Bug 1084536 - (CVE-2018-7757) VUL-0: CVE-2018-7757: kernel-source: Memory leak in the sas_smp_get_phy_events function indrivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allowslocal users to cause a denial of service (memory consumption) via many r
(CVE-2018-7757)
VUL-0: CVE-2018-7757: kernel-source: Memory leak in the sas_smp_get_phy_event...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Hannes Reinecke
Security Team bot
https://smash.suse.de/issue/201479/
CVSSv3:SUSE:CVE-2018-7757:5.5:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-03-08 16:39 UTC by Marcus Meissner
Modified: 2020-06-16 18:01 UTC (History)
5 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-03-08 16:39:14 UTC
CVE-2018-7757

Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows
local users to cause a denial of service (memory consumption) via many read
accesses to files in the /sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7757
https://github.com/torvalds/linux/commit/4a491b1ab11ca0556d2fda1ff1301e862a2d44c4
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4a491b1ab11ca0556d2fda1ff1301e862a2d44c4
Comment 1 Marcus Meissner 2018-03-08 16:56:08 UTC
fixes is in  v2.6.19
Comment 3 Hannes Reinecke 2018-04-12 12:52:50 UTC
Present in SLE12 SP3.
Comment 4 Hannes Reinecke 2018-04-12 12:59:27 UTC
Pushed to users/hare/cve/linux-4.4/for-next.
Comment 5 Hannes Reinecke 2018-04-12 13:03:03 UTC
Pushed to users/hare/cve/linux-3.12/for-next.
Comment 6 Hannes Reinecke 2018-04-12 13:29:17 UTC
Pushed to users/hare/cve/linux-3.0/for-next.
Comment 7 Hannes Reinecke 2018-04-12 13:41:02 UTC
Pushed to users/hare/cve/linux-2.6.32/for-next.
Comment 9 Takashi Iwai 2018-04-20 12:23:12 UTC
The cve/linux-4.4 pull request can't be accepted due to conflicts.
Please refer to bug 1082863.
Comment 10 Swamp Workflow Management 2018-04-25 19:13:34 UTC
SUSE-SU-2018:1080-1: An update that solves 18 vulnerabilities and has 29 fixes is now available.

Category: security (important)
Bug References: 1010470,1013018,1039348,1052943,1062568,1062840,1063416,1063516,1065600,1065999,1067118,1067912,1068032,1072689,1072865,1075088,1075091,1075994,1078669,1078672,1078673,1078674,1080464,1080757,1080813,1081358,1082091,1082424,1083242,1083275,1083483,1083494,1084536,1085113,1085279,1085331,1085513,1086162,1087092,1087260,1087762,1088147,1088260,1089608,909077,940776,943786
CVE References: CVE-2015-5156,CVE-2016-7915,CVE-2017-0861,CVE-2017-12190,CVE-2017-13166,CVE-2017-16644,CVE-2017-16911,CVE-2017-16912,CVE-2017-16913,CVE-2017-16914,CVE-2017-18203,CVE-2017-18208,CVE-2017-5715,CVE-2018-10087,CVE-2018-6927,CVE-2018-7566,CVE-2018-7757,CVE-2018-8822
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-108.38.1
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-108.38.1, kernel-default-3.0.101-108.38.1, kernel-ec2-3.0.101-108.38.1, kernel-pae-3.0.101-108.38.1, kernel-ppc64-3.0.101-108.38.1, kernel-source-3.0.101-108.38.1, kernel-syms-3.0.101-108.38.1, kernel-trace-3.0.101-108.38.1, kernel-xen-3.0.101-108.38.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.38.1, kernel-pae-3.0.101-108.38.1, kernel-ppc64-3.0.101-108.38.1, kernel-trace-3.0.101-108.38.1, kernel-xen-3.0.101-108.38.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-108.38.1, kernel-default-3.0.101-108.38.1, kernel-ec2-3.0.101-108.38.1, kernel-pae-3.0.101-108.38.1, kernel-ppc64-3.0.101-108.38.1, kernel-trace-3.0.101-108.38.1, kernel-xen-3.0.101-108.38.1
Comment 11 Swamp Workflow Management 2018-05-08 22:12:32 UTC
SUSE-SU-2018:1172-1: An update that solves 20 vulnerabilities and has 11 fixes is now available.

