Bugzilla – Bug 1176069
VUL-0: CVE-2020-14386: kernel-source: local privilege escalation via memory corruption in net/packet/af_packet.c
Last modified: 2022-12-23 12:45:44 UTC
The bug was introduced with commit 8913336a7e8d56e984109a3137d6c0e3362596a4 Author: Patrick McHardy <kaber@trash.net> Date: Fri Jul 18 18:05:19 2008 -0700 packet: add PACKET_RESERVE sockopt Add new sockopt to reserve some headroom in the mmaped ring frames in front of the packet payload. This can be used f.i. when the VLAN header needs to be (re)constructed to avoid moving the entire payload. All supported kernels are likely affected.
(In reply to Wolfgang Frisch from comment #5) > All supported kernels are likely affected. Unprivileged user namespaces are only supported in our kernels based on 3.12 and newer. Without them, the bug can be only exploited by root.
(In reply to Michal Kubeček from comment #6) > (In reply to Wolfgang Frisch from comment #5) > > All supported kernels are likely affected. > > Unprivileged user namespaces are only supported in our kernels based on 3.12 > and newer. Without them, the bug can be only exploited by root. Thanks for the analysis. I adjusted our tracking accordingly.
via oss-security: Hi, This is an announcement of CVE-2020-14386. I also reported the issue netdev@...r.kernel.org and I'm waiting for approval of my proposed patch. The report is as follows: ( a proposed patch and a reproducer are attached) I discovered a bug which leads to a memory corruption in (net/packet/af_packet.c). It can be exploited to gain root privileges from unprivileged processes. To create AF_PACKET sockets you need CAP_NET_RAW in your network namespace, which can be acquired by unprivileged processes on systems where unprivileged namespaces are enabled (Ubuntu, Fedora, etc). I discovered the vulnerability while auditing the 5.7 kernel sources. The bug occurs in tpacket_rcv function, when calculating the netoff variable (unsigned short), po->tp_reserve (unsigned int) is added to it which can overflow netoff so it gets a small value. macoff is calculated using: "macoff = netoff - maclen", we can control macoff so it will receive a small value (specifically, smaller then sizeof(struct virtio_net_hdr)). Later, when running the following code: ... if (do_vnet && virtio_net_hdr_from_skb(skb, h.raw + macoff - sizeof(struct virtio_net_hdr), ... If do_vnet is set, and because macoff < sizeof(struct virtio_net_hdr) a pointer to a memory area before the h.raw buffer will be sent to virtio_net_hdr_from_skb. This can lead to an out-of-bounds write of 1-10 bytes, controlled by the user. The h.raw buffer is allocated in alloc_pg_vec and it's size is controlled by the user. The stack trace is as follows at the time of the crash: ( linux v5.7 ) #0 memset_erms () at arch/x86/lib/memset_64.S:66 #1 0xffffffff831934a6 in virtio_net_hdr_from_skb (little_endian=<optimized out>, has_data_valid=<optimized out>, vlan_hlen=<optimized out>, hdr=<optimized out>, skb=<optimized out>) at ./include/linux/virtio_net.h:134 #2 tpacket_rcv (skb=0xffff8881ef539940, dev=0xffff8881de534000, pt=<optimized out>, orig_dev=<optimized out>) at net/packet/af_packet.c:2287 #3 0xffffffff82c52e47 in dev_queue_xmit_nit (skb=0xffff8881ef5391c0, dev=<optimized out>) at net/core/dev.c:2276 #4 0xffffffff82c5e3d4 in xmit_one (more=<optimized out>, txq=<optimized out>, dev=<optimized out>, skb=<optimized out>) at net/core/dev.c:3473 #5 dev_hard_start_xmit (first=0xffffc900001c0ff6, dev=0x0 <fixed_percpu_data>, txq=0xa <fixed_percpu_data+10>, ret=<optimized out>) at net/core/dev.c:3493 #6 0xffffffff82c5fc7e in __dev_queue_xmit (skb=0xffff8881ef5391c0, sb_dev=<optimized out>) at net/core/dev.c:4052 #7 0xffffffff831982d3 in packet_snd (len=65536, msg=<optimized out>, sock=<optimized out>) 0001-net-packet-fix-overflow-in-tpacket_rcv at net/packet/af_packet.c:2979 #8 packet_sendmsg (sock=<optimized out>, msg=<optimized out>, len=65536) at net/packet/af_packet.c:3004 #9 0xffffffff82be09ed in sock_sendmsg_nosec (msg=<optimized out>, sock=<optimized out>) at net/socket.c:652 #10 sock_sendmsg (sock=0xffff8881e8ff56c0, msg=0xffff8881de56fd88) at net/socket.c:672 Files attached: A proposed patch - 0001-net-packet-fix-overflow-in-tpacket_rcv.patch A reproducer for the bug - trigger_bug.c We are currently working on an exploit for getting root privileges from unprivileged context using this bug.
