Bug 1149591 – VUL-0: CVE-2018-21008: kernel-source: use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c

Bug 1149591 - (CVE-2018-21008) VUL-0: CVE-2018-21008: kernel-source: use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c

(CVE-2018-21008)
Summary:	VUL-0: CVE-2018-21008: kernel-source: use-after-free can be caused by the fun...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/241748/
Whiteboard:	CVSSv2:NVD:CVE-2018-21008:4.9:(AV:L/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2019-09-05 11:46 UTC by Alexandros Toptsoglou
Modified:	2020-07-10 14:52 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexandros Toptsoglou 2019-09-05 11:46:20 UTC

CVE-2018-21008

An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can
be caused by the function rsi_mac80211_detach in the file
drivers/net/wireless/rsi/rsi_91x_mac80211.c.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-21008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21008
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abd39c6ded9db53aa44c2540092bdd5fb6590fa8
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.7

Comment 1 Alexandros Toptsoglou 2019-09-05 11:50:01 UTC

The issue introduced in version 3.15 at commit [1]. The fix [2] is introduced in version 4.16.7. Based on this tracked as affected the branches 4.X

Comment 2 Alexandros Toptsoglou 2019-09-05 11:50:49 UTC

(In reply to Alexandros Toptsoglou from comment #1)
> The issue introduced in version 3.15 at commit [1]. The fix [2] is
> introduced in version 4.16.7. Based on this tracked as affected the branches
> 4.X

[1]https://github.com/torvalds/linux/commit/dad0d04fa7ba41ce603a01e8e64967650303e9a2
[2]https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abd39c6ded9db53aa44c2540092bdd5fb6590fa8

Comment 3 Takashi Iwai 2019-09-05 12:35:11 UTC

Backported to SLE15 branch.

Reassigned back to security team.

Comment 6 Swamp Workflow Management 2019-09-17 14:11:50 UTC

This is an autogenerated message for OBS integration:
This bug (1149591) was mentioned in
https://build.opensuse.org/request/show/731541 15.0 / kernel-source

Comment 9 Swamp Workflow Management 2019-09-19 22:44:44 UTC

This is an autogenerated message for OBS integration:
This bug (1149591) was mentioned in
https://build.opensuse.org/request/show/732033 15.1 / kernel-source

Comment 10 Swamp Workflow Management 2019-09-20 13:35:51 UTC

SUSE-SU-2019:2414-1: An update that solves 39 vulnerabilities and has 180 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1078248,1082555,1085030,1085536,1085539,1086103,1087092,1090734,1091171,1093205,1102097,1104902,1106061,1106284,1106434,1108382,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1114279,1114542,1118689,1119086,1120876,1120902,1120937,1123105,1123959,1124370,1129424,1129519,1129664,1131107,1131281,1131565,1133021,1134291,1134881,1134882,1135219,1135642,1135897,1136261,1137811,1137884,1138539,1139020,1139021,1139101,1139500,1140012,1140426,1140487,1141450,1141543,1141554,1142019,1142076,1142109,1142117,1142118,1142119,1142496,1142541,1142635,1142685,1142701,1142857,1143300,1143466,1143765,1143841,1143843,1144123,1144333,1144474,1144518,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145051,1145059,1145189,1145235,1145300,1145302,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1146074,1146084,1146163,1146285,1146346,1146351,1146352,1146361,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146543,1146547,1146550,1146575,1146589,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148303,1148363,1148379,1148394,1148527,1148574,1148616,1148617,1148619,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149325,1149376,1149413,1149418,1149424,1149522,1149527,1149539,1149552,1149591,1149602,1149612,1149626,1149652,1149713,1149940,1149976,1150025,1150033,1150112,1150562,1150727,1150860,1150861,1150933
CVE References: CVE-2017-18551,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.35.1, kernel-livepatch-SLE15_Update_14-1-1.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 11 Swamp Workflow Management 2019-09-20 14:02:44 UTC

