Bug 1089895 – VUL-0: CVE-2018-1000199: kernel: ptrace() bug leading to DoS or possibly corruption

Bug 1089895 - (CVE-2018-1000199) VUL-0: CVE-2018-1000199: kernel: ptrace() bug leading to DoS or possibly corruption

(CVE-2018-1000199)
Summary:	VUL-0: CVE-2018-1000199: kernel: ptrace() bug leading to DoS or possibly corr...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/204088/
Whiteboard:	CVSSv3:RedHat:CVE-2018-1000199:7.8:(A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2018-04-17 14:52 UTC by Johannes Segitz
Modified:	2020-09-04 10:14 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
dr7_clash.c (1.63 KB, text/x-csrc) 2018-05-01 18:41 UTC, Marcus Meissner	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Comment 1 Johannes Segitz 2018-04-17 15:07:48 UTC

The reproducer kills my SLE 12 SP3 VM immediately

Comment 3 Johannes Segitz 2018-04-18 06:03:50 UTC

CRD: 2018-04-24 15:00 UTC

Comment 6 Marcus Meissner 2018-04-19 16:19:21 UTC

patches.kernel.org/4.4.127-004-perf-hwbp-Simplify-the-perf-hwbp-code-fix-doc.patch

Comment 7 Johannes Segitz 2018-04-23 06:08:13 UTC

New
CRD: 2018-05-01 15:00

Comment 9 Marcus Meissner 2018-05-01 18:39:19 UTC

is public

From: Andy Lutomirski <luto@kernel.org>
Date: Tue, 01 May 2018 15:35:06 +0000
Subject: [oss-security] CVE-2018-1000199: ptrace() incorrect error handling leads to corruption and DoS

The Linux ptrace code virtualizes access to the debug registers, and
the virtualization code has incorrect error handling.  This means that
if you write an illegal value to, say, DR0, the internal state of the
kernel's breakpoint tracking can become corrupt despite the fact that
the ptrace() call will return -EINVAL.

As a example, you can find the address of do_debug in /proc/kallsyms
on an x86 kernel and pass that address to the attached PoC.  I suspect
that architectures other than x86 are affected as well, but I haven't
tried to exploit it.  The bug itself is spread all over the place in
the kernel in generic and arch code.

I haven't spotted an obvious way to get privilege escalation using
this bug, but it may exist.  For example, it's plausible that using
this bug to target the perf NMI handler could result in overflowing
the NMI stack, resulting in various forms of corruption.  I haven't
tried to analyze the impact on non-x86 architectures since I only know
how x86 breakpoints work, but the effects of the bug could be very
different.

Linus has mostly fixed this upstream in commit
f67b15037a7a50c57f72e69a6d59941ad90a0f0f.  With that commit applied,
the error handling is still wrong but the defect results in a disabled
breakpoint instead of an incorrect breakpoint.

This bug was discovered by me.

Comment 10 Marcus Meissner 2018-05-01 18:41:56 UTC

Created attachment 768748 [details]
dr7_clash.c

QA REPRODUCER:

gcc -o dr7_clash dr7_clash.c
./dr7_clash

Comment 14 Michal Hocko 2018-05-03 20:57:41 UTC

pushed to cve/linux-3.12, cve/linux-3.0.

Please note that 3.0 and older are missing 500ad2d8b0139 but I didn't backport that one because it seems like a separate issue we have never encountered so I rather stayed back on this one.

I will have to double check 2.6.32 tree because I do not see kernel/hw_breakpoint.c there. Git says

$ git describe --contains 44234adcdce3
v2.6.32-git9~7^2~16

but grep doesn't really show modify_user_hw_breakpoint in the tree neither does
$ git grep modify_user_hw_breakpoint v2.6.32

on the Linus tree. So I suspect this is some stray git tag and cve/linux-2.6.32 is not really affected.