The upstream submission (the original e-mail by author had the patch in an attachment): http://patchwork.ozlabs.org/project/netdev/patch/20200904040528.3635711-1-edumazet@google.com/ As far as I can say, the patch will fix the issue with u16 overflow but it would take more thorough analysis to make 100% sure if some problem cannot happen with netoff just below 65536. It would probably make sense to enforce a reasonable limit on PACKET_RESERVE socket option value. Note 1: the "local privilege escalation" claim is a bit unclear: while there is "It can be exploited to gain root privileges from unprivileged processes." in both announcements, the later one ends with "We are currently working on an exploit for getting root privileges" Note 2: to work on default SLE15-SP2 installation without net-tools-deprecated package, the proof of concept code needs to be modified by replacing "/sbin/ifup lo up" with "/sbin/ip link set lo up".
This is an autogenerated message for OBS integration: This bug (1176069) was mentioned in https://build.opensuse.org/request/show/832013 15.2 / kernel-source
from oss-sec solar designer: ... In the proposed patch you have: Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt") That commit was in July 2008. While this is technically correct, it can be misleading, so I am posting the below clarification/excerpt from the discussion on linux-distros: > On Wed, Sep 2, 2020 at 4:47 PM Eric Dumazet <edumazet@google.com> wrote: > > At the time of commit 8913336a7e8d virtio_net was not there yet. On Wed, Sep 02, 2020 at 05:14:03PM +0300, Or Cohen wrote: > This is the commit that introduced the feature and the arithmetic > overflow exists there, which is the root cause of the bug. > However, you are correct that it is probably not possible to trigger > the memory corruption because virtio_net is not there. I just looked into it some further, and it appears the bug was exposed to the known way to trigger it with 58d19b19cd99 ("packet: vnet_hdr support for tpacket_rcv") in February 2016, which first got into 4.6-rc1.
(In reply to Marcus Meissner from comment #15) > In the proposed patch you have: > > Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt") > > That commit was in July 2008. > > While this is technically correct, it can be misleading, so I am posting > the below clarification/excerpt from the discussion on linux-distros: > > > On Wed, Sep 2, 2020 at 4:47 PM Eric Dumazet <edumazet@google.com> wrote: > > > At the time of commit 8913336a7e8d virtio_net was not there yet. > > On Wed, Sep 02, 2020 at 05:14:03PM +0300, Or Cohen wrote: > > This is the commit that introduced the feature and the arithmetic > > overflow exists there, which is the root cause of the bug. > > However, you are correct that it is probably not possible to trigger > > the memory corruption because virtio_net is not there. > > I just looked into it some further, and it appears the bug was exposed > to the known way to trigger it with 58d19b19cd99 ("packet: vnet_hdr > support for tpacket_rcv") in February 2016, which first got into 4.6-rc1. On the other hand, even before that, one could still use the u16 overflow via PACKET_RESERVE socket option to make netoff and macoff smaller than the space used for tpacket metadata. I don't see an immediate way to enforce a buffer overflow but it would be certainly possible to make macoff = 0 so that tpacket*_hdr would overlap with packet data. We are a bit lucky that packet contents is copied there before tpacket*_hdr is constructed but with sufficiently small snaplen (which is easy to do), we might allocate too short frame so that just filling tpacket header might write past it.
thats why I would like to be on the safe side and fix it with online updates right now. I think we can skip the 3.0 based 11-sp4 ltss currently (but should put it in the next update for it).
SLE15-SP2 update has been submitted. Created users/mkubecek/cve/linux-4.12/for-next users/mkubecek/cve/linux-3.12/for-next The 4.4 based branches were handled by Oscar Salvador based on an off-bugzilla discussions. The patch applies cleanly anywhere down to 3.12 but branches based on 4.12 and older need to change the stats update from atomic_inc(&po->tp_drops); to po->stats.stats1.tp_drops++;
Submitted the fix to master stable SLE15-SP2 cve/linux-4.12 cve/linux-4.4 cve/linux-3.12 but let's keep the bug open until things settle down and the fix reaches at least the net tree.
