,1204060,1204092,1204125,1204132,1204142,1204166,1204168,1204170,1204171,1204183,1204228,1204241,1204289,1204290,1204291,1204292,1204353,1204354,1204355,1204402,1204405,1204413,1204414,1204415,1204417,1204424,1204428,1204431,1204432,1204439,1204470,1204479,1204486,1204498,1204533,1204569,1204574,1204575,1204576,1204619,1204624,1204631,1204635,1204636,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204745,1204753,1204780,1204810,1204850,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970,1205007,1205100,1205111,1205113,1205128,1205130,1205149,1205153,1205220,1205257,1205264,1205282,1205313,1205331,1205332,1205427,1205428,1205473,1205496,1205507,1205514,1205521,1205567,1205616,1205617,1205653,1205671,1205679,1205683,1205700,1205705,1205709,1205711,1205744,1205764,1205796,1205882,1205993,1206035,1206036,1206037,1206045,1206046,1206047,1206048,1206049,1206050,1206051,1206056,1206057,1206113,1206114,1206147,1206149,1206207,1206273,1206391
CVE References: CVE-2016-3695,CVE-2020-16119,CVE-2020-36516,CVE-2021-33135,CVE-2021-4037,CVE-2022-1184,CVE-2022-1263,CVE-2022-1882,CVE-2022-20368,CVE-2022-20369,CVE-2022-2153,CVE-2022-2586,CVE-2022-2588,CVE-2022-2602,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-28356,CVE-2022-28693,CVE-2022-2873,CVE-2022-28748,CVE-2022-2905,CVE-2022-2938,CVE-2022-2959,CVE-2022-2964,CVE-2022-2977,CVE-2022-2978,CVE-2022-3028,CVE-2022-3078,CVE-2022-3114,CVE-2022-3169,CVE-2022-3176,CVE-2022-3202,CVE-2022-32250,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3566,CVE-2022-3567,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3635,CVE-2022-3640,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-36879,CVE-2022-36946,CVE-2022-3707,CVE-2022-3903,CVE-2022-39188,CVE-2022-39189,CVE-2022-39190,CVE-2022-40476,CVE-2022-40768,CVE-2022-4095,CVE-2022-41218,CVE-2022-4129,CVE-2022-4139,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45869,CVE-2022-45888,CVE-2022-45934
JIRA References: PED-1082,PED-1084,PED-1085,PED-1096,PED-1211,PED-1573,PED-1649,PED-1706,PED-1936,PED-2684,PED-387,PED-529,PED-611,PED-634,PED-652,PED-664,PED-676,PED-678,PED-679,PED-682,PED-688,PED-707,PED-720,PED-729,PED-732,PED-755,PED-763,PED-813,PED-817,PED-822,PED-824,PED-825,PED-833,PED-842,PED-846,PED-849,PED-850,PED-851,PED-856,PED-857,SLE-13847,SLE-18130,SLE-19359,SLE-19924,SLE-20183,SLE-23766,SLE-24572,SLE-24682,SLE-24814,SLE-9246
Sources used:
openSUSE Leap Micro 5.3 (src):    kernel-rt-5.14.21-150400.15.5.1
openSUSE Leap 15.4 (src):    kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1
SUSE Linux Enterprise Module for Realtime 15-SP4 (src):    kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-livepatch-SLE15-SP4-RT_Update_1-1-150400.1.3.1
SUSE Linux Enterprise Micro 5.3 (src):    kernel-rt-5.14.21-150400.15.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 59 Swamp Workflow Management 2023-02-15 14:26:57 UTC

SUSE-SU-2023:0416-1: An update that solves 62 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1055710,1084513,1131430,1133374,1154848,1166098,1173514,1177471,1191961,1196973,1197331,1197343,1197366,1197391,1198516,1198829,1199063,1199426,1199487,1199650,1199657,1200598,1200619,1200692,1200910,1201050,1201251,1201429,1201635,1201636,1201940,1201948,1202097,1202346,1202347,1202393,1202500,1202897,1202898,1202960,1203107,1203271,1203514,1203769,1203960,1203987,1204166,1204354,1204405,1204431,1204439,1204574,1204631,1204646,1204647,1204653,1204894,1204922,1205220,1205514,1205671,1205796,1206677
CVE References: CVE-2017-13695,CVE-2018-7755,CVE-2019-3837,CVE-2019-3900,CVE-2020-15393,CVE-2020-16119,CVE-2020-36557,CVE-2020-36558,CVE-2021-26341,CVE-2021-33655,CVE-2021-33656,CVE-2021-34981,CVE-2021-39713,CVE-2021-45868,CVE-2022-1011,CVE-2022-1048,CVE-2022-1353,CVE-2022-1462,CVE-2022-1652,CVE-2022-1679,CVE-2022-20132,CVE-2022-20166,CVE-2022-20368,CVE-2022-20369,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21385,CVE-2022-21499,CVE-2022-2318,CVE-2022-2663,CVE-2022-28356,CVE-2022-29900,CVE-2022-29901,CVE-2022-3028,CVE-2022-3303,CVE-2022-33981,CVE-2022-3424,CVE-2022-3524,CVE-2022-3565,CVE-2022-3566,CVE-2022-3586,CVE-2022-3621,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-36879,CVE-2022-36946,CVE-2022-3903,CVE-2022-39188,CVE-2022-40768,CVE-2022-4095,CVE-2022-41218,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-43750,CVE-2022-44032,CVE-2022-44033,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS-EXTREME-CORE (src):    kernel-default-3.0.101-108.138.1, kernel-ec2-3.0.101-108.138.1, kernel-source-3.0.101-108.138.1, kernel-syms-3.0.101-108.138.1, kernel-trace-3.0.101-108.138.1, kernel-xen-3.0.101-108.138.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.