Comment 16 Swamp Workflow Management 2018-05-23 06:00:44 UTC

SUSE-SU-2018:1366-1: An update that solves 9 vulnerabilities and has 71 fixes is now available.

Category: security (important)
Bug References: 1005778,1005780,1005781,1009062,1012382,1015336,1015337,1015340,1015342,1015343,1022604,1022743,1024296,1031492,1036215,1043598,1044596,1056415,1056427,1060799,1068032,1075087,1075091,1075994,1076263,1080157,1082153,1082299,1082485,1082962,1083125,1083635,1083650,1083900,1084721,1085058,1085185,1085511,1085958,1087082,1088242,1088865,1089023,1089115,1089198,1089393,1089608,1089644,1089752,1089895,1089925,1090225,1090643,1090658,1090663,1090708,1090718,1090734,1090953,1091041,1091325,1091728,1091925,1091960,1092289,1092497,1092566,1092904,1093008,1093144,1093215,1094019,802154,966170,966172,966186,966191,969476,969477,981348
CVE References: CVE-2018-1000199,CVE-2018-10087,CVE-2018-10124,CVE-2018-1065,CVE-2018-1130,CVE-2018-3639,CVE-2018-5803,CVE-2018-7492,CVE-2018-8781
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.131-94.29.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.131-94.29.1, kernel-obs-build-4.4.131-94.29.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.131-94.29.1, kernel-source-4.4.131-94.29.1, kernel-syms-4.4.131-94.29.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_12-1-4.5.2
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.131-94.29.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.131-94.29.1, kernel-source-4.4.131-94.29.1, kernel-syms-4.4.131-94.29.1
SUSE CaaS Platform ALL (src):    kernel-default-4.4.131-94.29.1

Comment 17 Swamp Workflow Management 2018-05-23 06:10:04 UTC

SUSE-SU-2018:1368-1: An update that solves 5 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1046610,1052943,1068032,1075087,1075088,1080157,1084760,1087082,1087092,1089895,1090630,1090888,1091041,1091671,1091755,1091815,1092372,1092497,1094019
CVE References: CVE-2017-5715,CVE-2017-5753,CVE-2018-1000199,CVE-2018-10675,CVE-2018-3639
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-108.48.1
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-108.48.1, kernel-default-3.0.101-108.48.1, kernel-ec2-3.0.101-108.48.1, kernel-pae-3.0.101-108.48.1, kernel-ppc64-3.0.101-108.48.1, kernel-source-3.0.101-108.48.1, kernel-syms-3.0.101-108.48.1, kernel-trace-3.0.101-108.48.1, kernel-xen-3.0.101-108.48.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.48.1, kernel-pae-3.0.101-108.48.1, kernel-ppc64-3.0.101-108.48.1, kernel-trace-3.0.101-108.48.1, kernel-xen-3.0.101-108.48.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-108.48.1, kernel-default-3.0.101-108.48.1, kernel-ec2-3.0.101-108.48.1, kernel-pae-3.0.101-108.48.1, kernel-ppc64-3.0.101-108.48.1, kernel-trace-3.0.101-108.48.1, kernel-xen-3.0.101-108.48.1

Comment 18 Swamp Workflow Management 2018-05-23 06:20:32 UTC

SUSE-SU-2018:1374-1: An update that solves three vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1087082,1087845,1089895,1091755,1092497,1093215,1094019,985025
CVE References: CVE-2018-1000199,CVE-2018-10675,CVE-2018-3639
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.133.1, kernel-source-3.12.61-52.133.1, kernel-syms-3.12.61-52.133.1, kernel-xen-3.12.61-52.133.1, kgraft-patch-SLE12_Update_35-1-1.5.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.133.1

