Bug 1146544 – VUL-1: CVE-2019-15213: kernel-source: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c

Bug 1146544 - (CVE-2019-15213) VUL-1: CVE-2019-15213: kernel-source: use-after-free caused by malicious USB device in drivers/media/usb/dvb-usb/dvb-usb-init.c

(CVE-2019-15213)
Summary:	VUL-1: CVE-2019-15213: kernel-source: use-after-free caused by malicious USB ...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/240495/
Whiteboard:	CVSSv3:SUSE:CVE-2019-15213:5.2:(AV:P/...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2019-08-21 08:20 UTC by Alexandros Toptsoglou
Modified:	2020-07-13 15:11 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexandros Toptsoglou 2019-08-21 08:20:28 UTC

CVE-2019-15213

A vulnerability was found in the Linux kernel. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

Reference:
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7
https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced

References:
http://www.openwall.com/lists/oss-security/2019/08/20/2 	
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.3 	
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6cf97230cd5f36b7665099083272595c55d72be7 	
https://syzkaller.appspot.com/bug?id=a53c9c9dd2981bfdbfbcbc1ddbd35595eda8bced
https://bugzilla.redhat.com/show_bug.cgi?id=1743580

Comment 1 Alexandros Toptsoglou 2019-08-21 11:11:50 UTC

The issue introduced in commit at [1] (version 2.6.13). Based on this tracked all branches as affected.


[1] https://github.com/torvalds/linux/commit/776338e121b9db3156bfb4e21622a0219bbab9d4

Comment 2 Oliver Neukum 2019-08-26 13:05:27 UTC

The patch is under review upstrewam as likely wrong.

Comment 3 Oliver Neukum 2019-12-05 11:30:11 UTC

(In reply to Oliver Neukum from comment #2)
> The patch is under review upstrewam as likely wrong.

Nobody has submitted an alternative.

Comment 4 Oliver Neukum 2019-12-05 14:40:25 UTC

Applied to all trees

Comment 5 Swamp Workflow Management 2019-12-06 15:23:08 UTC

This is an autogenerated message for OBS integration:
This bug (1146544) was mentioned in
https://build.opensuse.org/request/show/754695 15.1 / kernel-source

Comment 7 Michal Suchanek 2019-12-09 17:24:27 UTC

On older codestreams this patch causes a warning due to missing

e7fd37ba12170cc414be8b639dfc2c5f7172fac2 v4.15-rc8 cgroup: avoid copying strings longer than the buffers
50034ed49645463a16327cad05694e201e6b4126 v4.15-rc8 cgroup: use strlcpy() instead of strscpy() to avoid spurious
08a77676f9c5fc69a681ccd2cd8140e65dcb26c7 v4.16-rc1 string: drop __must_check from strscpy() and restore

These fix a potential buffer overflow in cgroups code. I wonder if that is exploitable as well.

Comment 8 Swamp Workflow Management 2019-12-12 14:17:16 UTC

openSUSE-SU-2019:2675-1: An update that solves 38 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1078248,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1137223,1137236,1138039,1140948,1141054,1142095,1142635,1142924,1144333,1146519,1146544,1149448,1151067,1151548,1151900,1153628,1153811,1154043,1154058,1154355,1154601,1155689,1155897,1155921,1156258,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652
CVE References: CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-18660,CVE-2019-18683,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.36.1, kernel-default-4.12.14-lp151.28.36.1, kernel-docs-4.12.14-lp151.28.36.1, kernel-kvmsmall-4.12.14-lp151.28.36.1, kernel-obs-build-4.12.14-lp151.28.36.1, kernel-obs-qa-4.12.14-lp151.28.36.1, kernel-source-4.12.14-lp151.28.36.1, kernel-syms-4.12.14-lp151.28.36.1, kernel-vanilla-4.12.14-lp151.28.36.1