This is an autogenerated message for OBS integration: This bug (1176069) was mentioned in https://build.opensuse.org/request/show/832390 15.1 / kernel-source
The fix is in mainline now as commit acf69c946233 ("net/packet: fix overflow in tpacket_rcv") and is present in 5.9-rc4.
openSUSE-SU-2020:1379-1: An update that solves one vulnerability and has 6 fixes is now available. Category: security (important) Bug References: 1058115,1112178,1136666,1171558,1173060,1175691,1176069 CVE References: CVE-2020-14386 JIRA References: Sources used: openSUSE Leap 15.1 (src): kernel-debug-4.12.14-lp151.28.67.2, kernel-default-4.12.14-lp151.28.67.2, kernel-docs-4.12.14-lp151.28.67.3, kernel-kvmsmall-4.12.14-lp151.28.67.2, kernel-obs-build-4.12.14-lp151.28.67.2, kernel-obs-qa-4.12.14-lp151.28.67.2, kernel-source-4.12.14-lp151.28.67.1, kernel-syms-4.12.14-lp151.28.67.1, kernel-vanilla-4.12.14-lp151.28.67.2
openSUSE-SU-2020:1382-1: An update that solves two vulnerabilities and has 40 fixes is now available. Category: security (important) Bug References: 1065729,1071995,1085030,1133021,1154492,1156395,1159058,1160634,1169790,1171634,1171688,1172108,1172418,1172871,1173485,1173798,1174003,1174026,1174387,1174699,1174771,1174777,1174800,1175128,1175199,1175232,1175440,1175493,1175546,1175550,1175654,1175691,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175834,1175873,1176069 CVE References: CVE-2020-14314,CVE-2020-14386 JIRA References: Sources used: openSUSE Leap 15.2 (src): kernel-debug-5.3.18-lp152.41.1, kernel-default-5.3.18-lp152.41.1, kernel-default-base-5.3.18-lp152.41.1.lp152.8.6.2, kernel-docs-5.3.18-lp152.41.1, kernel-kvmsmall-5.3.18-lp152.41.1, kernel-obs-build-5.3.18-lp152.41.1, kernel-obs-qa-5.3.18-lp152.41.1, kernel-preempt-5.3.18-lp152.41.1, kernel-source-5.3.18-lp152.41.1, kernel-syms-5.3.18-lp152.41.1
SUSE-SU-2020:2574-1: An update that solves 7 vulnerabilities and has 131 fixes is now available. Category: security (important) Bug References: 1058115,1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069 CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394 JIRA References: Sources used: SUSE Linux Enterprise Live Patching 12-SP5 (src): kernel-default-4.12.14-122.37.1, kgraft-patch-SLE12-SP5_Update_9-1-8.5.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2574-1: An update that solves 7 vulnerabilities and has 131 fixes is now available. Category: security (important) Bug References: 1058115,1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069 CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 12-SP5 (src): kernel-default-4.12.14-122.37.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): kernel-docs-4.12.14-122.37.1, kernel-obs-build-4.12.14-122.37.1 SUSE Linux Enterprise Server 12-SP5 (src): kernel-default-4.12.14-122.37.1, kernel-source-4.12.14-122.37.1, kernel-syms-4.12.14-122.37.1 SUSE Linux Enterprise Live Patching 12-SP5 (src): kernel-default-4.12.14-122.37.1, kgraft-patch-SLE12-SP5_Update_9-1-8.5.1 SUSE Linux Enterprise High Availability 12-SP5 (src): kernel-default-4.12.14-122.37.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2575-1: An update that solves 8 vulnerabilities and has 121 fixes is now available. Category: security (important) Bug References: 1058115,1065600,1065729,1071995,1083548,1085030,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1171988,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069 CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP1 (src): kernel-default-4.12.14-197.56.1 SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src): kernel-default-4.12.14-197.56.1 SUSE Linux Enterprise Module for Development Tools 15-SP1 (src): kernel-docs-4.12.14-197.56.1, kernel-obs-build-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-syms-4.12.14-197.56.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): kernel-default-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-zfcpdump-4.12.14-197.56.1 SUSE Linux Enterprise High Availability 15-SP1 (src): kernel-default-4.12.14-197.56.