SUSE-SU-2019:2412-1: An update that solves 40 vulnerabilities and has 184 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1078248,1082555,1085030,1085536,1085539,1086103,1087092,1090734,1091171,1093205,1102097,1104902,1106061,1106284,1106434,1108382,1112178,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1114279,1114542,1118689,1119086,1120876,1120902,1120937,1123105,1123959,1124370,1129424,1129519,1129664,1131107,1131281,1131565,1133021,1134291,1134881,1134882,1135219,1135642,1135897,1136261,1137069,1137884,1138539,1139020,1139021,1139101,1139500,1140012,1140426,1140487,1141013,1141450,1141543,1141554,1142019,1142076,1142109,1142117,1142118,1142119,1142496,1142541,1142635,1142685,1142701,1142857,1143300,1143466,1143765,1143841,1143843,1144123,1144333,1144474,1144518,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145024,1145051,1145059,1145189,1145235,1145300,1145302,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1146074,1146084,1146163,1146285,1146346,1146351,1146352,1146361,1146368,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146516,1146519,1146524,1146526,1146529,1146531,1146543,1146547,1146550,1146575,1146589,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148303,1148363,1148379,1148394,1148527,1148574,1148616,1148617,1148619,1148698,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149325,1149376,1149413,1149418,1149424,1149522,1149527,1149539,1149552,1149591,1149602,1149612,1149626,1149652,1149713,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150562,1150727,1150860,1150861,1150933
CVE References: CVE-2017-18551,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15099,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.32.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.32.1, kernel-obs-build-4.12.14-95.32.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.32.1, kernel-source-4.12.14-95.32.1, kernel-syms-4.12.14-95.32.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.32.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.32.1, kernel-source-4.12.14-95.32.1, kernel-syms-4.12.14-95.32.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 12 Swamp Workflow Management 2019-09-20 14:35:09 UTC

SUSE-SU-2019:2412-1: An update that solves 40 vulnerabilities and has 184 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1078248,1082555,1085030,1085536,1085539,1086103,1087092,1090734,1091171,1093205,1102097,1104902,1106061,1106284,1106434,1108382,1112178,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1114279,1114542,1118689,1119086,1120876,1120902,1120937,1123105,1123959,1124370,1129424,1129519,1129664,1131107,1131281,1131565,1133021,1134291,1134881,1134882,1135219,1135642,1135897,1136261,1137069,1137884,1138539,1139020,1139021,1139101,1139500,1140012,1140426,1140487,1141013,1141450,1141543,1141554,1142019,1142076,1142109,1142117,1142118,1142119,1142496,1142541,1142635,1142685,1142701,1142857,1143300,1143466,1143765,1143841,1143843,1144123,1144333,1144474,1144518,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145024,1145051,1145059,1145189,1145235,1145300,1145302,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1146074,1146084,1146163,1146285,1146346,1146351,1146352,1146361,1146368,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146516,1146519,1146524,1146526,1146529,1146531,1146543,1146547,1146550,1146575,1146589,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148303,1148363,1148379,1148394,1148527,1148574,1148616,1148617,1148619,1148698,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149325,1149376,1149413,1149418,1149424,1149522,1149527,1149539,1149552,1149591,1149602,1149612,1149626,1149652,1149713,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150562,1150727,1150860,1150861,1150933
CVE References: CVE-2017-18551,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15099,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.32.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.32.1, kernel-obs-build-4.12.14-95.32.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.32.1, kernel-source-4.12.14-95.32.1, kernel-syms-4.12.14-95.32.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_8-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.32.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.32.1, kernel-source-4.12.14-95.32.1, kernel-syms-4.12.14-95.32.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 13 Swamp Workflow Management 2019-09-20 15:13:06 UTC