Comment 19 Swamp Workflow Management 2018-05-23 06:22:15 UTC

SUSE-SU-2018:1375-1: An update that solves three vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1087082,1087845,1089895,1091755,1092497,1093215,1094019,985025
CVE References: CVE-2018-1000199,CVE-2018-10675,CVE-2018-3639
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.93.1, kernel-source-3.12.74-60.64.93.1, kernel-syms-3.12.74-60.64.93.1, kernel-xen-3.12.74-60.64.93.1, kgraft-patch-SLE12-SP1_Update_28-1-2.5.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.93.1, kernel-source-3.12.74-60.64.93.1, kernel-syms-3.12.74-60.64.93.1, kernel-xen-3.12.74-60.64.93.1, kgraft-patch-SLE12-SP1_Update_28-1-2.5.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.93.1

Comment 20 Swamp Workflow Management 2018-05-23 06:24:19 UTC

SUSE-SU-2018:1376-1: An update that solves 5 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1046610,1085279,1087082,1089895,1091755,1092497,1094019
CVE References: CVE-2017-5715,CVE-2017-5753,CVE-2018-1000199,CVE-2018-10675,CVE-2018-3639
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.106.29.1, kernel-default-3.0.101-0.47.106.29.1, kernel-ec2-3.0.101-0.47.106.29.1, kernel-pae-3.0.101-0.47.106.29.1, kernel-source-3.0.101-0.47.106.29.1, kernel-syms-3.0.101-0.47.106.29.1, kernel-trace-3.0.101-0.47.106.29.1, kernel-xen-3.0.101-0.47.106.29.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.106.29.1, kernel-default-3.0.101-0.47.106.29.1, kernel-pae-3.0.101-0.47.106.29.1, kernel-ppc64-3.0.101-0.47.106.29.1, kernel-trace-3.0.101-0.47.106.29.1, kernel-xen-3.0.101-0.47.106.29.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    kernel-default-3.0.101-0.47.106.29.1, kernel-ec2-3.0.101-0.47.106.29.1, kernel-pae-3.0.101-0.47.106.29.1, kernel-source-3.0.101-0.47.106.29.1, kernel-syms-3.0.101-0.47.106.29.1, kernel-trace-3.0.101-0.47.106.29.1, kernel-xen-3.0.101-0.47.106.29.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.106.29.1, kernel-default-3.0.101-0.47.106.29.1, kernel-ec2-3.0.101-0.47.106.29.1, kernel-pae-3.0.101-0.47.106.29.1, kernel-trace-3.0.101-0.47.106.29.1, kernel-xen-3.0.101-0.47.106.29.1

Comment 21 Swamp Workflow Management 2018-05-24 19:21:21 UTC

openSUSE-SU-2018:1418-1: An update that solves 11 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1005778,1005780,1005781,1009062,1012382,1015336,1015337,1015340,1015342,1015343,1022604,1022743,1024296,1031492,1036215,1043598,1044596,1056415,1056427,1060799,1066223,1068032,1070404,1073059,1075087,1075091,1075994,1076263,1076805,1080157,1081599,1082153,1082299,1082485,1082962,1083125,1083635,1083650,1083900,1084610,1084699,1084721,1085058,1085185,1085511,1085679,1085958,1086162,1087082,1087274,1088050,1088242,1088267,1088313,1088600,1088684,1088810,1088865,1088871,1089023,1089115,1089198,1089393,1089608,1089644,1089752,1089895,1089925,1090225,1090643,1090658,1090663,1090708,1090718,1090734,1090953,1091041,1091325,1091728,1091960,1092289,1092497,1092566,1092772,1092888,1092904,1092975,1093008,1093035,1093144,1093215,1093990,1094019,1094033,1094059,802154,966170,966172,966186,966191,969476,969477,981348,993388
CVE References: CVE-2017-18257,CVE-2018-1000199,CVE-2018-10087,CVE-2018-10124,CVE-2018-1065,CVE-2018-1130,CVE-2018-3639,CVE-2018-5803,CVE-2018-7492,CVE-2018-8781,CVE-2018-8822
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.132-53.1, kernel-default-4.4.132-53.1, kernel-docs-4.4.132-53.1, kernel-obs-build-4.4.132-53.1, kernel-obs-qa-4.4.132-53.1, kernel-source-4.4.132-53.1, kernel-syms-4.4.132-53.1, kernel-vanilla-4.4.132-53.1

Comment 23 Swamp Workflow Management 2018-06-26 16:21:02 UTC

SUSE-SU-2018:1816-1: An update that solves 17 vulnerabilities and has 109 fixes is now available.

