Bug 1192045 – VUL-0: CVE-2021-0941: kernel-source-rt,kernel-source,kernel-source-azure: In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free

Bug 1192045 - (CVE-2021-0941) VUL-0: CVE-2021-0941: kernel-source-rt,kernel-source,kernel-source-azure: In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free

(CVE-2021-0941)
Summary:	VUL-0: CVE-2021-0941: kernel-source-rt,kernel-source,kernel-source-azure: In ...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/313505/
Whiteboard:	CVSSv3.1:SUSE:CVE-2021-0941:7.5:(AV:N...
Keywords:

Depends on:
Blocks:	1192048
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2021-10-26 14:01 UTC by Gianluca Gabrielli
Modified:	2022-03-04 22:21 UTC (History)
CC List:	7 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Gianluca Gabrielli 2021-10-26 14:01:43 UTC

In bpf_skb_change_head of filter.c, there is a possible out of bounds read due
to a use after free. This could lead to local escalation of privilege with
System execution privileges needed. User interaction is not needed for
exploitation.Product: AndroidVersions: Android kernelAndroid ID:
A-154177719References: Upstream kernel

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-0941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0941
https://source.android.com/security/bulletin/pixel/2021-10-01

Comment 1 Gianluca Gabrielli 2021-10-26 14:03:54 UTC

Affected branches:
 - cve/linux-4.12
 - SLE12-SP5

Already fixed:
 - SLE15-SP2
 - SLE15-SP3
 - SLE15-SP4
 - stable

Fixing commit: 6306c1189e77a513bf02720450bb43bd4ba5d8ae

Comment 8 Shung-Hsi Yu 2021-11-19 03:39:30 UTC

(In reply to Gianluca Gabrielli from comment #1)
> Affected branches:
>  - cve/linux-4.12
>  - SLE12-SP5
> 
> Already fixed:
>  - SLE15-SP2
>  - SLE15-SP3
>  - SLE15-SP4
>  - stable
> 
> Fixing commit: 6306c1189e77a513bf02720450bb43bd4ba5d8ae

Agree with the assessment.

6306c1189e77 ("bpf: Remove MTU check in `__bpf_skb_max_len`"), added in v5.12 (so SLE15-SP4 also has it), and was backported by Gary back in 2021/04 to SLE15-SP2, and thus SLE15-SP3.

4.4-based and earlier branches does not have `__bpf_skb_max_len()`, which was  added in 5293efe62df8 ("bpf: add `bpf_skb_change_tail` helper") to v4.9, but we didn't backport it so they're not vulnerable.

Comment 9 Shung-Hsi Yu 2021-11-19 06:41:52 UTC

Add patch to the following branches:
- cve/linux-4.12
- SLE12-SP5 (patch from cve/linux-4.12 won't apply cleanly)

Update patch to add CVE and bsc reference on the following branch:
- SLE15-SP2 (SLE15-SP3 will inherit from here)

Assigning bug back to security team.

Comment 12 OBSbugzilla Bot 2021-11-22 23:41:19 UTC

This is an autogenerated message for OBS integration:
This bug (1192045) was mentioned in
https://build.opensuse.org/request/show/933172 15.2 / kernel-source

Comment 19 Swamp Workflow Management 2021-11-24 20:28:25 UTC

openSUSE-SU-2021:1501-1: An update that solves 6 vulnerabilities, contains one feature and has 22 fixes is now available.

Category: security (important)
Bug References: 1094840,1133021,1152489,1169263,1170269,1188601,1190523,1190795,1191790,1191851,1191958,1191961,1191980,1192045,1192229,1192267,1192273,1192328,1192718,1192740,1192745,1192750,1192753,1192781,1192802,1192896,1192906,1192918
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981,CVE-2021-37159,CVE-2021-43389
JIRA References: SLE-22573
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.106.1, kernel-default-5.3.18-lp152.106.1, kernel-default-base-5.3.18-lp152.106.1.lp152.8.52.1, kernel-docs-5.3.18-lp152.106.1, kernel-kvmsmall-5.3.18-lp152.106.1, kernel-obs-build-5.3.18-lp152.106.1, kernel-obs-qa-5.3.18-lp152.106.1, kernel-preempt-5.3.18-lp152.106.1, kernel-source-5.3.18-lp152.106.1, kernel-syms-5.3.18-lp152.106.1

Comment 21 Swamp Workflow Management 2021-11-25 17:20:16 UTC

SUSE-SU-2021:3806-1: An update that solves 6 vulnerabilities, contains one feature and has 35 fixes is now available.