Comment 12 Swamp Workflow Management 2019-12-17 17:32:10 UTC

SUSE-SU-2019:3316-1: An update that solves 44 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1083647,1089644,1090888,1091041,1108043,1113722,1114279,1115026,1117169,1120853,1131107,1135966,1138039,1140948,1142095,1143706,1144333,1146519,1146544,1149448,1150466,1151548,1151900,1152631,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1155021,1155689,1155897,1155921,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-18660,CVE-2019-18683,CVE-2019-18809,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.34.1, kernel-source-azure-4.12.14-6.34.1, kernel-syms-azure-4.12.14-6.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 Swamp Workflow Management 2019-12-20 11:37:48 UTC

SUSE-SU-2019:3372-1: An update that solves 42 vulnerabilities and has 100 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1135966,1135967,1137223,1137236,1138039,1140948,1142095,1142635,1142924,1143706,1144333,1146544,1149448,1150466,1151067,1151548,1151900,1152782,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1154601,1155021,1155689,1155692,1155836,1155897,1155921,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.22.1, kernel-source-azure-4.12.14-8.22.1, kernel-syms-azure-4.12.14-8.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Swamp Workflow Management 2019-12-21 14:11:54 UTC

SUSE-SU-2019:3379-1: An update that solves 26 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1091041,1119461,1119465,1131107,1138190,1146544,1146612,1150466,1150483,1152631,1153811,1154905,1155689,1155897,1155898,1156187,1157038,1157042,1157070,1157143,1157158,1157191,1157324,1157333,1157464,1158132,1158394,1158398,1158410,1158413,1158417,1158445,1158823,1158824,1158827,1158834,1158900,1158903,1158904,1158954
CVE References: CVE-2019-14895,CVE-2019-15213,CVE-2019-16231,CVE-2019-18660,CVE-2019-18680,CVE-2019-18683,CVE-2019-18805,CVE-2019-19052,CVE-2019-19062,CVE-2019-19065,CVE-2019-19073,CVE-2019-19074,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.113.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.180-94.113.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.113.1, kernel-source-4.4.180-94.113.1, kernel-syms-4.4.180-94.113.1, kgraft-patch-SLE12-SP3_Update_30-1-4.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 Swamp Workflow Management 2019-12-23 14:16:19 UTC

SUSE-SU-2019:3381-1: An update that solves 48 vulnerabilities and has 90 fixes is now available.

Category: security (important)
Bug References: 1046303,1048942,1051510,1065600,1071995,1078248,1082635,1083647,1089644,1090888,1091041,1104427,1108043,1113722,1114279,1115026,1117169,1120853,1127371,1131107,1138039,1140948,1142095,1143706,1143959,1144333,1146519,1146544,1149448,1150466,1151548,1151900,1152631,1152782,1153628,1153681,1153811,1154043,1154058,1154124,1154355,1154526,1154956,1155021,1155331,1155334,1155689,1155692,1155836,1155897,1155921,1156187,1156258,1156259,1156429,1156462,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157853,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159297
CVE References: CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18808,CVE-2019-18809,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.47.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.47.1, kernel-docs-4.12.14-150.47.1, kernel-obs-qa-4.12.14-150.47.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.47.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.47.1, kernel-obs-build-4.12.14-150.47.1, kernel-source-4.12.14-150.47.1, kernel-syms-4.12.14-150.47.1, kernel-vanilla-4.12.14-150.47.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.47.1, kernel-source-4.12.14-150.47.1, kernel-zfcpdump-4.12.14-150.47.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Swamp Workflow Management 2019-12-23 14:33:09 UTC

SUSE-SU-2019:3381-1: An update that solves 48 vulnerabilities and has 90 fixes is now available.