Category: security (important)
Bug References: 1009062,1012382,1019695,1019699,1022604,1022607,1022743,1024718,1031717,1035432,1036215,1041740,1043598,1044596,1045330,1056415,1056427,1060799,1066223,1068032,1068054,1068951,1070404,1073059,1073311,1075087,1075428,1076049,1076263,1076805,1078583,1079152,1080157,1080542,1080656,1081500,1081514,1081599,1082153,1082299,1082485,1082504,1082962,1082979,1083635,1083650,1083900,1084721,1085185,1085308,1086400,1086716,1087007,1087012,1087036,1087082,1087086,1087095,1088810,1088871,1089023,1089115,1089393,1089895,1090225,1090435,1090534,1090643,1090658,1090663,1090708,1090718,1090734,1090953,1090955,1091041,1091325,1091594,1091728,1091960,1092289,1092497,1092552,1092566,1092772,1092813,1092888,1092904,1092975,1093008,1093035,1093144,1093215,1093533,1093904,1093990,1094019,1094033,1094059,1094177,1094268,1094353,1094356,1094405,1094466,1094532,1094823,1094840,1095042,1095147,1096037,1096140,1096214,1096242,1096281,1096751,1096982,1097234,1097356,1098009,1098012,919144,971975,973378,978907,993388
CVE References: CVE-2017-13305,CVE-2017-17741,CVE-2017-18241,CVE-2017-18249,CVE-2018-1000199,CVE-2018-1065,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-12233,CVE-2018-3639,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492,CVE-2018-8781
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP3 (src):    kernel-rt-4.4.138-3.14.1, kernel-rt_debug-4.4.138-3.14.1, kernel-source-rt-4.4.138-3.14.1, kernel-syms-rt-4.4.138-3.14.1

Comment 24 Swamp Workflow Management 2018-06-29 13:23:58 UTC

SUSE-SU-2018:1846-1: An update that solves four vulnerabilities and has 116 fixes is now available.

Category: security (important)
Bug References: 1013018,1046610,1052351,1052943,1065726,1068032,1068054,1070404,1072689,1075087,1075088,1079152,1080157,1080837,1083347,1084760,1087082,1087086,1087088,1087092,1088343,1088997,1088998,1088999,1089000,1089001,1089002,1089003,1089004,1089005,1089006,1089007,1089008,1089010,1089011,1089012,1089013,1089016,1089192,1089199,1089200,1089201,1089202,1089203,1089204,1089205,1089206,1089207,1089208,1089209,1089210,1089211,1089212,1089213,1089214,1089215,1089216,1089217,1089218,1089219,1089220,1089221,1089222,1089223,1089224,1089225,1089226,1089227,1089228,1089229,1089230,1089231,1089232,1089233,1089234,1089235,1089236,1089237,1089238,1089239,1089240,1089241,1089386,1089895,1090607,1090630,1090888,1091041,1091659,1091671,1091755,1091815,1092372,1092497,1093194,1093195,1093196,1093197,1093198,1093600,1093710,1094019,1094244,1094421,1094422,1094423,1094424,1094425,1094436,1094437,1096140,1096242,1096281,1096746,1097443,1097445,1097948,919382,973378,989401
CVE References: CVE-2018-1000199,CVE-2018-10675,CVE-2018-3639,CVE-2018-3665
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.27.1, kernel-rt_trace-3.0.101.rt130-69.27.1, kernel-source-rt-3.0.101.rt130-69.27.1, kernel-syms-rt-3.0.101.rt130-69.27.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.27.1, kernel-rt_debug-3.0.101.rt130-69.27.1, kernel-rt_trace-3.0.101.rt130-69.27.1

Comment 25 Swamp Workflow Management 2018-06-29 19:18:18 UTC

SUSE-SU-2018:1855-1: An update that solves 14 vulnerabilities and has 15 fixes is now available.