Category: security (important)
Bug References: 1094840,1133021,1152489,1154353,1157177,1167773,1169263,1170269,1176940,1180749,1184924,1188601,1190523,1190795,1191628,1191790,1191851,1191958,1191961,1191980,1192045,1192217,1192229,1192267,1192273,1192288,1192328,1192375,1192473,1192549,1192718,1192740,1192745,1192750,1192753,1192758,1192781,1192802,1192896,1192906,1192918
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981,CVE-2021-37159,CVE-2021-43389
JIRA References: SLE-22573
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.31.1, kernel-source-azure-5.3.18-38.31.1, kernel-syms-azure-5.3.18-38.31.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 22 Swamp Workflow Management 2021-11-25 17:29:43 UTC

openSUSE-SU-2021:3806-1: An update that solves 6 vulnerabilities, contains one feature and has 35 fixes is now available.

Category: security (important)
Bug References: 1094840,1133021,1152489,1154353,1157177,1167773,1169263,1170269,1176940,1180749,1184924,1188601,1190523,1190795,1191628,1191790,1191851,1191958,1191961,1191980,1192045,1192217,1192229,1192267,1192273,1192288,1192328,1192375,1192473,1192549,1192718,1192740,1192745,1192750,1192753,1192758,1192781,1192802,1192896,1192906,1192918
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981,CVE-2021-37159,CVE-2021-43389
JIRA References: SLE-22573
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.31.1, kernel-source-azure-5.3.18-38.31.1, kernel-syms-azure-5.3.18-38.31.1

Comment 23 Swamp Workflow Management 2021-11-25 17:35:46 UTC

SUSE-SU-2021:3807-1: An update that solves 6 vulnerabilities and has 23 fixes is now available.

Category: security (important)
Bug References: 1094840,1152489,1169263,1170269,1188601,1190523,1190795,1191628,1191790,1191851,1191958,1191961,1191980,1192045,1192229,1192267,1192273,1192328,1192549,1192718,1192740,1192745,1192750,1192753,1192781,1192802,1192896,1192906,1192918
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981,CVE-2021-37159,CVE-2021-43389
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.75.1, kernel-source-azure-5.3.18-18.75.1, kernel-syms-azure-5.3.18-18.75.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2021-12-01 20:45:59 UTC

SUSE-SU-2021:3848-1: An update that solves 6 vulnerabilities, contains one feature and has 16 fixes is now available.

Category: security (important)
Bug References: 1094840,1114648,1141655,1188601,1190351,1190397,1190523,1190795,1191713,1191790,1191888,1191961,1192045,1192267,1192273,1192379,1192718,1192750,1192753,1192781,1192802,1192906
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981,CVE-2021-37159,CVE-2021-3772
JIRA References: SLE-22573
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.80.1, kernel-source-azure-4.12.14-16.80.1, kernel-syms-azure-4.12.14-16.80.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Swamp Workflow Management 2021-12-02 11:27:57 UTC

openSUSE-SU-2021:3876-1: An update that solves 43 vulnerabilities, contains one feature and has 26 fixes is now available.