Category: security (important)
Bug References: 1046303,1048942,1051510,1065600,1071995,1078248,1082635,1083647,1089644,1090888,1091041,1104427,1108043,1113722,1114279,1115026,1117169,1120853,1127371,1131107,1138039,1140948,1142095,1143706,1143959,1144333,1146519,1146544,1149448,1150466,1151548,1151900,1152631,1152782,1153628,1153681,1153811,1154043,1154058,1154124,1154355,1154526,1154956,1155021,1155331,1155334,1155689,1155692,1155836,1155897,1155921,1156187,1156258,1156259,1156429,1156462,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1157038,1157042,1157070,1157143,1157145,1157158,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157698,1157778,1157853,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159297
CVE References: CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18808,CVE-2019-18809,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.47.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.47.1, kernel-docs-4.12.14-150.47.1, kernel-obs-qa-4.12.14-150.47.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.47.1, kernel-livepatch-SLE15_Update_17-1-1.3.2
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.47.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.47.1, kernel-obs-build-4.12.14-150.47.1, kernel-source-4.12.14-150.47.1, kernel-syms-4.12.14-150.47.1, kernel-vanilla-4.12.14-150.47.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.47.1, kernel-source-4.12.14-150.47.1, kernel-zfcpdump-4.12.14-150.47.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2019-12-27 17:15:06 UTC

SUSE-SU-2019:3389-1: An update that solves 24 vulnerabilities and has 75 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1078248,1083647,1089644,1090888,1108043,1111666,1112178,1113956,1114279,1115026,1117169,1119461,1119465,1120853,1129770,1137223,1138039,1138190,1140948,1142095,1142635,1144333,1146519,1146544,1151067,1151548,1152107,1152631,1153811,1154043,1154355,1154768,1154905,1154916,1155689,1155921,1156462,1156471,1156928,1157042,1157115,1157160,1157169,1157171,1157303,1157424,1157463,1157499,1157698,1157778,1157895,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159096
CVE References: CVE-2019-14901,CVE-2019-15213,CVE-2019-16746,CVE-2019-19051,CVE-2019-19066,CVE-2019-19077,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.12.1, kgraft-patch-SLE12-SP5_Update_2-1-8.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 21 Swamp Workflow Management 2019-12-27 17:27:30 UTC

SUSE-SU-2019:3389-1: An update that solves 24 vulnerabilities and has 75 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1078248,1083647,1089644,1090888,1108043,1111666,1112178,1113956,1114279,1115026,1117169,1119461,1119465,1120853,1129770,1137223,1138039,1138190,1140948,1142095,1142635,1144333,1146519,1146544,1151067,1151548,1152107,1152631,1153811,1154043,1154355,1154768,1154905,1154916,1155689,1155921,1156462,1156471,1156928,1157042,1157115,1157160,1157169,1157171,1157303,1157424,1157463,1157499,1157698,1157778,1157895,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159096
CVE References: CVE-2019-14901,CVE-2019-15213,CVE-2019-16746,CVE-2019-19051,CVE-2019-19066,CVE-2019-19077,CVE-2019-19332,CVE-2019-19338,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.12.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.12.1, kernel-obs-build-4.12.14-122.12.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.12.1, kernel-source-4.12.14-122.12.1, kernel-syms-4.12.14-122.12.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.12.1, kgraft-patch-SLE12-SP5_Update_2-1-8.5.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Swamp Workflow Management 2020-01-14 14:29:50 UTC

SUSE-SU-2020:0093-1: An update that solves 80 vulnerabilities and has 310 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1078248,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1090888,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103989,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1115026,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120853,1120902,1122363,1123034,1123080,1123105,1126206,1126390,1127155,1127354,1127371,1127611,1127988,1129770,1131107,1131304,1131489,1133140,1134476,1134973,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1139073,1140090,1140155,1140729,1140845,1140883,1140948,1141013,1141340,1141543,1142076,1142095,1142635,1142667,1142924,1143706,1143959,1144333,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146519,1146544,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150452,1150457,1150465,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151910,1151955,1152024,1152025,1152026,1152033,1152107,1152161,1152187,1152325,1152446,1152457,1152460,1152466,1152497,1152505,1152506,1152525,1152624,1152631,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153158,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154244,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154768,1154848,1154858,1154905,1154916,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155331,1155334,1155671,1155689,1155692,1155812,1155817,1155836,1155897,1155921,1155945,1156187,1156258,1156259,1156286,1156429,1156462,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157853,1157895,1157908,1158021,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159096,1159297,1159483,1159484,1159500,1159569,1159841,1159908,1159909,1159910,972655
CVE References: CVE-2017-18595,CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-14901,CVE-2019-15030,CVE-2019-15031,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16746,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18808,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.7.1, kernel-source-azure-4.12.14-16.7.1, kernel-syms-azure-4.12.14-16.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Swamp Workflow Management 2020-03-02 20:21:25 UTC

SUSE-SU-2020:0560-1: An update that solves 36 vulnerabilities and has 196 fixes is now available.