SUSE-SU-2019:2414-1: An update that solves 39 vulnerabilities and has 180 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1078248,1082555,1085030,1085536,1085539,1086103,1087092,1090734,1091171,1093205,1102097,1104902,1106061,1106284,1106434,1108382,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1114279,1114542,1118689,1119086,1120876,1120902,1120937,1123105,1123959,1124370,1129424,1129519,1129664,1131107,1131281,1131565,1133021,1134291,1134881,1134882,1135219,1135642,1135897,1136261,1137811,1137884,1138539,1139020,1139021,1139101,1139500,1140012,1140426,1140487,1141450,1141543,1141554,1142019,1142076,1142109,1142117,1142118,1142119,1142496,1142541,1142635,1142685,1142701,1142857,1143300,1143466,1143765,1143841,1143843,1144123,1144333,1144474,1144518,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145051,1145059,1145189,1145235,1145300,1145302,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1146074,1146084,1146163,1146285,1146346,1146351,1146352,1146361,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146543,1146547,1146550,1146575,1146589,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148303,1148363,1148379,1148394,1148527,1148574,1148616,1148617,1148619,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149325,1149376,1149413,1149418,1149424,1149522,1149527,1149539,1149552,1149591,1149602,1149612,1149626,1149652,1149713,1149940,1149976,1150025,1150033,1150112,1150562,1150727,1150860,1150861,1150933
CVE References: CVE-2017-18551,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.35.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.35.1, kernel-docs-4.12.14-150.35.1, kernel-obs-qa-4.12.14-150.35.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.35.1, kernel-livepatch-SLE15_Update_14-1-1.3.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.35.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.35.1, kernel-obs-build-4.12.14-150.35.1, kernel-source-4.12.14-150.35.1, kernel-syms-4.12.14-150.35.1, kernel-vanilla-4.12.14-150.35.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.35.1, kernel-source-4.12.14-150.35.1, kernel-zfcpdump-4.12.14-150.35.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.35.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 14 Swamp Workflow Management 2019-09-20 19:39:58 UTC

SUSE-SU-2019:2424-1: An update that solves 40 vulnerabilities and has 222 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1078248,1082555,1082635,1085030,1085536,1085539,1086103,1087092,1090734,1091171,1093205,1102097,1103990,1104353,1104427,1104745,1104902,1106061,1106284,1106434,1108382,1109837,1111666,1112178,1112374,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1113994,1114279,1114542,1118689,1119086,1119113,1120046,1120876,1120902,1123105,1123959,1124370,1129424,1129519,1129664,1131107,1131281,1131489,1131565,1133021,1134291,1134476,1134881,1134882,1135219,1135642,1135897,1135990,1136039,1136261,1136346,1136349,1136352,1136496,1136498,1136502,1136682,1137322,1137323,1137884,1138099,1138100,1138539,1139020,1139021,1139101,1139500,1140012,1140426,1140487,1141340,1141450,1141543,1141554,1142019,1142076,1142109,1142117,1142118,1142119,1142496,1142541,1142635,1142685,1142701,1142857,1143300,1143331,1143466,1143706,1143738,1143765,1143841,1143843,1143962,1144123,1144333,1144375,1144474,1144518,1144582,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145018,1145051,1145059,1145189,1145235,1145256,1145300,1145302,1145357,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145446,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1145946,1146074,1146084,1146141,1146163,1146215,1146285,1146346,1146351,1146352,1146361,1146368,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146516,1146519,1146524,1146526,1146529,1146531,1146543,1146547,1146550,1146575,1146589,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148219,1148297,1148303,1148308,1148363,1148379,1148394,1148527,1148570,1148574,1148616,1148617,1148619,1148698,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149325,1149376,1149413,1149418,1149424,1149522,1149527,1149539,1149552,1149591,1149602,1149612,1149626,1149652,1149713,1149940,1149976,1150025,1150033,1150112,1150562,1150727,1150860,1150861,1150933
CVE References: CVE-2017-18551,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15099,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.18.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.18.1, kernel-debug-4.12.14-197.18.1, kernel-default-4.12.14-197.18.1, kernel-docs-4.12.14-197.18.1, kernel-kvmsmall-4.12.14-197.18.1, kernel-obs-qa-4.12.14-197.18.1, kernel-source-4.12.14-197.18.1, kernel-vanilla-4.12.14-197.18.1, kernel-zfcpdump-4.12.14-197.18.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.18.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.18.1, kernel-obs-build-4.12.14-197.18.1, kernel-source-4.12.14-197.18.1, kernel-syms-4.12.14-197.18.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.18.1, kernel-source-4.12.14-197.18.1, kernel-zfcpdump-4.12.14-197.18.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 15 Swamp Workflow Management 2019-09-24 13:47:13 UTC

