Bug 1122971 - (CVE-2018-20669) VUL-1: CVE-2018-20669: kernel-source: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)
(CVE-2018-20669)
VUL-1: CVE-2018-20669: kernel-source: Missing access_ok() checks in IOCTL fun...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/223604/
CVSSv3:SUSE:CVE-2018-20669:7.8:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-01-24 06:43 UTC by Marcus Meissner
Modified: 2022-03-04 21:14 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2019-01-24 06:43:18 UTC
via oss-sec

CVE-2018-20669

Due to a lack of "access_ok()" checks in i915_gem_execbuffer2_ioctl[1], it
is possible to escalate privileges similar to the waitid vulnerability[2]

This is CVE-2018-20669

[1] -
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=594cc251fdd0d231d342d88b2fdff4bc42fb0690
[2] - https://salls.github.io/Linux-Kernel-CVE-2017-5123/
Comment 3 Takashi Iwai 2019-01-24 14:44:07 UTC
I guess we can't take the upstream change as is for the already released products due to kABI.  Open-coded backports are needed, instead.
Comment 4 Michal Hocko 2019-01-24 14:56:15 UTC
(In reply to Takashi Iwai from comment #3)
> I guess we can't take the upstream change as is for the already released
> products due to kABI.  Open-coded backports are needed, instead.

Yeah, an explicit access_ok check for the affected path... Easy for the drm part but much more work to check all others
Comment 5 Takashi Iwai 2019-01-29 13:57:47 UTC
OK, then let's backport the upstream fix as-is for SLE15-SP1.

For SLE15 and older, we take the open-code backport for i915.
For the rest subsystems, it's another question, and IMO, we need another CVE, if any really exists.
Comment 6 Takashi Iwai 2019-01-29 15:00:00 UTC
... and looking at the upstream commit, it's not so trivial to backport to SLE15-SP1, either.  First off, this change requires access_ok() API change to drop the type argument.  And this commit follows more fix commits (but mostly for minor architectures).

As the type argument itself is mostly superfluous, so we can blindly pass VERIFY_READ or _WRITE there, too.  The question is whether this bug is worth for that effort...
Comment 7 Michal Hocko 2019-01-30 07:52:57 UTC
(In reply to Takashi Iwai from comment #6)
> ... and looking at the upstream commit, it's not so trivial to backport to
> SLE15-SP1, either.  First off, this change requires access_ok() API change
> to drop the type argument.
> 
> As the type argument itself is mostly superfluous, so we can blindly pass
> VERIFY_READ or _WRITE there, too.  The question is whether this bug is worth
> for that effort...

I think it would be easier to do the same as for older kernels and plug the i915 for now.
Comment 8 Takashi Iwai 2019-01-30 11:12:04 UTC
Agreed, it sounds like a better option, after all.

I'm going to push the fix to SLE15 branch, and it'll be merged to SLE12-SP4 and SLE15-SP1.  The bug doesn't seem present with 4.4.x, so only patching SLE15 should suffice for now.
Comment 9 Takashi Iwai 2019-01-30 14:34:47 UTC
Merged now to SLE15 branch.  Reassign back to security team.
Comment 10 Swamp Workflow Management 2019-02-12 16:25:16 UTC
This is an autogenerated message for OBS integration:
This bug (1122971) was mentioned in
https://build.opensuse.org/request/show/674163 15.0 / kernel-source
Comment 11 Swamp Workflow Management 2019-02-18 20:23:40 UTC
openSUSE-SU-2019:0203-1: An update that solves 6 vulnerabilities and has 61 fixes is now available.