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2576-1: An update that solves 5 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1152107,1173798,1174205,1174757,1175691,1176069 CVE References: CVE-2019-16746,CVE-2020-14314,CVE-2020-14331,CVE-2020-14386,CVE-2020-16166 JIRA References: Sources used: SUSE OpenStack Cloud 7 (src): kernel-default-4.4.121-92.141.1, kernel-source-4.4.121-92.141.1, kernel-syms-4.4.121-92.141.1, kgraft-patch-SLE12-SP2_Update_37-1-3.3.1 SUSE Linux Enterprise Server for SAP 12-SP2 (src): kernel-default-4.4.121-92.141.1, kernel-source-4.4.121-92.141.1, kernel-syms-4.4.121-92.141.1, kgraft-patch-SLE12-SP2_Update_37-1-3.3.1 SUSE Linux Enterprise Server 12-SP2-LTSS (src): kernel-default-4.4.121-92.141.1, kernel-source-4.4.121-92.141.1, kernel-syms-4.4.121-92.141.1, kgraft-patch-SLE12-SP2_Update_37-1-3.3.1 SUSE Linux Enterprise Server 12-SP2-BCL (src): kernel-default-4.4.121-92.141.1, kernel-source-4.4.121-92.141.1, kernel-syms-4.4.121-92.141.1 SUSE Linux Enterprise High Availability 12-SP2 (src): kernel-default-4.4.121-92.141.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2579-1: An update that solves one vulnerability and has 6 fixes is now available. Category: security (important) Bug References: 1058115,1112178,1136666,1171558,1173060,1175691,1176069 CVE References: CVE-2020-14386 JIRA References: Sources used: SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src): kernel-azure-4.12.14-8.44.1, kernel-source-azure-4.12.14-8.44.1, kernel-syms-azure-4.12.14-8.44.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2577-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1176069 CVE References: CVE-2020-14386 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP2 (src): kernel-default-5.3.18-24.15.1 SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src): kernel-default-5.3.18-24.15.1 SUSE Linux Enterprise Module for Development Tools 15-SP2 (src): kernel-docs-5.3.18-24.15.2, kernel-obs-build-5.3.18-24.15.1, kernel-preempt-5.3.18-24.15.1, kernel-source-5.3.18-24.15.1, kernel-syms-5.3.18-24.15.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): kernel-default-5.3.18-24.15.1, kernel-preempt-5.3.18-24.15.1, kernel-source-5.3.18-24.15.1 SUSE Linux Enterprise High Availability 15-SP2 (src): kernel-default-5.3.18-24.15.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2580-1: An update that solves one vulnerability and has 30 fixes is now available. Category: security (important) Bug References: 1065600,1136666,1152148,1155798,1156395,1170232,1171000,1171073,1171558,1172419,1172873,1173060,1173267,1174029,1174110,1174111,1174484,1174486,1175263,1175667,1175787,1175952,1175996,1175997,1175998,1175999,1176000,1176001,1176022,1176063,1176069 CVE References: CVE-2020-14386 JIRA References: Sources used: SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src): kernel-azure-5.3.18-18.18.1, kernel-source-azure-5.3.18-18.18.1, kernel-syms-azure-5.3.18-18.18.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2575-1: An update that solves 8 vulnerabilities and has 121 fixes is now available. Category: security (important) Bug References: 1058115,1065600,1065729,1071995,1083548,1085030,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1171988,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069 CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP1 (src): kernel-default-4.12.14-197.56.1 SUSE Linux Enterprise Module for Live Patching 15-SP1 (src): kernel-default-4.12.14-197.56.1, kernel-livepatch-SLE15-SP1_Update_15-1-3.3.2 SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src): kernel-default-4.12.14-197.56.1 SUSE Linux Enterprise Module for Development Tools 15-SP1 (src): kernel-docs-4.12.14-197.56.1, kernel-obs-build-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-syms-4.12.14-197.56.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): kernel-default-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-zfcpdump-4.12.14-197.56.1 SUSE Linux Enterprise High Availability 15-SP1 (src): kernel-default-4.12.14-197.56.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2578-1: An update that solves one vulnerability and has 6 fixes is now available. Category: security (important) Bug References: 1058115,1112178,1136666,1171558,1173060,1175691,1176069 CVE References: CVE-2020-14386 JIRA References: Sources used: SUSE Linux Enterprise Server 12-SP5 (src): kernel-azure-4.12.14-16.28.1, kernel-source-azure-4.12.14-16.28.1, kernel-syms-azure-4.12.14-16.28.