openSUSE-SU-2019:2173-1: An update that solves 38 vulnerabilities and has 159 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1078248,1082555,1085030,1085536,1085539,1087092,1090734,1091171,1093205,1102097,1104902,1106284,1106434,1108382,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1114279,1114542,1118689,1119086,1120876,1120902,1120937,1123105,1124370,1129424,1129519,1129664,1131107,1131565,1134291,1134881,1134882,1135219,1135642,1136261,1137884,1138539,1139020,1139021,1140012,1140487,1141543,1141554,1142019,1142076,1142109,1142541,1142635,1143300,1143765,1143841,1143843,1144123,1144333,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145051,1145059,1145189,1145235,1145300,1145302,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1146074,1146084,1146163,1146285,1146346,1146351,1146352,1146361,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146543,1146547,1146550,1146575,1146589,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148303,1148363,1148379,1148394,1148527,1148574,1148616,1148617,1148619,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149325,1149376,1149413,1149418,1149424,1149522,1149527,1149539,1149552,1149591,1149602,1149612,1149626,1149652,1149713,1149940,1149976,1150025,1150033,1150112,1150562,1150727,1150860,1150861,1150933
CVE References: CVE-2017-18551,CVE-2018-20976,CVE-2018-21008,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.73.1, kernel-default-4.12.14-lp150.12.73.1, kernel-docs-4.12.14-lp150.12.73.1, kernel-kvmsmall-4.12.14-lp150.12.73.1, kernel-obs-build-4.12.14-lp150.12.73.1, kernel-obs-qa-4.12.14-lp150.12.73.1, kernel-source-4.12.14-lp150.12.73.1, kernel-syms-4.12.14-lp150.12.73.1, kernel-vanilla-4.12.14-lp150.12.73.1

Comment 16 Swamp Workflow Management 2019-09-24 22:39:18 UTC

openSUSE-SU-2019:2181-1: An update that solves 39 vulnerabilities and has 203 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1078248,1082555,1082635,1085030,1085536,1085539,1087092,1090734,1091171,1093205,1102097,1103990,1104353,1104427,1104745,1104902,1106284,1106434,1108382,1109837,1111666,1112178,1112374,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1113994,1114279,1114542,1118689,1119086,1119113,1120046,1120876,1120902,1123105,1124370,1129424,1129519,1129664,1131107,1131489,1131565,1134291,1134476,1134881,1134882,1135219,1135642,1135990,1136039,1136261,1136346,1136349,1136496,1136498,1136682,1137322,1137323,1137884,1138099,1138100,1138539,1139020,1139021,1140012,1140487,1141340,1141543,1141554,1142019,1142076,1142109,1142496,1142541,1142635,1142685,1143300,1143331,1143706,1143765,1143841,1143843,1143962,1144123,1144333,1144375,1144582,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145018,1145051,1145059,1145189,1145235,1145256,1145300,1145302,1145357,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145446,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1145946,1146074,1146084,1146141,1146163,1146215,1146285,1146346,1146351,1146352,1146361,1146368,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146543,1146547,1146550,1146575,1146589,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148219,1148297,1148303,1148308,1148363,1148379,1148394,1148527,1148570,1148574,1148616,1148617,1148619,1148698,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149325,1149376,1149413,1149418,1149424,1149522,1149527,1149539,1149552,1149591,1149602,1149612,1149626,1149652,1149713,1149940,1149976,1150025,1150033,1150112,1150562,1150727,1150860,1150861,1150933
CVE References: CVE-2017-18551,CVE-2018-20976,CVE-2018-21008,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15099,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.16.1, kernel-default-4.12.14-lp151.28.16.1, kernel-docs-4.12.14-lp151.28.16.1, kernel-kvmsmall-4.12.14-lp151.28.16.1, kernel-obs-build-4.12.14-lp151.28.16.1, kernel-obs-qa-4.12.14-lp151.28.16.1, kernel-source-4.12.14-lp151.28.16.1, kernel-syms-4.12.14-lp151.28.16.1, kernel-vanilla-4.12.14-lp151.28.16.1