Category: security (important)
Bug References: 1068032,1079152,1082962,1083650,1083900,1085185,1086400,1087007,1087012,1087036,1087086,1087095,1089895,1090534,1090955,1092497,1092552,1092813,1092904,1094033,1094353,1094823,1095042,1096140,1096242,1096281,1096728,1097356,973378
CVE References: CVE-2017-13305,CVE-2017-18241,CVE-2017-18249,CVE-2018-1000199,CVE-2018-1000204,CVE-2018-1065,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.121-92.85.1

Comment 30 Swamp Workflow Management 2018-10-18 16:46:45 UTC

SUSE-SU-2018:1855-2: An update that solves 14 vulnerabilities and has 15 fixes is now available.

Category: security (important)
Bug References: 1068032,1079152,1082962,1083650,1083900,1085185,1086400,1087007,1087012,1087036,1087086,1087095,1089895,1090534,1090955,1092497,1092552,1092813,1092904,1094033,1094353,1094823,1095042,1096140,1096242,1096281,1096728,1097356,973378
CVE References: CVE-2017-13305,CVE-2017-18241,CVE-2017-18249,CVE-2018-1000199,CVE-2018-1000204,CVE-2018-1065,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1

Comment 31 Marcus Meissner 2019-07-11 05:46:44 UTC

done

Comment 38 Swamp Workflow Management 2020-06-09 22:16:23 UTC

SUSE-SU-2020:1587-1: An update that solves 24 vulnerabilities and has 133 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1141558,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168503,1168670,1168789,1169005,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171761,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172249,1172251,1172253,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.16.1, kernel-source-azure-4.12.14-16.16.1, kernel-syms-azure-4.12.14-16.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Swamp Workflow Management 2020-06-10 13:24:33 UTC

SUSE-SU-2020:1599-1: An update that solves 24 vulnerabilities and has 126 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168670,1168789,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172249,1172251,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.45.1, kernel-livepatch-SLE15-SP1_Update_12-1-3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 41 Swamp Workflow Management 2020-06-10 13:45:49 UTC

SUSE-SU-2020:1599-1: An update that solves 24 vulnerabilities and has 126 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168670,1168789,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172249,1172251,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.45.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.45.1, kernel-livepatch-SLE15-SP1_Update_12-1-3.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.45.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.45.1, kernel-obs-build-4.12.14-197.45.1, kernel-source-4.12.14-197.45.1, kernel-syms-4.12.14-197.45.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.45.1, kernel-source-4.12.14-197.45.1, kernel-zfcpdump-4.12.14-197.45.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.45.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 42 OBSbugzilla Bot 2020-06-10 18:40:46 UTC

This is an autogenerated message for OBS integration:
This bug (1089895) was mentioned in
https://build.opensuse.org/request/show/813298 15.1 / kernel-source

Comment 43 Swamp Workflow Management 2020-06-10 19:13:10 UTC

SUSE-SU-2020:1603-1: An update that solves 23 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1082555,1089895,1114279,1133021,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1165183,1165741,1166969,1167574,1167851,1168503,1168670,1169020,1169514,1169525,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171679,1171691,1171694,1171695,1171736,1171761,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.43.1, kernel-source-azure-4.12.14-6.43.1, kernel-syms-azure-4.12.14-6.43.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 44 Swamp Workflow Management 2020-06-10 19:26:31 UTC