Category: security (important)
Bug References: 1046303,1050244,1050549,1051510,1051858,1061840,1065600,1065729,1071995,1083647,1085030,1086301,1086313,1086314,1088810,1090888,1103989,1103990,1103991,1104353,1104427,1104745,1105392,1109837,1111666,1112178,1112374,1112504,1113956,1114279,1114685,1115026,1118338,1118661,1123328,1126206,1127371,1127611,1127682,1129551,1129770,1133021,1133147,1134973,1140025,1142685,1143959,1144162,1144333,1146519,1146544,1151548,1151910,1151927,1152107,1152631,1153535,1153917,1154243,1154601,1154768,1154916,1155331,1155334,1155689,1156259,1156286,1156462,1157155,1157157,1157169,1157303,1157424,1157480,1157692,1157853,1157895,1157908,1157966,1158013,1158021,1158026,1158071,1158094,1158132,1158381,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159271,1159297,1159377,1159394,1159483,1159484,1159500,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160147,1160195,1160210,1160211,1160218,1160433,1160442,1160469,1160470,1160476,1160560,1160618,1160678,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1160979,1161087,1161243,1161360,1161472,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161702,1161907,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067,1162109,1162139,1162557,1162617,1162618,1162619,1162623,1162928,1162943,1163206,1163383,1163384,1163762,1163774,1163836,1163840,1163841,1163842,1163843,1163844,1163845,1163846,1163849,1163850,1163851,1163852,1163853,1163855,1163856,1163857,1163858,1163859,1163860,1163861,1163862,1163863,1163867,1163869,1163880,1163971,1164051,1164069,1164098,1164115,1164314,1164315,1164388,1164471,1164598,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735
CVE References: CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-15213,CVE-2019-16746,CVE-2019-16994,CVE-2019-18808,CVE-2019-19036,CVE-2019-19045,CVE-2019-19051,CVE-2019-19054,CVE-2019-19066,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19526,CVE-2019-19527,CVE-2019-19532,CVE-2019-19533,CVE-2019-19535,CVE-2019-19537,CVE-2019-19767,CVE-2019-19927,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8648,CVE-2020-8992
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.34.1, kernel-livepatch-SLE15-SP1_Update_9-1-3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2020-03-02 20:53:16 UTC

SUSE-SU-2020:0560-1: An update that solves 36 vulnerabilities and has 196 fixes is now available.