Comment 20 Swamp Workflow Management 2019-10-14 13:42:03 UTC

SUSE-SU-2019:2651-1: An update that solves 42 vulnerabilities and has 210 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1071995,1078248,1082555,1085030,1085536,1085539,1087092,1090734,1091171,1093205,1102097,1104902,1104967,1106061,1106284,1106434,1108382,1109158,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1114279,1114542,1118689,1119086,1120876,1120902,1120937,1123034,1123105,1124370,1127988,1129424,1129519,1129664,1131107,1131304,1131565,1134291,1134881,1134882,1135219,1135642,1135897,1136261,1137069,1137865,1137884,1137959,1138539,1139020,1139021,1139101,1139500,1140012,1140155,1140426,1140487,1141013,1141450,1141543,1141554,1142019,1142076,1142109,1142117,1142118,1142119,1142496,1142541,1142635,1142685,1142701,1143300,1143466,1143765,1143841,1143843,1144123,1144333,1144474,1144518,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145051,1145059,1145134,1145189,1145235,1145300,1145302,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1146042,1146074,1146084,1146163,1146285,1146346,1146351,1146352,1146361,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146540,1146543,1146547,1146550,1146575,1146589,1146664,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148303,1148363,1148379,1148394,1148527,1148574,1148616,1148617,1148619,1148712,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149313,1149325,1149376,1149413,1149418,1149424,1149446,1149522,1149527,1149539,1149552,1149555,1149591,1149602,1149612,1149626,1149651,1149652,1149713,1149940,1149976,1150025,1150033,1150112,1150381,1150423,1150562,1150727,1150860,1150861,1150933,1151350,1151610,1151667,1151680,1151891,1151955,1152024,1152025,1152026,1152161,1152325,1152457,1152460,1152466,1152972,1152974,1152975
CVE References: CVE-2017-18551,CVE-2017-18595,CVE-2018-20976,CVE-2018-21008,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14821,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15291,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.41.1, kernel-source-azure-4.12.14-5.41.1, kernel-syms-azure-4.12.14-5.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 21 Swamp Workflow Management 2019-10-14 19:46:47 UTC

SUSE-SU-2019:2658-1: An update that solves 45 vulnerabilities and has 270 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1071995,1078248,1082555,1082635,1085030,1085536,1085539,1086103,1087092,1090734,1091171,1093205,1102097,1103990,1104353,1104427,1104745,1104902,1104967,1106061,1106284,1106434,1108382,1109158,1109837,1111666,1112178,1112374,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1113994,1114279,1114542,1118689,1119086,1119113,1120046,1120876,1120902,1123034,1123105,1123959,1124370,1127988,1129424,1129519,1129664,1131107,1131281,1131304,1131489,1131565,1132686,1133021,1134291,1134476,1134881,1134882,1135219,1135642,1135897,1135990,1136039,1136261,1136346,1136349,1136352,1136496,1136498,1136502,1136682,1137069,1137322,1137323,1137586,1137865,1137884,1137959,1137982,1138099,1138100,1138539,1139020,1139021,1139101,1139500,1140012,1140155,1140426,1140487,1141013,1141340,1141450,1141543,1141554,1142019,1142076,1142109,1142117,1142118,1142119,1142496,1142541,1142635,1142685,1142701,1142857,1143300,1143331,1143466,1143706,1143738,1143765,1143841,1143843,1143962,1144123,1144333,1144375,1144474,1144518,1144582,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145018,1145051,1145059,1145134,1145189,1145235,1145256,1145300,1145302,1145357,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145446,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1145946,1146042,1146074,1146084,1146141,1146163,1146215,1146285,1146346,1146351,1146352,1146361,1146368,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146540,1146543,1146547,1146550,1146575,1146589,1146664,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148219,1148297,1148303,1148308,1148363,1148379,1148394,1148527,1148570,1148574,1148616,1148617,1148619,1148698,1148712,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149313,1149325,1149376,1149413,1149418,1149424,1149446,1149522,1149527,1149539,1149552,1149555,1149591,1149602,1149612,1149626,1149651,1149652,1149713,1149940,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150562,1150727,1150846,1150860,1150861,1150933,1151067,1151192,1151350,1151610,1151661,1151662,1151667,1151680,1151891,1151955,1152024,1152025,1152026,1152161,1152187,1152243,1152325,1152457,1152460,1152466,1152525,1152972,1152974,1152975
CVE References: CVE-2017-18551,CVE-2017-18595,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-11477,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14821,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15099,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15291,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.16.1, kernel-source-azure-4.12.14-8.16.1, kernel-syms-azure-4.12.14-8.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Swamp Workflow Management 2019-10-22 16:47:50 UTC

SUSE-SU-2019:2738-1: An update that solves 40 vulnerabilities and has 225 fixes is now available.