Category: security (important)
Bug References: 1010470,1039348,1052943,1062568,1062840,1063416,1067118,1072689,1072865,1078669,1078672,1078673,1078674,1080464,1080757,1082424,1083242,1083483,1083494,1084536,1085331,1086162,1087088,1087209,1087260,1087762,1088147,1088260,1089608,1089752,940776
CVE References: CVE-2015-5156,CVE-2016-7915,CVE-2017-0861,CVE-2017-12190,CVE-2017-13166,CVE-2017-16644,CVE-2017-16911,CVE-2017-16912,CVE-2017-16913,CVE-2017-16914,CVE-2017-18203,CVE-2017-18208,CVE-2018-10087,CVE-2018-10124,CVE-2018-1087,CVE-2018-6927,CVE-2018-7566,CVE-2018-7757,CVE-2018-8822,CVE-2018-8897
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.106.22.1, kernel-default-3.0.101-0.47.106.22.1, kernel-ec2-3.0.101-0.47.106.22.1, kernel-pae-3.0.101-0.47.106.22.1, kernel-source-3.0.101-0.47.106.22.1, kernel-syms-3.0.101-0.47.106.22.1, kernel-trace-3.0.101-0.47.106.22.1, kernel-xen-3.0.101-0.47.106.22.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.106.22.1, kernel-default-3.0.101-0.47.106.22.1, kernel-pae-3.0.101-0.47.106.22.1, kernel-ppc64-3.0.101-0.47.106.22.1, kernel-trace-3.0.101-0.47.106.22.1, kernel-xen-3.0.101-0.47.106.22.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    kernel-default-3.0.101-0.47.106.22.1, kernel-ec2-3.0.101-0.47.106.22.1, kernel-pae-3.0.101-0.47.106.22.1, kernel-source-3.0.101-0.47.106.22.1, kernel-syms-3.0.101-0.47.106.22.1, kernel-trace-3.0.101-0.47.106.22.1, kernel-xen-3.0.101-0.47.106.22.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.106.22.1, kernel-default-3.0.101-0.47.106.22.1, kernel-ec2-3.0.101-0.47.106.22.1, kernel-pae-3.0.101-0.47.106.22.1, kernel-trace-3.0.101-0.47.106.22.1, kernel-xen-3.0.101-0.47.106.22.1
Comment 12 Swamp Workflow Management 2018-05-11 19:08:52 UTC
SUSE-SU-2018:1220-1: An update that solves 11 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 1076537,1082299,1083125,1083242,1083275,1084536,1085279,1085331,1086162,1086194,1087088,1087260,1088147,1088260,1088261,1089608,1089752,1090643
CVE References: CVE-2017-0861,CVE-2017-11089,CVE-2017-13220,CVE-2017-18203,CVE-2018-10087,CVE-2018-10124,CVE-2018-1087,CVE-2018-7757,CVE-2018-8781,CVE-2018-8822,CVE-2018-8897
Sources used:
SUSE OpenStack Cloud 6 (src):    kernel-default-3.12.74-60.64.88.1, kernel-source-3.12.74-60.64.88.1, kernel-syms-3.12.74-60.64.88.1, kernel-xen-3.12.74-60.64.88.1, kgraft-patch-SLE12-SP1_Update_27-1-2.3.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.88.1, kernel-source-3.12.74-60.64.88.1, kernel-syms-3.12.74-60.64.88.1, kernel-xen-3.12.74-60.64.88.1, kgraft-patch-SLE12-SP1_Update_27-1-2.3.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.88.1, kernel-source-3.12.74-60.64.88.1, kernel-syms-3.12.74-60.64.88.1, kernel-xen-3.12.74-60.64.88.1, kgraft-patch-SLE12-SP1_Update_27-1-2.3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.88.1
Comment 13 Swamp Workflow Management 2018-05-11 19:11:44 UTC
SUSE-SU-2018:1221-1: An update that solves 11 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1076537,1082299,1083125,1083242,1084536,1085331,1086162,1087088,1087209,1087260,1088147,1088260,1088261,1089608,1089752,1090643
CVE References: CVE-2017-0861,CVE-2017-11089,CVE-2017-13220,CVE-2017-18203,CVE-2018-10087,CVE-2018-10124,CVE-2018-1087,CVE-2018-7757,CVE-2018-8781,CVE-2018-8822,CVE-2018-8897
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.128.1, kernel-source-3.12.61-52.128.1, kernel-syms-3.12.61-52.128.1, kernel-xen-3.12.61-52.128.1, kgraft-patch-SLE12_Update_34-1-1.3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.128.1
Comment 14 Swamp Workflow Management 2018-05-16 19:17:35 UTC
SUSE-SU-2018:1309-1: An update that solves 18 vulnerabilities and has 36 fixes is now available.