Category: security (important)
Bug References: 1046303,1050244,1050549,1051510,1051858,1061840,1065600,1065729,1071995,1083647,1085030,1086301,1086313,1086314,1088810,1090888,1103989,1103990,1103991,1104353,1104427,1104745,1105392,1109837,1111666,1112178,1112374,1112504,1113956,1114279,1114685,1115026,1118338,1118661,1123328,1126206,1127371,1127611,1127682,1129551,1129770,1133021,1133147,1134973,1140025,1142685,1143959,1144162,1144333,1146519,1146544,1151548,1151910,1151927,1152107,1152631,1153535,1153917,1154243,1154601,1154768,1154916,1155331,1155334,1155689,1156259,1156286,1156462,1157155,1157157,1157169,1157303,1157424,1157480,1157692,1157853,1157895,1157908,1157966,1158013,1158021,1158026,1158071,1158094,1158132,1158381,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159271,1159297,1159377,1159394,1159483,1159484,1159500,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160147,1160195,1160210,1160211,1160218,1160433,1160442,1160469,1160470,1160476,1160560,1160618,1160678,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1160979,1161087,1161243,1161360,1161472,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161702,1161907,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067,1162109,1162139,1162557,1162617,1162618,1162619,1162623,1162928,1162943,1163206,1163383,1163384,1163762,1163774,1163836,1163840,1163841,1163842,1163843,1163844,1163845,1163846,1163849,1163850,1163851,1163852,1163853,1163855,1163856,1163857,1163858,1163859,1163860,1163861,1163862,1163863,1163867,1163869,1163880,1163971,1164051,1164069,1164098,1164115,1164314,1164315,1164388,1164471,1164598,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735
CVE References: CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-15213,CVE-2019-16746,CVE-2019-16994,CVE-2019-18808,CVE-2019-19036,CVE-2019-19045,CVE-2019-19051,CVE-2019-19054,CVE-2019-19066,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19526,CVE-2019-19527,CVE-2019-19532,CVE-2019-19533,CVE-2019-19535,CVE-2019-19537,CVE-2019-19767,CVE-2019-19927,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8648,CVE-2020-8992
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.34.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.34.1, kernel-default-4.12.14-197.34.1, kernel-docs-4.12.14-197.34.1, kernel-kvmsmall-4.12.14-197.34.1, kernel-obs-qa-4.12.14-197.34.1, kernel-source-4.12.14-197.34.1, kernel-vanilla-4.12.14-197.34.1, kernel-zfcpdump-4.12.14-197.34.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.34.1, kernel-livepatch-SLE15-SP1_Update_9-1-3.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.34.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.34.1, kernel-obs-build-4.12.14-197.34.1, kernel-source-4.12.14-197.34.1, kernel-syms-4.12.14-197.34.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.34.1, kernel-source-4.12.14-197.34.1, kernel-zfcpdump-4.12.14-197.34.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2020-03-04 14:19:08 UTC

SUSE-SU-2020:0584-1: An update that solves 43 vulnerabilities and has 163 fixes is now available.

Category: security (important)
Bug References: 1046303,1050244,1051510,1051858,1061840,1065600,1065729,1071995,1083647,1085030,1086301,1086313,1086314,1088810,1090888,1104427,1105392,1111666,1112178,1112504,1114279,1115026,1118338,1120853,1123328,1127371,1133021,1133147,1134973,1140025,1141054,1142095,1143959,1144333,1146519,1146544,1151548,1151910,1151927,1152631,1153917,1154243,1155331,1155334,1155689,1156259,1156286,1156462,1157155,1157157,1157169,1157303,1157424,1157692,1157853,1157908,1157966,1158013,1158021,1158026,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159271,1159297,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1160979,1161087,1161360,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161702,1161875,1161907,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067,1162109,1162139,1162557,1162617,1162618,1162619,1162623,1162928,1162943,1163383,1163384,1163762,1163774,1163836,1163840,1163841,1163842,1163843,1163844,1163845,1163846,1163849,1163850,1163851,1163852,1163853,1163855,1163856,1163857,1163858,1163859,1163860,1163861,1163862,1163863,1163867,1163869,1163880,1163971,1164069,1164098,1164115,1164314,1164315,1164388,1164471,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735
CVE References: CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-15213,CVE-2019-16994,CVE-2019-18808,CVE-2019-19036,CVE-2019-19045,CVE-2019-19051,CVE-2019-19054,CVE-2019-19066,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8648,CVE-2020-8992
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.48.1, kgraft-patch-SLE12-SP4_Update_12-1-6.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2020-03-04 14:54:54 UTC

SUSE-SU-2020:0584-1: An update that solves 43 vulnerabilities and has 163 fixes is now available.