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2577-1: An update that fixes one vulnerability is now available. Category: security (important) Bug References: 1176069 CVE References: CVE-2020-14386 JIRA References: Sources used: SUSE Linux Enterprise Workstation Extension 15-SP2 (src): kernel-default-5.3.18-24.15.1 SUSE Linux Enterprise Module for Live Patching 15-SP2 (src): kernel-default-5.3.18-24.15.1, kernel-livepatch-SLE15-SP2_Update_3-1-5.3.1 SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src): kernel-default-5.3.18-24.15.1 SUSE Linux Enterprise Module for Development Tools 15-SP2 (src): kernel-docs-5.3.18-24.15.2, kernel-obs-build-5.3.18-24.15.1, kernel-preempt-5.3.18-24.15.1, kernel-source-5.3.18-24.15.1, kernel-syms-5.3.18-24.15.1 SUSE Linux Enterprise Module for Basesystem 15-SP2 (src): kernel-default-5.3.18-24.15.1, kernel-preempt-5.3.18-24.15.1, kernel-source-5.3.18-24.15.1 SUSE Linux Enterprise High Availability 15-SP2 (src): kernel-default-5.3.18-24.15.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2582-1: An update that solves 5 vulnerabilities and has 5 fixes is now available. Category: security (important) Bug References: 1152107,1173798,1174205,1174757,1174771,1175112,1175127,1175228,1175691,1176069 CVE References: CVE-2019-16746,CVE-2020-14314,CVE-2020-14331,CVE-2020-14386,CVE-2020-16166 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 8 (src): kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1 SUSE OpenStack Cloud 8 (src): kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1 SUSE Linux Enterprise High Availability 12-SP3 (src): kernel-default-4.4.180-94.130.1 SUSE Enterprise Storage 5 (src): kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1 HPE Helion Openstack 8 (src): kernel-default-4.4.180-94.130.1, kernel-source-4.4.180-94.130.1, kernel-syms-4.4.180-94.130.1, kgraft-patch-SLE12-SP3_Update_35-1-4.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2610-1: An update that solves 8 vulnerabilities and has 12 fixes is now available. Category: security (important) Bug References: 1058115,1071995,1154366,1165629,1165631,1171988,1172428,1173798,1174205,1174757,1175112,1175122,1175128,1175204,1175213,1175515,1175518,1175691,1175992,1176069 CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394 JIRA References: Sources used: SUSE Linux Enterprise Server for SAP 15 (src): kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1 SUSE Linux Enterprise Server 15-LTSS (src): kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1, kernel-zfcpdump-4.12.14-150.58.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1 SUSE Linux Enterprise High Availability 15 (src): kernel-default-4.12.14-150.58.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2610-1: An update that solves 8 vulnerabilities and has 12 fixes is now available. Category: security (important) Bug References: 1058115,1071995,1154366,1165629,1165631,1171988,1172428,1173798,1174205,1174757,1175112,1175122,1175128,1175204,1175213,1175515,1175518,1175691,1175992,1176069 CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394 JIRA References: Sources used: SUSE Linux Enterprise Server for SAP 15 (src): kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1 SUSE Linux Enterprise Server 15-LTSS (src): kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1, kernel-zfcpdump-4.12.14-150.58.1 SUSE Linux Enterprise Module for Live Patching 15 (src): kernel-default-4.12.14-150.58.1, kernel-livepatch-SLE15_Update_20-1-1.3.1 SUSE Linux Enterprise High Performance Computing 15-LTSS (src): kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1 SUSE Linux Enterprise High Performance Computing 15-ESPOS (src): kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1 SUSE Linux Enterprise High Availability 15 (src): kernel-default-4.12.14-150.58.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2623-1: An update that solves 8 vulnerabilities and has 17 fixes is now available. Category: security (important) Bug References: 1058115,1071995,1144333,1154366,1165629,1171988,1172428,1172963,1173798,1173954,1174205,1174689,1174699,1174757,1174784,1174978,1175112,1175127,1175213,1175228,1175515,1175518,1175691,1175749,1176069 CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394 JIRA References: Sources used: SUSE Linux Enterprise Live Patching 12-SP4 (src): kernel-default-4.12.14-95.60.1, kgraft-patch-SLE12-SP4_Update_16-1-6.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:2623-1: An update that solves 8 vulnerabilities and has 17 fixes is now available. Category: security (important) Bug References: 1058115,1071995,1144333,1154366,1165629,1171988,1172428,1172963,1173798,1173954,1174205,1174689,1174699,1174757,1174784,1174978,1175112,1175127,1175213,1175228,1175515,1175518,1175691,1175749,1176069 CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1 SUSE OpenStack Cloud 9 (src): kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1 SUSE Linux Enterprise Live Patching 12-SP4 (src): kernel-default-4.12.14-95.60.1, kgraft-patch-SLE12-SP4_Update_16-1-6.3.1 SUSE Linux Enterprise High Availability 12-SP4 (src): kernel-default-4.12.14-95.60.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Regression test accepted into LTP and failing on SLE15-SP3 48.1: https://openqa.suse.de/tests/4755804#step/cve-2020-14386/6
