Bug 1157049 – VUL-1: CVE-2019-19083: kernel-source: Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc allow attackers to cause a denial of service (memory consumption)

Bug 1157049 - (CVE-2019-19083) VUL-1: CVE-2019-19083: kernel-source: Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc allow attackers to cause a denial of service (memory consumption)

(CVE-2019-19083)
Summary:	VUL-1: CVE-2019-19083: kernel-source: Memory leaks in *clock_source_create() ...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/247521/
Whiteboard:	CVSSv3.1:SUSE:CVE-2019-19083:5.5:(AV...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2019-11-18 15:22 UTC by Wolfgang Frisch
Modified:	2023-01-26 14:26 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Wolfgang Frisch 2019-11-18 15:22:57 UTC

CVE-2019-19083

Memory leaks in *clock_source_create() functions under
drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers
to cause a denial of service (memory consumption). This affects the
dce112_clock_source_create() function in
drivers/gpu/drm/amd/display/dc/dce112/dce112_resource.c, the
dce100_clock_source_create() function in
drivers/gpu/drm/amd/display/dc/dce100/dce100_resource.c, the
dcn10_clock_source_create() function in
drivers/gpu/drm/amd/display/dc/dcn10/dcn10_resource.c, the
dcn20_clock_source_create() function in
drivers/gpu/drm/amd/display/dc/dcn20/dcn20_resource.c, the
dce120_clock_source_create() function in
drivers/gpu/drm/amd/display/dc/dce120/dce120_resource.c, the
dce110_clock_source_create() function in
drivers/gpu/drm/amd/display/dc/dce110/dce110_resource.c, and the
dce80_clock_source_create() function in
drivers/gpu/drm/amd/display/dc/dce80/dce80_resource.c, aka CID-055e547478a1.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19083
https://github.com/torvalds/linux/commit/055e547478a11a6360c7ce05e2afc3e366968a12
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19083
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8

Comment 2 Takashi Iwai 2019-11-18 15:33:29 UTC

Backported to SLE15-SP1 branch.  SLE15-SP2 branch got the patch reference tag update, too.  The rest branches will get fixes from these branches.

Reassigned back to security team.

Comment 8 Swamp Workflow Management 2019-12-06 15:24:57 UTC

This is an autogenerated message for OBS integration:
This bug (1157049) was mentioned in
https://build.opensuse.org/request/show/754695 15.1 / kernel-source

Comment 9 Swamp Workflow Management 2019-12-06 23:44:36 UTC

SUSE-SU-2019:3200-1: An update that solves 44 vulnerabilities and has 258 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1054914,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113994,1114279,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120902,1122363,1123034,1123080,1123105,1126390,1127155,1127354,1127371,1127988,1131107,1131304,1131489,1133140,1134476,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1138539,1139073,1140090,1140155,1140729,1140845,1140883,1141013,1141340,1141543,1141600,1142076,1142635,1142667,1142924,1143706,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149651,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150457,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151955,1152024,1152025,1152026,1152033,1152161,1152187,1152325,1152457,1152460,1152466,1152525,1152624,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155671,1155689,1155692,1155836,1155897,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068
CVE References: CVE-2017-18595,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-15030,CVE-2019-15031,CVE-2019-15916,CVE-2019-16231,CVE-2019-16233,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kgraft-patch-SLE12-SP5_Update_1-1-8.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 10 Swamp Workflow Management 2019-12-07 00:21:59 UTC

SUSE-SU-2019:3200-1: An update that solves 44 vulnerabilities and has 258 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1054914,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113994,1114279,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120902,1122363,1123034,1123080,1123105,1126390,1127155,1127354,1127371,1127988,1131107,1131304,1131489,1133140,1134476,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1138539,1139073,1140090,1140155,1140729,1140845,1140883,1141013,1141340,1141543,1141600,1142076,1142635,1142667,1142924,1143706,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149651,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150457,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151955,1152024,1152025,1152026,1152033,1152161,1152187,1152325,1152457,1152460,1152466,1152525,1152624,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155671,1155689,1155692,1155836,1155897,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068
CVE References: CVE-2017-18595,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-15030,CVE-2019-15031,CVE-2019-15916,CVE-2019-16231,CVE-2019-16233,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.7.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.7.1, kernel-obs-build-4.12.14-122.7.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kernel-source-4.12.14-122.7.1, kernel-syms-4.12.14-122.7.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kgraft-patch-SLE12-SP5_Update_1-1-8.7.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 12 Swamp Workflow Management 2019-12-12 14:20:55 UTC