Category: security (important)
Bug References: 1010470,1013018,1032084,1039348,1050431,1052943,1062568,1062840,1063416,1063516,1065600,1065999,1067118,1067912,1068032,1072689,1072865,1075088,1075091,1075994,1078669,1078672,1078673,1078674,1080464,1080757,1080813,1081358,1082091,1082424,1083242,1083275,1083483,1083494,1084536,1085113,1085279,1085331,1085513,1086162,1087092,1087209,1087260,1087762,1088147,1088260,1089608,1089665,1089668,1089752,909077,940776,943786,951638
CVE References: CVE-2015-5156,CVE-2016-7915,CVE-2017-0861,CVE-2017-12190,CVE-2017-13166,CVE-2017-16644,CVE-2017-16911,CVE-2017-16912,CVE-2017-16913,CVE-2017-16914,CVE-2017-18203,CVE-2017-18208,CVE-2018-10087,CVE-2018-10124,CVE-2018-6927,CVE-2018-7566,CVE-2018-7757,CVE-2018-8822
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.24.1, kernel-rt_trace-3.0.101.rt130-69.24.1, kernel-source-rt-3.0.101.rt130-69.24.1, kernel-syms-rt-3.0.101.rt130-69.24.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.24.1, kernel-rt_debug-3.0.101.rt130-69.24.1, kernel-rt_trace-3.0.101.rt130-69.24.1
Comment 15 Marcus Meissner 2018-05-18 15:15:03 UTC
released
Comment 20 Swamp Workflow Management 2018-10-03 08:31:15 UTC
This is an autogenerated message for OBS integration:
This bug (1084536) was mentioned in
https://build.opensuse.org/request/show/639718 42.3 / kernel-source
Comment 21 Swamp Workflow Management 2018-10-04 16:10:43 UTC
SUSE-SU-2018:3003-1: An update that solves 7 vulnerabilities and has 40 fixes is now available.

Category: security (important)
Bug References: 1012382,1044189,1063026,1066223,1082863,1082979,1084427,1084536,1087209,1088087,1090535,1091815,1094244,1094555,1094562,1095344,1095753,1096547,1099810,1102495,1102715,1102870,1102875,1102877,1102879,1102882,1102896,1103156,1103269,1106095,1106434,1106512,1106594,1106934,1107924,1108096,1108170,1108240,1108399,1108803,1108823,1109333,1109336,1109337,1109441,1110297,1110337
CVE References: CVE-2018-14613,CVE-2018-14617,CVE-2018-16276,CVE-2018-16597,CVE-2018-17182,CVE-2018-7480,CVE-2018-7757
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.156-94.57.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.156-94.57.1, kernel-obs-build-4.4.156-94.57.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.156-94.57.1, kernel-source-4.4.156-94.57.1, kernel-syms-4.4.156-94.57.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.156-94.57.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.156-94.57.1, kernel-source-4.4.156-94.57.1, kernel-syms-4.4.156-94.57.1
SUSE CaaS Platform ALL (src):    kernel-default-4.4.156-94.57.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.156-94.57.1
Comment 22 Swamp Workflow Management 2018-10-04 16:19:46 UTC
SUSE-SU-2018:3004-1: An update that solves 7 vulnerabilities and has 40 fixes is now available.