Category: security (important)
Bug References: 1046306,1050252,1051510,1054610,1055121,1056658,1056662,1084216,1086301,1086313,1086314,1086323,1087082,1087092,1098382,1098425,1104353,1106105,1106434,1106811,1108870,1109695,1110705,1111666,1113712,1113722,1114279,1117155,1118338,1118505,1119086,1119766,1120318,1120758,1120854,1120902,1120954,1120955,1121599,1121726,1121973,1122019,1122324,1122554,1122662,1122779,1122885,1122927,1122944,1122971,1123061,1123317,1123348,1123357,1123538,1123697,1123933,1124204,1124579,1124589,1124728,1124732,1124735,1124969,1124985,1125109,802154
CVE References: CVE-2018-20669,CVE-2019-3459,CVE-2019-3460,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.48.1, kernel-default-4.12.14-lp150.12.48.1, kernel-docs-4.12.14-lp150.12.48.1, kernel-kvmsmall-4.12.14-lp150.12.48.1, kernel-obs-build-4.12.14-lp150.12.48.1, kernel-obs-qa-4.12.14-lp150.12.48.1, kernel-source-4.12.14-lp150.12.48.1, kernel-syms-4.12.14-lp150.12.48.1, kernel-vanilla-4.12.14-lp150.12.48.1
Comment 20 Swamp Workflow Management 2019-03-26 20:27:24 UTC
SUSE-SU-2019:0765-1: An update that solves 13 vulnerabilities and has 215 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1068032,1070995,1071995,1074562,1074578,1074701,1075006,1075419,1075748,1078355,1080039,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087084,1087092,1087939,1088133,1094555,1098382,1098425,1098995,1102055,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113769,1113939,1114279,1114585,1114893,1117108,1117155,1117645,1117947,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122159,1122192,1122292,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,807502,824948,828192,925178
CVE References: CVE-2017-5753,CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.13.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.13.1, kernel-obs-build-4.12.14-95.13.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.13.1, kernel-source-4.12.14-95.13.1, kernel-syms-4.12.14-95.13.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.13.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.13.1, kernel-source-4.12.14-95.13.1, kernel-syms-4.12.14-95.13.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2019-03-27 09:43:07 UTC
SUSE-SU-2019:0765-1: An update that solves 13 vulnerabilities and has 215 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1068032,1070995,1071995,1074562,1074578,1074701,1075006,1075419,1075748,1078355,1080039,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087084,1087092,1087939,1088133,1094555,1098382,1098425,1098995,1102055,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113769,1113939,1114279,1114585,1114893,1117108,1117155,1117645,1117947,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122159,1122192,1122292,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,807502,824948,828192,925178
CVE References: CVE-2017-5753,CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.13.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.13.1, kernel-obs-build-4.12.14-95.13.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.13.1, kernel-source-4.12.14-95.13.1, kernel-syms-4.12.14-95.13.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_3-1-6.7.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.13.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.13.1, kernel-source-4.12.14-95.13.1, kernel-syms-4.12.14-95.13.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2019-03-27 19:02:34 UTC
SUSE-SU-2019:0767-1: An update that solves 12 vulnerabilities and has 205 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1114893,1117108,1117155,1117645,1117947,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122159,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126284,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127081,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127577,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128378,1128451,1128895,1129016,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,807502,828192
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.9.1, kernel-source-azure-4.12.14-6.9.1, kernel-syms-azure-4.12.14-6.9.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2019-03-28 12:48:34 UTC
SUSE-SU-2019:0784-1: An update that solves 12 vulnerabilities and has 197 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1117108,1117155,1117645,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,824948
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.14.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.14.2, kernel-docs-4.12.14-150.14.1, kernel-obs-qa-4.12.14-150.14.2
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.14.2, kernel-livepatch-SLE15_Update_9-1-1.9.3
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.14.2
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.14.1, kernel-obs-build-4.12.14-150.14.2, kernel-source-4.12.14-150.14.1, kernel-syms-4.12.14-150.14.1, kernel-vanilla-4.12.14-150.14.2
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.14.2, kernel-source-4.12.14-150.14.1, kernel-zfcpdump-4.12.14-150.14.2
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.14.2

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2019-03-28 12:51:16 UTC
SUSE-SU-2019:0784-1: An update that solves 12 vulnerabilities and has 197 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1117108,1117155,1117645,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,824948
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.14.2, kernel-livepatch-SLE15_Update_9-1-1.9.3

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2019-03-28 12:52:16 UTC
SUSE-SU-2019:0767-1: An update that solves 12 vulnerabilities and has 205 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1114893,1117108,1117155,1117645,1117947,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122159,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126284,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127081,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127577,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128378,1128451,1128895,1129016,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,807502,828192
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.9.1, kernel-source-azure-4.12.14-6.9.1, kernel-syms-azure-4.12.14-6.9.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2019-03-28 14:25:18 UTC
SUSE-SU-2019:0785-1: An update that solves 12 vulnerabilities and has 198 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1117108,1117155,1117645,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127578,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,824948
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.24.1, kernel-source-azure-4.12.14-5.24.1, kernel-syms-azure-4.12.14-5.24.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 27 Marcus Meissner 2019-07-15 05:39:07 UTC
done
Comment 30 Swamp Workflow Management 2020-12-07 14:25:38 UTC
openSUSE-SU-2020:2193-1: An update that solves 7 vulnerabilities and has 45 fixes is now available.