SUSE-SU-2020:1602-1: An update that solves 24 vulnerabilities and has 133 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1141558,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168503,1168670,1168789,1169005,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171761,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172249,1172251,1172253,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.23.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.23.1, kernel-obs-build-4.12.14-122.23.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.23.1, kernel-source-4.12.14-122.23.1, kernel-syms-4.12.14-122.23.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 45 Swamp Workflow Management 2020-06-10 19:44:40 UTC

SUSE-SU-2020:1605-1: An update that solves 23 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1089895,1111666,1114279,1133021,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1165183,1165741,1166969,1167574,1167851,1168503,1168670,1169020,1169514,1169525,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171679,1171691,1171694,1171695,1171736,1171761,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.54.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.54.1, kernel-obs-build-4.12.14-95.54.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.54.1, kernel-source-4.12.14-95.54.1, kernel-syms-4.12.14-95.54.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.54.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 46 Swamp Workflow Management 2020-06-10 19:58:12 UTC

SUSE-SU-2020:1605-1: An update that solves 23 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1089895,1111666,1114279,1133021,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1165183,1165741,1166969,1167574,1167851,1168503,1168670,1169020,1169514,1169525,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171679,1171691,1171694,1171695,1171736,1171761,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.54.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.54.1, kernel-obs-build-4.12.14-95.54.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.54.1, kernel-source-4.12.14-95.54.1, kernel-syms-4.12.14-95.54.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.54.1, kgraft-patch-SLE12-SP4_Update_14-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.54.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Swamp Workflow Management 2020-06-10 20:11:29 UTC

SUSE-SU-2020:1604-1: An update that solves 24 vulnerabilities and has 126 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168670,1168789,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172249,1172251,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.33.1, kernel-source-azure-4.12.14-8.33.1, kernel-syms-azure-4.12.14-8.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Swamp Workflow Management 2020-06-10 20:28:57 UTC

SUSE-SU-2020:1602-1: An update that solves 24 vulnerabilities and has 133 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1141558,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168503,1168670,1168789,1169005,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171761,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172249,1172251,1172253,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.23.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.23.1, kernel-obs-build-4.12.14-122.23.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.23.1, kernel-source-4.12.14-122.23.1, kernel-syms-4.12.14-122.23.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.23.1, kgraft-patch-SLE12-SP5_Update_5-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 49 Swamp Workflow Management 2020-06-13 07:20:12 UTC

openSUSE-SU-2020:0801-1: An update that solves 25 vulnerabilities and has 132 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1083647,1089895,1090036,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168670,1168789,1168829,1168854,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170740,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171252,1171254,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172249,1172251,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-11608,CVE-2020-11609,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12769,CVE-2020-13143
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.52.1, kernel-default-4.12.14-lp151.28.52.1, kernel-docs-4.12.14-lp151.28.52.2, kernel-kvmsmall-4.12.14-lp151.28.52.1, kernel-obs-build-4.12.14-lp151.28.52.3, kernel-obs-qa-4.12.14-lp151.28.52.3, kernel-source-4.12.14-lp151.28.52.1, kernel-syms-4.12.14-lp151.28.52.1, kernel-vanilla-4.12.14-lp151.28.52.1

Comment 51 Swamp Workflow Management 2020-06-18 13:18:50 UTC

SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 52 Swamp Workflow Management 2020-06-18 13:39:24 UTC

SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.52.1, kernel-livepatch-SLE15_Update_18-1-1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 54 Swamp Workflow Management 2020-08-06 22:15:24 UTC