openSUSE-SU-2019:2675-1: An update that solves 38 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1078248,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1137223,1137236,1138039,1140948,1141054,1142095,1142635,1142924,1144333,1146519,1146544,1149448,1151067,1151548,1151900,1153628,1153811,1154043,1154058,1154355,1154601,1155689,1155897,1155921,1156258,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652
CVE References: CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-18660,CVE-2019-18683,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.36.1, kernel-default-4.12.14-lp151.28.36.1, kernel-docs-4.12.14-lp151.28.36.1, kernel-kvmsmall-4.12.14-lp151.28.36.1, kernel-obs-build-4.12.14-lp151.28.36.1, kernel-obs-qa-4.12.14-lp151.28.36.1, kernel-source-4.12.14-lp151.28.36.1, kernel-syms-4.12.14-lp151.28.36.1, kernel-vanilla-4.12.14-lp151.28.36.1

Comment 14 Swamp Workflow Management 2019-12-17 17:22:58 UTC

SUSE-SU-2019:3317-1: An update that solves 41 vulnerabilities and has 88 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1135966,1135967,1137223,1137236,1138039,1140948,1142095,1142635,1142924,1143706,1144333,1149448,1150466,1151067,1151548,1151900,1152782,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1154601,1155021,1155689,1155692,1155836,1155897,1155921,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.29.1, kernel-livepatch-SLE15-SP1_Update_8-1-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 15 Swamp Workflow Management 2019-12-17 18:02:29 UTC

SUSE-SU-2019:3317-1: An update that solves 41 vulnerabilities and has 88 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1135966,1135967,1137223,1137236,1138039,1140948,1142095,1142635,1142924,1143706,1144333,1149448,1150466,1151067,1151548,1151900,1152782,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1154601,1155021,1155689,1155692,1155836,1155897,1155921,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.29.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.29.1, kernel-default-4.12.14-197.29.1, kernel-docs-4.12.14-197.29.2, kernel-kvmsmall-4.12.14-197.29.1, kernel-obs-qa-4.12.14-197.29.1, kernel-source-4.12.14-197.29.1, kernel-vanilla-4.12.14-197.29.1, kernel-zfcpdump-4.12.14-197.29.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.29.1, kernel-livepatch-SLE15-SP1_Update_8-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.29.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.29.2, kernel-obs-build-4.12.14-197.29.1, kernel-source-4.12.14-197.29.1, kernel-syms-4.12.14-197.29.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.29.1, kernel-source-4.12.14-197.29.1, kernel-zfcpdump-4.12.14-197.29.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.29.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 Swamp Workflow Management 2019-12-20 11:42:03 UTC

SUSE-SU-2019:3372-1: An update that solves 42 vulnerabilities and has 100 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1071995,1078248,1082635,1089644,1091041,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1117169,1118661,1119113,1120853,1126390,1127354,1127371,1129770,1131107,1134983,1135966,1135967,1137223,1137236,1138039,1140948,1142095,1142635,1142924,1143706,1144333,1146544,1149448,1150466,1151067,1151548,1151900,1152782,1153628,1153811,1154043,1154058,1154124,1154355,1154526,1154601,1155021,1155689,1155692,1155836,1155897,1155921,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652
CVE References: CVE-2019-0154,CVE-2019-14895,CVE-2019-14901,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-17055,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19524,CVE-2019-19525,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19534,CVE-2019-19536,CVE-2019-19543
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.22.1, kernel-source-azure-4.12.14-8.22.1, kernel-syms-azure-4.12.14-8.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 Swamp Workflow Management 2020-01-14 14:49:43 UTC

SUSE-SU-2020:0093-1: An update that solves 80 vulnerabilities and has 310 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1078248,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1090888,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103989,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1115026,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120853,1120902,1122363,1123034,1123080,1123105,1126206,1126390,1127155,1127354,1127371,1127611,1127988,1129770,1131107,1131304,1131489,1133140,1134476,1134973,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1139073,1140090,1140155,1140729,1140845,1140883,1140948,1141013,1141340,1141543,1142076,1142095,1142635,1142667,1142924,1143706,1143959,1144333,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146519,1146544,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150452,1150457,1150465,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151910,1151955,1152024,1152025,1152026,1152033,1152107,1152161,1152187,1152325,1152446,1152457,1152460,1152466,1152497,1152505,1152506,1152525,1152624,1152631,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153158,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154244,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154768,1154848,1154858,1154905,1154916,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155331,1155334,1155671,1155689,1155692,1155812,1155817,1155836,1155897,1155921,1155945,1156187,1156258,1156259,1156286,1156429,1156462,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157853,1157895,1157908,1158021,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159096,1159297,1159483,1159484,1159500,1159569,1159841,1159908,1159909,1159910,972655
CVE References: CVE-2017-18595,CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-14901,CVE-2019-15030,CVE-2019-15031,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16746,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18808,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.7.1, kernel-source-azure-4.12.14-16.7.1, kernel-syms-azure-4.12.14-16.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2020-03-09 14:29:51 UTC

SUSE-SU-2020:0613-1: An update that solves 69 vulnerabilities and has 168 fixes is now available.