Category: security (important)
Bug References: 1050242,1050536,1050545,1056653,1056657,1056787,1064802,1066129,1103990,1103992,1104389,1104393,1109837,1110096,1111666,1112178,1112374,1118657,1122971,1136460,1136461,1158775,1170139,1172542,1174726,1174852,1175916,1176109,1177304,1177666,1177805,1177808,1178589,1178635,1178669,1178897,1178940,1178962,1179107,1179140,1179141,1179211,1179213,1179259,1179403,1179406,1179418,1179421,1179424,1179426,1179427,1179429
CVE References: CVE-2018-20669,CVE-2020-15436,CVE-2020-15437,CVE-2020-27777,CVE-2020-28974,CVE-2020-29371,CVE-2020-4788
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.87.2, kernel-default-4.12.14-lp151.28.87.2, kernel-docs-4.12.14-lp151.28.87.1, kernel-kvmsmall-4.12.14-lp151.28.87.2, kernel-obs-build-4.12.14-lp151.28.87.2, kernel-obs-qa-4.12.14-lp151.28.87.2, kernel-source-4.12.14-lp151.28.87.1, kernel-syms-4.12.14-lp151.28.87.1, kernel-vanilla-4.12.14-lp151.28.87.2
Comment 31 Swamp Workflow Management 2020-12-11 20:17:16 UTC
SUSE-SU-2020:3766-1: An update that solves 11 vulnerabilities and has 68 fixes is now available.

Category: security (important)
Bug References: 1050242,1050536,1050545,1050549,1056653,1056657,1056787,1064802,1066129,1067665,1103990,1103992,1104389,1104393,1109837,1110096,1111666,1112178,1112374,1118657,1122971,1136460,1136461,1139944,1158775,1170139,1170630,1172542,1172873,1174726,1174852,1175916,1176109,1176558,1176559,1176956,1177304,1177397,1177666,1177805,1177808,1177809,1177819,1177820,1178182,1178270,1178589,1178590,1178634,1178635,1178669,1178838,1178853,1178854,1178878,1178886,1178897,1178940,1178962,1179107,1179140,1179141,1179204,1179211,1179213,1179259,1179403,1179406,1179418,1179419,1179421,1179424,1179426,1179427,1179429,1179520,1179578,1179601,1179663
CVE References: CVE-2018-20669,CVE-2019-20934,CVE-2020-15436,CVE-2020-15437,CVE-2020-25669,CVE-2020-27777,CVE-2020-27786,CVE-2020-28915,CVE-2020-28974,CVE-2020-29371,CVE-2020-4788
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.25.1, kernel-rt_debug-4.12.14-10.25.1, kernel-source-rt-4.12.14-10.25.1, kernel-syms-rt-4.12.14-10.25.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2020-12-14 23:23:09 UTC
SUSE-SU-2020:3798-1: An update that solves 11 vulnerabilities and has 80 fixes is now available.

Category: security (important)
Bug References: 1050242,1050536,1050545,1050549,1056653,1056657,1056787,1064802,1066129,1067665,1103990,1103992,1104389,1104393,1109837,1110096,1111666,1112178,1112374,1118657,1122971,1136460,1136461,1139944,1158775,1170139,1170630,1172542,1172694,1174726,1174852,1175916,1176109,1176558,1176559,1176956,1177304,1177397,1177666,1177805,1177808,1177819,1177820,1178182,1178270,1178589,1178590,1178634,1178635,1178669,1178853,1178854,1178878,1178886,1178897,1178940,1178962,1179107,1179140,1179141,1179204,1179211,1179213,1179259,1179403,1179406,1179418,1179419,1179421,1179424,1179426,1179427,1179429,1179520,1179578,1179601,1179616,1179663,1179666,1179670,1179671,1179672,1179673,1179711,1179713,1179714,1179715,1179716,1179722,1179723,1179724
CVE References: CVE-2018-20669,CVE-2019-20934,CVE-2020-15436,CVE-2020-15437,CVE-2020-25669,CVE-2020-27777,CVE-2020-27786,CVE-2020-28915,CVE-2020-28974,CVE-2020-29371,CVE-2020-4788
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.44.2, kernel-rt_debug-4.12.14-14.44.2, kernel-source-rt-4.12.14-14.44.2, kernel-syms-rt-4.12.14-14.44.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2021-01-12 23:22:41 UTC
SUSE-SU-2021:0098-1: An update that solves 14 vulnerabilities and has 86 fixes is now available.