openSUSE-SU-2020:1655-1: An update that solves 12 vulnerabilities and has 59 fixes is now available. Category: security (important) Bug References: 1055186,1065600,1065729,1094244,1112178,1113956,1154366,1167527,1168468,1169972,1171675,1171688,1171742,1173115,1174899,1175228,1175749,1175882,1176011,1176022,1176038,1176069,1176235,1176242,1176278,1176316,1176317,1176318,1176319,1176320,1176321,1176381,1176423,1176482,1176507,1176536,1176544,1176545,1176546,1176548,1176659,1176698,1176699,1176700,1176721,1176722,1176725,1176732,1176788,1176789,1176869,1176877,1176935,1176950,1176962,1176966,1176990,1177030,1177041,1177042,1177043,1177044,1177121,1177206,1177258,1177291,1177293,1177294,1177295,1177296,962356 CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-14381,CVE-2020-14386,CVE-2020-14390,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-26088 JIRA References: Sources used: openSUSE Leap 15.1 (src): kernel-debug-4.12.14-lp151.28.71.2, kernel-default-4.12.14-lp151.28.71.2, kernel-docs-4.12.14-lp151.28.71.1, kernel-kvmsmall-4.12.14-lp151.28.71.2, kernel-obs-build-4.12.14-lp151.28.71.2, kernel-obs-qa-4.12.14-lp151.28.71.2, kernel-source-4.12.14-lp151.28.71.1, kernel-syms-4.12.14-lp151.28.71.1, kernel-vanilla-4.12.14-lp151.28.71.2
SUSE-SU-2020:2999-1: An update that solves 15 vulnerabilities and has 84 fixes is now available. Category: security (important) Bug References: 1055186,1058115,1065600,1065729,1094244,1112178,1113956,1136666,1152148,1154366,1163524,1165629,1166965,1167527,1168468,1169790,1169972,1170232,1171558,1171675,1171688,1171742,1172073,1172538,1172873,1173060,1173115,1174003,1174354,1174899,1175228,1175515,1175520,1175528,1175667,1175691,1175716,1175749,1175873,1175882,1176011,1176022,1176038,1176069,1176235,1176242,1176278,1176316,1176317,1176318,1176319,1176320,1176321,1176381,1176395,1176410,1176423,1176482,1176507,1176536,1176544,1176545,1176546,1176548,1176659,1176698,1176699,1176700,1176721,1176722,1176725,1176732,1176788,1176789,1176869,1176877,1176935,1176946,1176950,1176962,1176966,1176990,1177027,1177030,1177041,1177042,1177043,1177044,1177121,1177206,1177258,1177291,1177293,1177294,1177295,1177296,1177340,1177511,802154 CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-14381,CVE-2020-14386,CVE-2020-14390,CVE-2020-1749,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-26088 JIRA References: Sources used: SUSE Linux Enterprise Real Time Extension 12-SP5 (src): kernel-rt-4.12.14-10.19.1, kernel-rt_debug-4.12.14-10.19.1, kernel-source-rt-4.12.14-10.19.1, kernel-syms-rt-4.12.14-10.19.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:3014-1: An update that solves 14 vulnerabilities and has 78 fixes is now available. Category: security (important) Bug References: 1055186,1058115,1065600,1065729,1094244,1112178,1113956,1136666,1140683,1152148,1154366,1163524,1165629,1166965,1167527,1169972,1170232,1171558,1171688,1171742,1172073,1172538,1172873,1173060,1173115,1174748,1174899,1175228,1175520,1175667,1175691,1175749,1175882,1176011,1176022,1176038,1176069,1176235,1176242,1176278,1176316,1176317,1176318,1176319,1176320,1176321,1176381,1176395,1176400,1176410,1176423,1176482,1176507,1176536,1176544,1176545,1176546,1176548,1176659,1176698,1176699,1176700,1176721,1176722,1176725,1176732,1176788,1176789,1176869,1176877,1176935,1176946,1176950,1176962,1176966,1176990,1177027,1177030,1177041,1177042,1177043,1177044,1177121,1177206,1177258,1177291,1177293,1177294,1177295,1177296,1177340,1177511 CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-14381,CVE-2020-14386,CVE-2020-14390,CVE-2020-1749,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-26088 JIRA References: Sources used: SUSE Linux Enterprise Module for Realtime 15-SP1 (src): kernel-rt-4.12.14-14.36.1, kernel-rt_debug-4.12.14-14.36.1, kernel-source-rt-4.12.14-14.36.1, kernel-syms-rt-4.12.14-14.36.