Category: security (important)
Bug References: 1012382,1044189,1063026,1066223,1082863,1082979,1084427,1084536,1087209,1088087,1090535,1091815,1094244,1094555,1094562,1095344,1095753,1096547,1099810,1102495,1102715,1102870,1102875,1102877,1102879,1102882,1102896,1103156,1103269,1106095,1106434,1106512,1106594,1106934,1107924,1108096,1108170,1108240,1108399,1108803,1108823,1109333,1109336,1109337,1109441,1110297,1110337
CVE References: CVE-2018-14613,CVE-2018-14617,CVE-2018-16276,CVE-2018-16597,CVE-2018-17182,CVE-2018-7480,CVE-2018-7757
Sources used:
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_18-1-4.3.5
Comment 23 Swamp Workflow Management 2018-10-09 16:16:48 UTC
SUSE-SU-2018:3084-1: An update that solves 28 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 1012382,1042286,1062604,1064232,1065364,1082519,1082863,1084536,1085042,1088810,1089066,1092903,1094466,1095344,1096547,1097104,1099597,1099811,1099813,1099844,1099845,1099846,1099849,1099863,1099864,1099922,1099993,1099999,1100000,1100001,1100152,1102517,1102715,1102870,1103445,1104319,1104495,1105292,1105296,1105322,1105348,1105396,1105536,1106016,1106095,1106369,1106509,1106511,1106512,1106594,1107689,1107735,1107966,1108239,1108399,1109333
CVE References: CVE-2018-10853,CVE-2018-10876,CVE-2018-10877,CVE-2018-10878,CVE-2018-10879,CVE-2018-10880,CVE-2018-10881,CVE-2018-10882,CVE-2018-10883,CVE-2018-10902,CVE-2018-10938,CVE-2018-10940,CVE-2018-12896,CVE-2018-13093,CVE-2018-13094,CVE-2018-13095,CVE-2018-14617,CVE-2018-14678,CVE-2018-15572,CVE-2018-15594,CVE-2018-16276,CVE-2018-16658,CVE-2018-17182,CVE-2018-6554,CVE-2018-6555,CVE-2018-7480,CVE-2018-7757,CVE-2018-9363
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, kgraft-patch-SLE12-SP2_Update_25-1-3.4.1, lttng-modules-2.7.1-9.6.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, kgraft-patch-SLE12-SP2_Update_25-1-3.4.1, lttng-modules-2.7.1-9.6.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, kgraft-patch-SLE12-SP2_Update_25-1-3.4.1, lttng-modules-2.7.1-9.6.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, lttng-modules-2.7.1-9.6.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.95.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.95.1, kernel-source-4.4.121-92.95.1, kernel-syms-4.4.121-92.95.1, kgraft-patch-SLE12-SP2_Update_25-1-3.4.1, lttng-modules-2.7.1-9.6.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.121-92.95.1
Comment 24 Swamp Workflow Management 2018-10-11 08:41:35 UTC
This is an autogenerated message for OBS integration:
This bug (1084536) was mentioned in
https://build.opensuse.org/request/show/641142 42.3 / kernel-source
Comment 25 Swamp Workflow Management 2018-10-17 19:10:16 UTC
openSUSE-SU-2018:3202-1: An update that solves 13 vulnerabilities and has 74 fixes is now available.

Category: security (important)
Bug References: 1012382,1044189,1050549,1063026,1065600,1066223,1082519,1082863,1082979,1084427,1084536,1088087,1089343,1090535,1094244,1094555,1094562,1095344,1095753,1096052,1096547,1099597,1099810,1100056,1100059,1100060,1100061,1100062,1102495,1102715,1102870,1102875,1102877,1102879,1102882,1102896,1103156,1103269,1103308,1103405,1105428,1105795,1106095,1106105,1106240,1106293,1106434,1106512,1106594,1106934,1107318,1107829,1107924,1108096,1108170,1108240,1108315,1108399,1108803,1108823,1109333,1109336,1109337,1109441,1109806,1110006,1110297,1110337,1110363,1110468,1110600,1110601,1110602,1110603,1110604,1110605,1110606,1110611,1110612,1110613,1110614,1110615,1110616,1110618,1110619,1110930,1111363
CVE References: CVE-2018-13096,CVE-2018-13097,CVE-2018-13098,CVE-2018-13099,CVE-2018-13100,CVE-2018-14613,CVE-2018-14617,CVE-2018-14633,CVE-2018-16276,CVE-2018-16597,CVE-2018-17182,CVE-2018-7480,CVE-2018-7757
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.159-73.1, kernel-default-4.4.159-73.1, kernel-docs-4.4.159-73.2, kernel-obs-build-4.4.159-73.1, kernel-obs-qa-4.4.159-73.1, kernel-source-4.4.159-73.1, kernel-syms-4.4.159-73.1, kernel-vanilla-4.4.159-73.1
Comment 29 Swamp Workflow Management 2018-11-07 20:29:57 UTC
SUSE-SU-2018:3659-1: An update that solves 10 vulnerabilities and has 104 fixes is now available.