Category: security (moderate)
Bug References: 1046303,1050244,1051510,1051858,1061840,1065600,1065729,1071995,1078248,1083647,1085030,1086301,1086313,1086314,1089644,1090888,1103989,1103990,1103991,1104353,1104427,1104745,1108043,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1114685,1115026,1117169,1118661,1119113,1120853,1123328,1126206,1126390,1127354,1127371,1127611,1127682,1129551,1129770,1134973,1134983,1137223,1137236,1138039,1140948,1141054,1142095,1142635,1142924,1143959,1144333,1146519,1146544,1151067,1151548,1151900,1151910,1151927,1152107,1152631,1153535,1153628,1153811,1153917,1154043,1154058,1154243,1154355,1154601,1154768,1154916,1155331,1155334,1155689,1155897,1155921,1156258,1156259,1156286,1156462,1156471,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157155,1157157,1157158,1157160,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157692,1157698,1157778,1157853,1157895,1157908,1158013,1158021,1158026,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159028,1159297,1159377,1159394,1159483,1159484,1159500,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160147,1160195,1160210,1160211,1160433,1160442,1160469,1160470,1160476,1160560,1160618,1160678,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161243,1161472,1161514,1161518,1161522,1161523,1161549,1161552,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1162028,1162067,1162109,1162139
CVE References: CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-16746,CVE-2019-16994,CVE-2019-18660,CVE-2019-18683,CVE-2019-18808,CVE-2019-18809,CVE-2019-19036,CVE-2019-19045,CVE-2019-19046,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19054,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19318,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19927,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2020-7053,CVE-2020-8428
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.17.1, kernel-rt_debug-4.12.14-14.17.1, kernel-source-rt-4.12.14-14.17.1, kernel-syms-rt-4.12.14-14.17.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.17.1, kernel-rt_debug-4.12.14-14.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 21 Alexandros Toptsoglou 2020-11-04 14:43:13 UTC

Done

Comment 30 Swamp Workflow Management 2023-01-25 14:20:01 UTC

SUSE-SU-2023:0134-1: An update that solves 11 vulnerabilities and has 11 fixes is now available.

Category: security (important)
Bug References: 1151927,1157049,1190969,1203183,1204171,1204250,1204693,1205256,1206113,1206114,1206174,1206175,1206176,1206177,1206178,1206179,1206389,1206394,1206395,1206397,1206398,1206664
CVE References: CVE-2019-19083,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3435,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662
JIRA References: 
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-rt-5.3.18-150300.115.1
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.115.1, kernel-rt_debug-5.3.18-150300.115.1, kernel-source-rt-5.3.18-150300.115.1, kernel-syms-rt-5.3.18-150300.115.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.115.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.115.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2023-01-26 14:26:42 UTC

SUSE-SU-2023:0152-1: An update that solves 19 vulnerabilities, contains three features and has 71 fixes is now available.

Category: security (important)
Bug References: 1065729,1151927,1156395,1157049,1190969,1203183,1203693,1203740,1204171,1204250,1204614,1204693,1204760,1204989,1205149,1205256,1205495,1205496,1205601,1205695,1206073,1206113,1206114,1206174,1206175,1206176,1206177,1206178,1206179,1206344,1206389,1206393,1206394,1206395,1206397,1206398,1206399,1206515,1206602,1206634,1206635,1206636,1206637,1206640,1206641,1206642,1206643,1206644,1206645,1206646,1206647,1206648,1206649,1206663,1206664,1206784,1206841,1206854,1206855,1206857,1206858,1206859,1206860,1206873,1206875,1206876,1206877,1206878,1206880,1206881,1206882,1206883,1206884,1206885,1206886,1206887,1206888,1206889,1206890,1206891,1206893,1206896,1206904,1207036,1207125,1207134,1207186,1207198,1207218,1207237
CVE References: CVE-2019-19083,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455
JIRA References: PED-1445,PED-1706,PED-568
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.109.1
SUSE Manager Server 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1
SUSE Manager Retail Branch Server 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1
SUSE Manager Proxy 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1
SUSE Linux Enterprise Server for SAP 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise Server 15-SP3-LTSS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1
SUSE Linux Enterprise Realtime Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-livepatch-SLE15-SP3_Update_28-1-150300.7.3.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1
SUSE Enterprise Storage 7.1 (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.