Category: security (important)
Bug References: 1047238,1050911,1051510,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1078248,1082555,1082635,1085030,1085536,1085539,1086103,1087092,1090734,1091171,1093205,1102097,1103990,1104353,1104427,1104745,1104902,1106061,1106284,1106434,1108382,1109837,1111666,1112178,1112374,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1113994,1114279,1114542,1118689,1119086,1119113,1120046,1120876,1120902,1123105,1123959,1124370,1129424,1129519,1129664,1131107,1131281,1131489,1131565,1132426,1133021,1134291,1134476,1134881,1134882,1135219,1135642,1135897,1135990,1136039,1136261,1136346,1136349,1136352,1136496,1136498,1136502,1136682,1137322,1137323,1137884,1138099,1138100,1138539,1139020,1139021,1139101,1139500,1140012,1140426,1140487,1141340,1141450,1141543,1141554,1142019,1142076,1142109,1142117,1142118,1142119,1142496,1142541,1142635,1142685,1142701,1142857,1143300,1143331,1143466,1143706,1143738,1143765,1143841,1143843,1143962,1144123,1144333,1144375,1144474,1144518,1144582,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145018,1145051,1145059,1145189,1145235,1145256,1145300,1145302,1145357,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145446,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1145946,1146074,1146084,1146141,1146163,1146215,1146285,1146346,1146351,1146352,1146361,1146368,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146543,1146547,1146550,1146575,1146589,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148219,1148297,1148303,1148308,1148363,1148379,1148394,1148527,1148570,1148574,1148616,1148617,1148619,1148698,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149325,1149376,1149413,1149418,1149424,1149522,1149527,1149539,1149552,1149591,1149602,1149612,1149626,1149652,1149713,1149940,1149976,1150025,1150033,1150112,1150562,1150727,1150860,1150861,1150933
CVE References: CVE-2017-18551,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15099,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.11.1, kernel-rt_debug-4.12.14-14.11.1, kernel-source-rt-4.12.14-14.11.1, kernel-syms-rt-4.12.14-14.11.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.11.1, kernel-rt_debug-4.12.14-14.11.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Swamp Workflow Management 2019-10-23 20:00:09 UTC

SUSE-SU-2019:2756-1: An update that solves 44 vulnerabilities and has 368 fixes is now available.

Category: security (important)
Bug References: 1012382,1047238,1050911,1051510,1053043,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1071995,1078248,1082555,1083647,1083710,1085030,1085536,1085539,1086103,1087092,1088047,1090734,1091171,1093205,1094555,1098633,1102097,1102247,1104902,1104967,1106061,1106284,1106383,1106434,1106751,1108382,1109137,1109158,1111666,1112178,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1114279,1114542,1115688,1117158,1118139,1118689,1119086,1119222,1119532,1120423,1120566,1120876,1120902,1120937,1123034,1123080,1123105,1123959,1124167,1124370,1124503,1127034,1127155,1127315,1127988,1128432,1128902,1128910,1129424,1129519,1129664,1129770,1130972,1131107,1131281,1131304,1131565,1132154,1132390,1132686,1133021,1133401,1134097,1134291,1134303,1134390,1134671,1134881,1134882,1135219,1135296,1135335,1135556,1135642,1135661,1135897,1136157,1136261,1136811,1136896,1136935,1136990,1137069,1137162,1137221,1137366,1137372,1137429,1137444,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137739,1137752,1137811,1137827,1137865,1137884,1137959,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138374,1138375,1138539,1138589,1138719,1139020,1139021,1139101,1139500,1139771,1139782,1139865,1140012,1140133,1140139,1140155,1140322,1140328,1140405,1140424,1140426,1140428,1140487,1140637,1140652,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141013,1141401,1141402,1141450,1141452,1141453,1141454,1141478,1141543,1141554,1142019,1142076,1142109,1142112,1142117,1142118,1142119,1142129,1142220,1142221,1142350,1142351,1142354,1142359,1142450,1142496,1142541,1142635,1142685,1142701,1142857,1142868,1143003,1143105,1143185,1143300,1143466,1143507,1143765,1143841,1143843,1144123,1144333,1144474,1144518,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145024,1145051,1145059,1145189,1145235,1145300,1145302,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1146042,1146074,1146084,1146163,1146285,1146346,1146351,1146352,1146361,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146540,1146543,1146547,1146550,1146575,1146589,1146664,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148303,1148363,1148379,1148394,1148527,1148574,1148616,1148617,1148619,1148698,1148712,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149313,1149325,1149376,1149413,1149418,1149424,1149446,1149522,1149527,1149539,1149552,1149555,1149591,1149602,1149612,1149626,1149651,1149652,1149713,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150381,1150423,1150562,1150727,1150860,1150861,1150933,1151350,1151610,1151667,1151671,1151891,1151955,1152024,1152025,1152026,1152161,1152325,1152457,1152460,1152466,1152972,1152974,1152975
CVE References: CVE-2017-18551,CVE-2017-18595,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-11479,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14821,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15291,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.6.1, kernel-rt_debug-4.12.14-8.6.1, kernel-source-rt-4.12.14-8.6.1, kernel-syms-rt-4.12.14-8.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 26 Takashi Iwai 2020-02-04 15:43:00 UTC