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:3503-1: An update that solves 21 vulnerabilities and has 21 fixes is now available. Category: security (important) Bug References: 1065600,1083244,1121826,1121872,1157298,1160917,1170415,1175228,1175306,1175721,1175749,1176011,1176069,1176235,1176253,1176278,1176381,1176382,1176423,1176482,1176721,1176722,1176725,1176816,1176896,1176990,1177027,1177086,1177121,1177165,1177206,1177226,1177410,1177411,1177511,1177513,1177725,1177766,1177816,1178123,1178622,1178782 CVE References: CVE-2017-18204,CVE-2019-19063,CVE-2019-6133,CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-12352,CVE-2020-14351,CVE-2020-14381,CVE-2020-14390,CVE-2020-25212,CVE-2020-25284,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25705,CVE-2020-26088,CVE-2020-8694 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 8 (src): kernel-default-4.4.180-94.135.1, kernel-source-4.4.180-94.135.1, kernel-syms-4.4.180-94.135.1, kgraft-patch-SLE12-SP3_Update_36-1-4.5.1 SUSE OpenStack Cloud 8 (src): kernel-default-4.4.180-94.135.1, kernel-source-4.4.180-94.135.1, kernel-syms-4.4.180-94.135.1, kgraft-patch-SLE12-SP3_Update_36-1-4.5.1 SUSE Linux Enterprise Server for SAP 12-SP3 (src): kernel-default-4.4.180-94.135.1, kernel-source-4.4.180-94.135.1, kernel-syms-4.4.180-94.135.1, kgraft-patch-SLE12-SP3_Update_36-1-4.5.1 SUSE Linux Enterprise Server 12-SP3-LTSS (src): kernel-default-4.4.180-94.135.1, kernel-source-4.4.180-94.135.1, kernel-syms-4.4.180-94.135.1, kgraft-patch-SLE12-SP3_Update_36-1-4.5.1 SUSE Linux Enterprise Server 12-SP3-BCL (src): kernel-default-4.4.180-94.135.1, kernel-source-4.4.180-94.135.1, kernel-syms-4.4.180-94.135.1 SUSE Linux Enterprise High Availability 12-SP3 (src): kernel-default-4.4.180-94.135.1 SUSE Enterprise Storage 5 (src): kernel-default-4.4.180-94.135.1, kernel-source-4.4.180-94.135.1, kernel-syms-4.4.180-94.135.1, kgraft-patch-SLE12-SP3_Update_36-1-4.5.1 HPE Helion Openstack 8 (src): kernel-default-4.4.180-94.135.1, kernel-source-4.4.180-94.135.1, kernel-syms-4.4.180-94.135.1, kgraft-patch-SLE12-SP3_Update_36-1-4.5.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Released.
openSUSE-SU-2021:0242-1: An update that solves 79 vulnerabilities and has 676 fixes is now available. Category: security (moderate) Bug References: 1034995,1040855,1043347,1044120,1044767,1055014,1055117,1055186,1058115,1061843,1065600,1065729,1066382,1071995,1077428,1085030,1094244,1094840,1109695,1115431,1120163,1129923,1133021,1134760,1136666,1138374,1139944,1148868,1149032,1152148,1152457,1152472,1152489,1153274,1154353,1154488,1154492,1154824,1155518,1155798,1156315,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1158775,1158983,1159058,1159781,1159867,1159886,1160388,1160634,1160947,1161099,1161495,1162002,1162063,1162209,1162400,1162702,1163592,1163727,1164648,1164777,1164780,1165211,1165455,1165629,1165692,1165933,1165975,1166146,1166166,1166340,1166965,1166985,1167030,1167104,1167527,1167651,1167657,1167773,1167851,1168230,1168461,1168468,1168779,1168838,1168952,1168959,1169021,1169094,1169194,1169263,1169514,1169681,1169763,1169771,1169790,1169795,1170011,1170139,1170232,1170284,1170415,1170442,1170617,1170621,1170774,1170879,1170891,1170895,1171000,1171068,1171073,1171078,1171117,1171150,1171156,1171189,1171191,1171218,1171219,1171220,1171236,1171242,1171246,1171285,1171293,1171374,1171390,1171391,1171392,1171417,1171426,1171507,1171513,1171514,1171529,1171530,1171558,1171634,1171644,1171662,1171675,1171688,1171699,1171709,1171730,1171732,1171736,1171739,1171742,1171743,1171759,1171773,1171774,1171775,1171776,1171777,1171778,1171779,1171780,1171781,1171782,1171783,1171784,1171785,1171786,1171787,1171788,1171789,1171790,1171791,1171792,1171793,1171794,1171795,1171796,1171797,1171798,1171799,1171810,1171827,1171828,1171832,1171833,1171834,1171835,1171839,1171840,1171841,1171842,1171843,1171844,1171849,1171857,1171868,1171904,1171915,1171982,1171983,1171988,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172108,1172145,1172169,1172170,1172197,1172201,1172208,1172223,1172247,1172317,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172418,1172419,1172453,1172458,1172467,1172484,1172537,1172543,1172687,1172719,1172733,1172739,1172751,1172757,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172871,1172873,1172938,1172939,1172940,1172956,1172963,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173017,1173068,1173074,1173085,1173115,1173139,1173206,1173267,1173271,1173280,1173284,1173