Category: security (important)
Bug References: 1046303,1050244,1051510,1051858,1061840,1065600,1065729,1071995,1083647,1085030,1086301,1086313,1086314,1088810,1090888,1104427,1105392,1111666,1112178,1112504,1114279,1115026,1118338,1120853,1123328,1127371,1133021,1133147,1134973,1140025,1141054,1142095,1143959,1144333,1146519,1146544,1151548,1151910,1151927,1152631,1153917,1154243,1155331,1155334,1155689,1156259,1156286,1156462,1157155,1157157,1157169,1157303,1157424,1157692,1157853,1157908,1157966,1158013,1158021,1158026,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159271,1159297,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1160979,1161087,1161360,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161702,1161875,1161907,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067,1162109,1162139,1162557,1162617,1162618,1162619,1162623,1162928,1162943,1163383,1163384,1163762,1163774,1163836,1163840,1163841,1163842,1163843,1163844,1163845,1163846,1163849,1163850,1163851,1163852,1163853,1163855,1163856,1163857,1163858,1163859,1163860,1163861,1163862,1163863,1163867,1163869,1163880,1163971,1164069,1164098,1164115,1164314,1164315,1164388,1164471,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735
CVE References: CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-15213,CVE-2019-16994,CVE-2019-18808,CVE-2019-19036,CVE-2019-19045,CVE-2019-19051,CVE-2019-19054,CVE-2019-19066,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8648,CVE-2020-8992
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.48.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.48.1, kernel-obs-build-4.12.14-95.48.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.48.1, kernel-source-4.12.14-95.48.1, kernel-syms-4.12.14-95.48.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.48.1, kgraft-patch-SLE12-SP4_Update_12-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.48.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Swamp Workflow Management 2020-03-05 20:20:58 UTC

SUSE-SU-2020:0599-1: An update that solves 60 vulnerabilities and has 119 fixes is now available.

Category: security (moderate)
Bug References: 1046303,1050244,1051510,1051858,1065600,1065729,1071995,1078248,1083647,1085030,1086301,1086313,1086314,1089644,1090888,1104427,1108043,1113722,1114279,1115026,1117169,1120853,1127371,1134973,1138039,1140948,1141054,1142095,1143959,1144333,1146519,1146544,1151548,1151900,1151910,1151927,1152631,1153811,1153917,1154043,1154058,1154355,1155331,1155334,1155689,1155897,1155921,1156258,1156259,1156286,1156462,1156471,1157038,1157042,1157070,1157143,1157145,1157155,1157157,1157158,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157307,1157324,1157333,1157424,1157463,1157499,1157678,1157692,1157698,1157778,1157853,1157908,1158013,1158021,1158026,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159297,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161875,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067
CVE References: CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-16994,CVE-2019-18660,CVE-2019-18683,CVE-2019-18808,CVE-2019-18809,CVE-2019-19036,CVE-2019-19045,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19054,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19227,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-7053
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.12.1, kernel-rt_debug-4.12.14-8.12.1, kernel-source-rt-4.12.14-8.12.1, kernel-syms-rt-4.12.14-8.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Swamp Workflow Management 2020-03-09 14:24:55 UTC

SUSE-SU-2020:0613-1: An update that solves 69 vulnerabilities and has 168 fixes is now available.

Category: security (moderate)
Bug References: 1046303,1050244,1051510,1051858,1061840,1065600,1065729,1071995,1078248,1083647,1085030,1086301,1086313,1086314,1089644,1090888,1103989,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1114685,1115026,1117169,1118661,1119113,1120853,1123328,1126206,1126390,1127354,1127371,1127611,1127682,1129551,1129770,1134973,1134983,1137223,1137236,1138039,1140948,1141054,1142095,1142635,1142924,1143959,1144333,1146519,1146544,1151067,1151548,1151900,1151910,1151927,1152107,1152631,1153535,1153628,1153811,1153917,1154043,1154058,1154243,1154355,1154601,1154768,1154916,1155331,1155334,1155689,1155897,1155921,1156258,1156259,1156286,1156462,1156471,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157155,1157157,1157158,1157160,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157692,1157698,1157778,1157853,1157895,1157908,1158013,1158021,1158026,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159297,1159377,1159394,1159483,1159484,1159500,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160147,1160195,1160210,1160211,1160433,1160442,1160469,1160470,1160476,1160560,1160618,1160678,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161243,1161472,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067,1162109,1162139
CVE References: CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-16746,CVE-2019-16994,CVE-2019-18660,CVE-2019-18683,CVE-2019-18808,CVE-2019-18809,CVE-2019-19036,CVE-2019-19045,CVE-2019-19046,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19054,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19927,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-7053,CVE-2020-8428
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.17.1, kernel-rt_debug-4.12.14-14.17.1, kernel-source-rt-4.12.14-14.17.1, kernel-syms-rt-4.12.14-14.17.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.17.1, kernel-rt_debug-4.12.14-14.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 37 Swamp Workflow Management 2020-04-30 19:16:07 UTC

SUSE-SU-2020:14354-1: An update that solves 28 vulnerabilities and has 20 fixes is now available.