The fix pushed now to cve/linux-4.4 branch.

Comment 29 Swamp Workflow Management 2020-05-12 13:20:34 UTC

SUSE-SU-2020:1255-1: An update that solves 53 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1037216,1075091,1075994,1087082,1087813,1091041,1099279,1120386,1131107,1133147,1136449,1137325,1146519,1146544,1146612,1149591,1153811,1154844,1155311,1155897,1156060,1157038,1157042,1157070,1157143,1157155,1157157,1157158,1157303,1157324,1157333,1157464,1157804,1157923,1158021,1158132,1158381,1158394,1158398,1158410,1158413,1158417,1158427,1158445,1158819,1158823,1158824,1158827,1158834,1158900,1158903,1158904,1159199,1159285,1159297,1159841,1159908,1159910,1159911,1159912,1160195,1162227,1162298,1162928,1162929,1162931,1163971,1164069,1164078,1164846,1165111,1165311,1165873,1165881,1165984,1165985,1167629,1168075,1168295,1168424,1168829,1168854,1170056,1170345,1170778
CVE References: CVE-2017-18255,CVE-2018-21008,CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-18660,CVE-2019-18675,CVE-2019-18683,CVE-2019-19052,CVE-2019-19062,CVE-2019-19066,CVE-2019-19073,CVE-2019-19074,CVE-2019-19319,CVE-2019-19332,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19767,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20096,CVE-2019-3701,CVE-2019-5108,CVE-2019-9455,CVE-2019-9458,CVE-2020-10690,CVE-2020-10720,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-2732,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.129.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Swamp Workflow Management 2020-05-14 13:16:35 UTC

SUSE-SU-2020:1275-1: An update that solves 35 vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 1056134,1087813,1120386,1133147,1137325,1145929,1149591,1154118,1154844,1155689,1157155,1157157,1157303,1157804,1158021,1158642,1158819,1159199,1159285,1159297,1159841,1159908,1159910,1159911,1159912,1160195,1161586,1162227,1162928,1162929,1162931,1163508,1163971,1164009,1164051,1164069,1164078,1164846,1165111,1165311,1165873,1165881,1165984,1165985,1167421,1167423,1167629,1168075,1168295,1168424,1168829,1168854,1170056,1170345,1170778,1170847
CVE References: CVE-2017-18255,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-21008,CVE-2019-11091,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-18675,CVE-2019-19066,CVE-2019-19319,CVE-2019-19447,CVE-2019-19767,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20096,CVE-2019-3701,CVE-2019-5108,CVE-2019-9455,CVE-2019-9458,CVE-2020-10690,CVE-2020-10720,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-2732,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.116.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Alexandros Toptsoglou 2020-07-10 14:52:43 UTC

Done