428,1173438,1173461,1173468,1173485,1173514,1173552,1173573,1173625,1173746,1173776,1173798,1173813,1173817,1173818,1173820,1173822,1173823,1173824,1173825,1173826,1173827,1173828,1173830,1173831,1173832,1173833,1173834,1173836,1173837,1173838,1173839,1173841,1173843,1173844,1173845,1173847,1173849,1173860,1173894,1173941,1173954,1174002,1174003,1174018,1174026,1174029,1174072,1174098,1174110,1174111,1174116,1174126,1174127,1174128,1174129,1174146,1174185,1174205,1174244,1174263,1174264,1174331,1174332,1174333,1174345,1174356,1174358,1174362,1174387,1174396,1174398,1174407,1174409,1174411,1174438,1174462,1174484,1174486,1174513,1174527,1174625,1174627,1174645,1174689,1174699,1174737,1174748,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174899,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175079,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175306,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175480,1175493,1175546,1175550,1175599,1175621,1175654,1175667,1175691,1175718,1175721,1175749,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175787,1175807,1175834,1175873,1175882,1175898,1175918,1175952,1175995,1175996,1175997,1175998,1175999,1176000,1176001,1176019,1176022,1176038,1176063,1176069,1176109,1176137,1176180,1176200,1176235,1176236,1176237,1176242,1176354,1176357,1176358,1176359,1176360,1176361,1176362,1176363,1176364,1176365,1176366,1176367,1176381,1176396,1176400,1176423,1176449,1176481,1176485,1176486,1176507,1176536,1176537,1176538,1176539,1176540,1176541,1176542,1176543,1176544,1176545,1176546,1176548,1176558,1176559,1176564,1176586,1176587,1176588,1176659,1176698,1176699,1176700,1176713,1176721,1176722,1176725,1176732,1176763,1176775,1176788,1176789,1176833,1176855,1176869,1176877,1176907,1176925,1176942,1176956,1176962,1176979,1176980,1176983,1176990,1177021,1177030,1177066,1177070,1177086,1177090,1177109,1177121,1177193,1177194,1177206,1177258,1177271,1177281,1177283,1177284,1177285,1177286,1177297,1177326,1177353,1177384,1177397,1177410,1177411,1177470,1177500,1177511,1177617,1177666,1177679,1177681,1177683,1177687,1177694,1177697,1177698,1177703,1177719,1177724,1177725,1177726,1177733,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177820,1177854,1177855,1177856,1177861,1178002,1178049,1178079,1178123,1178166,1178173,1178175,1178176,1178177,1178182,1178183,1178184,1178185,1178186,1178190,1178191,1178203,1178227,1178246,1178255,1178270,1178286,1178307,1178330,1178393,1178395,1178401,1178426,1178461,1178579,1178581,1178584,1178585,1178589,1178590,1178612,1178634,1178635,1178653,1178659,1178660,1178661,1178669,1178686,1178740,1178755,1178756,1178762,1178780,1178838,1178853,1178886,1179001,1179012,1179014,1179015,1179045,1179076,1179082,1179107,1179140,1179141,1179160,1179201,1179204,1179211,1179217,1179419,1179424,1179425,1179426,1179427,1179429,1179432,1179434,1179435,1179442,1179519,1179550,1179575,1179578,1179601,1179604,1179639,1179652,1179656,1179670,1179671,1179672,1179673,1179675,1179676,1179677,1179678,1179679,1179680,1179681,1179682,1179683,1179684,1179685,1179687,1179688,1179689,1179690,1179703,1179704,1179707,1179709,1179710,1179711,1179712,1179713,1179714,1179715,1179716,1179745,1179763,1179887,1179888,1179892,1179896,1179960,1179963,1180027,1180029,1180031,1180052,1180056,1180086,1180117,1180258,1180261,1180349,1180506,1180541,1180559,1180566,173030,744692,789311,954532,995541 CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-0110,CVE-2020-0305,CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-0543,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-10781,CVE-2020-11668,CVE-2020-12351,CVE-2020-12352,CVE-2020-12652,CVE-2020-12656,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14314,CVE-2020-14331,CVE-2020-14351,CVE-2020-14356,CVE-2020-14385,CVE-2020-14386,CVE-2020-14390,CVE-2020-14416,CVE-2020-15393,CVE-2020-15436,CVE-2020-15437,CVE-2020-15780,CVE-2020-16120,CVE-2020-16166,CVE-2020-1749,CVE-2020-24490,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25669,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-27830,CVE-2020-28915,CVE-2020-28941,CVE-2020-28974,CVE-2020-29369,CVE-2020-29370,CVE-2020-29371,CVE-2020-29373,CVE-2020-29660,CVE-2020-29661,CVE-2020-36158,CVE-2020-4788,CVE-2020-8694 JIRA References: Sources used: openSUSE Leap 15.2 (src): kernel-rt-5.3.18-lp152.3.5.1, kernel-rt_debug-5.3.18-lp152.3.5.1, kernel-source-rt-5.3.18-lp152.3.5.1, kernel-syms-rt-5.3.18-lp152.3.5.1