Category: security (moderate)
Bug References: 1040855,1044120,1044767,1050242,1050536,1050545,1055117,1056653,1056657,1056787,1064802,1065729,1066129,1094840,1103990,1103992,1104389,1104393,1109695,1109837,1110096,1111666,1112178,1112374,1114648,1115431,1118657,1122971,1136460,1136461,1138374,1139944,1152457,1158775,1164780,1171078,1172538,1172694,1174784,1174852,1176558,1176559,1176956,1177666,1178270,1178401,1178590,1178634,1178762,1179014,1179015,1179045,1179082,1179107,1179141,1179142,1179204,1179403,1179406,1179418,1179419,1179421,1179429,1179444,1179520,1179578,1179601,1179616,1179663,1179666,1179670,1179671,1179672,1179673,1179711,1179713,1179714,1179715,1179716,1179722,1179723,1179724,1179745,1179810,1179888,1179895,1179896,1179960,1179963,1180027,1180028,1180029,1180030,1180031,1180032,1180052,1180086,1180117,1180258,1180506
CVE References: CVE-2018-20669,CVE-2019-20934,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-15436,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-29371,CVE-2020-29660,CVE-2020-29661,CVE-2020-4788
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.41.1, kernel-source-azure-4.12.14-16.41.1, kernel-syms-azure-4.12.14-16.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2021-01-12 23:34:22 UTC
SUSE-SU-2021:0097-1: An update that solves 15 vulnerabilities and has 83 fixes is now available.

Category: security (moderate)
Bug References: 1040855,1044120,1044767,1050242,1050536,1050545,1055117,1056653,1056657,1056787,1064802,1065729,1066129,1094840,1103990,1103992,1104389,1104393,1109695,1109837,1110096,1111666,1112178,1112374,1115431,1118657,1122971,1136460,1136461,1138374,1139944,1144912,1152457,1158775,1164780,1168952,1171078,1172145,1172538,1172694,1173834,1174784,1174852,1176558,1176559,1176956,1177666,1178270,1178401,1178590,1178634,1178762,1179014,1179015,1179045,1179082,1179107,1179141,1179142,1179204,1179403,1179406,1179418,1179419,1179421,1179429,1179444,1179520,1179578,1179601,1179663,1179670,1179671,1179672,1179673,1179711,1179713,1179714,1179715,1179716,1179722,1179723,1179724,1179745,1179810,1179888,1179895,1179896,1179960,1179963,1180027,1180029,1180031,1180052,1180086,1180117,1180258,1180506
CVE References: CVE-2018-20669,CVE-2019-20934,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-11668,CVE-2020-15436,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-29371,CVE-2020-29660,CVE-2020-29661,CVE-2020-4788
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.58.1, kernel-source-azure-4.12.14-8.58.1, kernel-syms-azure-4.12.14-8.58.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2021-01-15 11:20:02 UTC
SUSE-SU-2021:0133-1: An update that solves 14 vulnerabilities and has 85 fixes is now available.

Category: security (important)
Bug References: 1040855,1044120,1044767,1050242,1050536,1050545,1055117,1056653,1056657,1056787,1064802,1065729,1066129,1094840,1103990,1103992,1104389,1104393,1109695,1109837,1110096,1112178,1112374,1114648,1115431,1118657,1122971,1129770,1136460,1136461,1138374,1139944,1144912,1152457,1163727,1164780,1171078,1172145,1172538,1172694,1174784,1174852,1176558,1176559,1176956,1177666,1178270,1178372,1178401,1178590,1178634,1178762,1179014,1179015,1179045,1179082,1179107,1179142,1179204,1179403,1179406,1179418,1179419,1179421,1179444,1179520,1179578,1179601,1179616,1179663,1179666,1179670,1179671,1179672,1179673,1179711,1179713,1179714,1179715,1179716,1179722,1179723,1179724,1179745,1179810,1179888,1179895,1179896,1179960,1179963,1180027,1180029,1180031,1180052,1180086,1180117,1180258,1180506,1180559
CVE References: CVE-2018-20669,CVE-2019-20934,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-28374,CVE-2020-29660,CVE-2020-29661,CVE-2020-36158,CVE-2020-4788
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.57.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.57.1, kernel-obs-build-4.12.14-122.57.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.57.1, kernel-source-4.12.14-122.57.1, kernel-syms-4.12.14-122.57.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.57.1, kgraft-patch-SLE12-SP5_Update_14-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.57.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.