SUSE-SU-2020:2156-1: An update that solves 32 vulnerabilities and has 122 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1085030,1089895,1104967,1111666,1114279,1133021,1144333,1148868,1150660,1151794,1152107,1152489,1152624,1154824,1157169,1158265,1158983,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1165183,1165741,1166969,1167574,1167851,1168081,1168503,1168670,1169020,1169194,1169514,1169525,1169625,1169795,1170011,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171424,1171527,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171673,1171679,1171691,1171694,1171695,1171736,1171761,1171868,1171904,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172257,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453,1172458,1172484,1172759,1172775,1172781,1172782,1172783,1172999,1173265,1173280,1173428,1173462,1173659
CVE References: CVE-2018-1000199,CVE-2019-16746,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.23.1, kernel-rt_debug-4.12.14-8.23.1, kernel-source-rt-4.12.14-8.23.1, kernel-syms-rt-4.12.14-8.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 55 Swamp Workflow Management 2020-09-03 13:20:48 UTC

SUSE-SU-2020:2478-1: An update that solves 39 vulnerabilities and has 234 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1065729,1071995,1082555,1083647,1085030,1089895,1103990,1103991,1103992,1104745,1104967,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1137325,1141558,1142685,1144333,1145929,1148868,1150660,1151794,1151927,1152107,1152489,1152624,1154824,1157169,1158265,1158983,1159037,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1163309,1163403,1163897,1164284,1164780,1164871,1165183,1165478,1165741,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166969,1166978,1166985,1167104,1167288,1167574,1167851,1167867,1168081,1168202,1168332,1168486,1168503,1168670,1168760,1168762,1168763,1168764,1168765,1168789,1168881,1168884,1168952,1168959,1169005,1169013,1169020,1169057,1169194,1169390,1169514,1169525,1169625,1169762,1169771,1169795,1170011,1170056,1170125,1170145,1170284,1170345,1170442,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171424,1171527,1171529,1171530,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171673,1171679,1171691,1171692,1171694,1171695,1171732,1171736,1171739,1171743,1171753,1171759,1171761,1171817,1171835,1171841,1171868,1171904,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172247,1172249,1172251,1172253,1172257,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453,1172458,1172472,1172484,1172537,1172538,1172687,1172719,1172759,1172770,1172775,1172781,1172782,1172783,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173462,1173514,1173567,1173573,1173659,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174130,1174186,1174187,1174296
CVE References: CVE-2018-1000199,CVE-2019-16746,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-20908,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.13.1, kernel-rt_debug-4.12.14-10.13.1, kernel-source-rt-4.12.14-10.13.1, kernel-syms-rt-4.12.14-10.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 56 Swamp Workflow Management 2020-09-04 10:14:56 UTC

SUSE-SU-2020:2487-1: An update that solves 40 vulnerabilities and has 227 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1065729,1071995,1082555,1083647,1085030,1089895,1090036,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1137325,1142685,1144333,1145929,1148868,1150660,1151794,1151927,1152489,1152624,1154824,1157169,1158265,1158983,1159037,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1163309,1163403,1163897,1164284,1164780,1164871,1165183,1165478,1165741,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166969,1166978,1166985,1167104,1167288,1167574,1167851,1167867,1168081,1168202,1168332,1168486,1168670,1168760,1168762,1168763,1168764,1168765,1168789,1168881,1168884,1168952,1168959,1169020,1169057,1169194,1169390,1169514,1169525,1169625,1169762,1169771,1169795,1170011,1170056,1170125,1170145,1170284,1170345,1170442,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171424,1171527,1171529,1171530,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171732,1171736,1171739,1171743,1171753,1171759,1171817,1171835,1171841,1171868,1171904,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1171988,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172247,1172249,1172251,1172257,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453,1172458,1172484,1172537,1172538,1172687,1172719,1172759,1172775,1172781,1172782,1172783,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173514,1173567,1173573,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174186,1174187,1174296,1174343,1174356,1174409,1174438,1174462
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-20908,CVE-2019-9455,CVE-2020-0305,CVE-2020-0543,CVE-2020-10135,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.28.1, kernel-rt_debug-4.12.14-14.28.1, kernel-source-rt-4.12.14-14.28.1, kernel-syms-rt-4.12.14-14.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.