Category: security (important)
Bug References: 1012382,1042422,1044189,1050431,1050549,1053043,1063026,1065600,1065726,1066223,1067906,1079524,1082519,1082863,1082979,1084427,1084536,1084760,1088087,1089343,1090535,1091158,1094244,1094555,1094562,1094825,1095344,1095753,1095805,1096052,1096547,1099597,1099810,1101555,1102495,1102715,1102870,1102875,1102877,1102879,1102882,1102896,1103156,1103269,1103308,1103405,1105428,1105795,1105931,1106095,1106105,1106110,1106240,1106293,1106359,1106434,1106512,1106594,1106913,1106929,1106934,1107060,1107299,1107318,1107535,1107829,1107924,1108096,1108170,1108240,1108315,1108377,1108399,1108498,1108803,1108823,1109158,1109333,1109336,1109337,1109441,1109784,1109806,1109818,1109907,1109919,1109923,1110006,1110297,1110337,1110363,1110468,1110600,1110601,1110602,1110603,1110604,1110605,1110606,1110611,1110612,1110613,1110614,1110615,1110616,1110618,1110619,1110930,1111363,1111516,1111870,1112007,1112262,1112263
CVE References: CVE-2018-14613,CVE-2018-14617,CVE-2018-14633,CVE-2018-16276,CVE-2018-16597,CVE-2018-17182,CVE-2018-18386,CVE-2018-7480,CVE-2018-7757,CVE-2018-9516
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP3 (src):    kernel-rt-4.4.162-3.26.1, kernel-rt_debug-4.4.162-3.26.1, kernel-source-rt-4.4.162-3.26.1, kernel-syms-rt-4.4.162-3.26.1
Comment 32 Swamp Workflow Management 2019-01-16 07:06:41 UTC
SUSE-SU-2019:0095-1: An update that solves 13 vulnerabilities and has 140 fixes is now available.

Category: security (important)
Bug References: 1011920,1012382,1012422,1020645,1031392,1035053,1042422,1043591,1044189,1048129,1050431,1050549,1053043,1054239,1057199,1062303,1063026,1065600,1065726,1066223,1067906,1073579,1076393,1078788,1079524,1082519,1082863,1082979,1083215,1083527,1084427,1084536,1084760,1087209,1088087,1089343,1090535,1091158,1093118,1094244,1094555,1094562,1094825,1095344,1095753,1095805,1096052,1096547,1098050,1098996,1099597,1099810,1101555,1102495,1102715,1102870,1102875,1102877,1102879,1102882,1102896,1103156,1103269,1103308,1103405,1104124,1105025,1105428,1105795,1105931,1106095,1106105,1106110,1106240,1106293,1106359,1106434,1106512,1106594,1106913,1106929,1106934,1107060,1107299,1107318,1107535,1107829,1107870,1107924,1108096,1108170,1108240,1108281,1108315,1108377,1108399,1108498,1108803,1108823,1109038,1109158,1109333,1109336,1109337,1109441,1109772,1109784,1109806,1109818,1109907,1109919,1109923,1110006,1110297,1110337,1110363,1110468,1110600,1110601,1110602,1110603,1110604,1110605,1110606,1110611,1110612,1110613,1110614,1110615,1110616,1110618,1110619,1110930,1111363,1111516,1111870,1112007,1112262,1112263,1112894,1112902,1112903,1112905,1113667,1113751,1113766,1113769,1114178,1114229,1114648,1115593,981083,997172
CVE References: CVE-2018-14613,CVE-2018-14617,CVE-2018-14633,CVE-2018-16276,CVE-2018-16597,CVE-2018-17182,CVE-2018-18281,CVE-2018-18386,CVE-2018-18690,CVE-2018-18710,CVE-2018-7480,CVE-2018-7757,CVE-2018-9516
Sources used:
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-azure-4.4.162-4.19.2, kernel-source-azure-4.4.162-4.19.1, kernel-syms-azure-4.4.162-4.19.1