Category: security (important)
Bug References: 1012382,1091041,1105327,1131107,1136471,1136922,1146519,1146544,1146612,1148871,1149448,1152631,1156652,1157038,1157070,1157143,1157155,1157157,1157303,1157344,1157678,1157804,1157923,1158381,1158410,1158413,1158427,1158445,1158823,1158824,1158834,1158900,1158904,1159285,1159841,1159908,1159911,1161358,1162928,1162929,1162931,1164078,1165111,1165985,1167629,1168075,1168829,1168854
CVE References: CVE-2019-12456,CVE-2019-14896,CVE-2019-14897,CVE-2019-15213,CVE-2019-15916,CVE-2019-18660,CVE-2019-18675,CVE-2019-19066,CVE-2019-19073,CVE-2019-19074,CVE-2019-19227,CVE-2019-19523,CVE-2019-19524,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19537,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20096,CVE-2020-10942,CVE-2020-11608,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    kernel-bigmem-3.0.101-108.111.1, kernel-default-3.0.101-108.111.1, kernel-ec2-3.0.101-108.111.1, kernel-pae-3.0.101-108.111.1, kernel-ppc64-3.0.101-108.111.1, kernel-source-3.0.101-108.111.1, kernel-syms-3.0.101-108.111.1, kernel-trace-3.0.101-108.111.1, kernel-xen-3.0.101-108.111.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.111.1, kernel-pae-3.0.101-108.111.1, kernel-ppc64-3.0.101-108.111.1, kernel-trace-3.0.101-108.111.1, kernel-xen-3.0.101-108.111.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-108.111.1, kernel-default-3.0.101-108.111.1, kernel-ec2-3.0.101-108.111.1, kernel-pae-3.0.101-108.111.1, kernel-ppc64-3.0.101-108.111.1, kernel-trace-3.0.101-108.111.1, kernel-xen-3.0.101-108.111.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 Swamp Workflow Management 2020-05-12 13:20:19 UTC

SUSE-SU-2020:1255-1: An update that solves 53 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1037216,1075091,1075994,1087082,1087813,1091041,1099279,1120386,1131107,1133147,1136449,1137325,1146519,1146544,1146612,1149591,1153811,1154844,1155311,1155897,1156060,1157038,1157042,1157070,1157143,1157155,1157157,1157158,1157303,1157324,1157333,1157464,1157804,1157923,1158021,1158132,1158381,1158394,1158398,1158410,1158413,1158417,1158427,1158445,1158819,1158823,1158824,1158827,1158834,1158900,1158903,1158904,1159199,1159285,1159297,1159841,1159908,1159910,1159911,1159912,1160195,1162227,1162298,1162928,1162929,1162931,1163971,1164069,1164078,1164846,1165111,1165311,1165873,1165881,1165984,1165985,1167629,1168075,1168295,1168424,1168829,1168854,1170056,1170345,1170778
CVE References: CVE-2017-18255,CVE-2018-21008,CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-18660,CVE-2019-18675,CVE-2019-18683,CVE-2019-19052,CVE-2019-19062,CVE-2019-19066,CVE-2019-19073,CVE-2019-19074,CVE-2019-19319,CVE-2019-19332,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19767,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20096,CVE-2019-3701,CVE-2019-5108,CVE-2019-9455,CVE-2019-9458,CVE-2020-10690,CVE-2020-10720,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-2732,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.129.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 42 Alexandros Toptsoglou 2020-07-13 15:11:43 UTC

Done