Category: security (important)
Bug References: 1100416,1108488,1129735,1129898,1133374,1136513,1171420,1176724,1177666,1181158,1184673,1184804,1185377,1185726,1185758,1185973,1186078,1186109,1186390,1186482,1186672,1188062,1188063,1188172,1188563,1188601,1188616,1188838,1188876,1188983,1188985,1189057,1189262,1189291,1189399,1189400,1189706,1189846,1189884,1190023,1190025,1190067,1190115,1190117,1190159,1190276,1190349,1190351,1190479,1190534,1190601,1190717,1191193,1191315,1191317,1191349,1191457,1191628,1191790,1191800,1191888,1191961,1192045,1192267,1192379,1192400,1192775,1192781,1192802
CVE References: CVE-2018-13405,CVE-2018-9517,CVE-2019-3874,CVE-2019-3900,CVE-2020-0429,CVE-2020-12770,CVE-2020-3702,CVE-2020-4788,CVE-2021-0941,CVE-2021-20322,CVE-2021-22543,CVE-2021-31916,CVE-2021-33033,CVE-2021-33909,CVE-2021-34556,CVE-2021-34981,CVE-2021-3542,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3655,CVE-2021-3656,CVE-2021-3659,CVE-2021-3679,CVE-2021-3715,CVE-2021-37159,CVE-2021-3732,CVE-2021-3744,CVE-2021-3752,CVE-2021-3753,CVE-2021-37576,CVE-2021-3759,CVE-2021-3760,CVE-2021-3764,CVE-2021-3772,CVE-2021-38160,CVE-2021-38198,CVE-2021-38204,CVE-2021-40490,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739
JIRA References: SLE-22573
Sources used:
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-197.102.2, kernel-default-4.12.14-197.102.2, kernel-kvmsmall-4.12.14-197.102.2, kernel-vanilla-4.12.14-197.102.2, kernel-zfcpdump-4.12.14-197.102.2

Comment 31 Swamp Workflow Management 2021-12-02 11:40:17 UTC

SUSE-SU-2021:3876-1: An update that solves 43 vulnerabilities, contains one feature and has 26 fixes is now available.

Category: security (important)
Bug References: 1100416,1108488,1129735,1129898,1133374,1136513,1171420,1176724,1177666,1181158,1184673,1184804,1185377,1185726,1185758,1185973,1186078,1186109,1186390,1186482,1186672,1188062,1188063,1188172,1188563,1188601,1188616,1188838,1188876,1188983,1188985,1189057,1189262,1189291,1189399,1189400,1189706,1189846,1189884,1190023,1190025,1190067,1190115,1190117,1190159,1190276,1190349,1190351,1190479,1190534,1190601,1190717,1191193,1191315,1191317,1191349,1191457,1191628,1191790,1191800,1191888,1191961,1192045,1192267,1192379,1192400,1192775,1192781,1192802
CVE References: CVE-2018-13405,CVE-2018-9517,CVE-2019-3874,CVE-2019-3900,CVE-2020-0429,CVE-2020-12770,CVE-2020-3702,CVE-2020-4788,CVE-2021-0941,CVE-2021-20322,CVE-2021-22543,CVE-2021-31916,CVE-2021-33033,CVE-2021-33909,CVE-2021-34556,CVE-2021-34981,CVE-2021-3542,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3655,CVE-2021-3656,CVE-2021-3659,CVE-2021-3679,CVE-2021-3715,CVE-2021-37159,CVE-2021-3732,CVE-2021-3744,CVE-2021-3752,CVE-2021-3753,CVE-2021-37576,CVE-2021-3759,CVE-2021-3760,CVE-2021-3764,CVE-2021-3772,CVE-2021-38160,CVE-2021-38198,CVE-2021-38204,CVE-2021-40490,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739
JIRA References: SLE-22573
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.102.2, kernel-docs-4.12.14-197.102.2, kernel-obs-build-4.12.14-197.102.1, kernel-source-4.12.14-197.102.2, kernel-syms-4.12.14-197.102.2
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.102.2, kernel-docs-4.12.14-197.102.2, kernel-obs-build-4.12.14-197.102.1, kernel-source-4.12.14-197.102.2, kernel-syms-4.12.14-197.102.2, kernel-zfcpdump-4.12.14-197.102.2
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.102.2, kernel-docs-4.12.14-197.102.2, kernel-obs-build-4.12.14-197.102.1, kernel-source-4.12.14-197.102.2, kernel-syms-4.12.14-197.102.2
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.102.2, kernel-livepatch-SLE15-SP1_Update_27-1-3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.102.2, kernel-docs-4.12.14-197.102.2, kernel-obs-build-4.12.14-197.102.1, kernel-source-4.12.14-197.102.2, kernel-syms-4.12.14-197.102.2
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.102.2, kernel-docs-4.12.14-197.102.2, kernel-obs-build-4.12.14-197.102.1, kernel-source-4.12.14-197.102.2, kernel-syms-4.12.14-197.102.2
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.102.2
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.102.2, kernel-docs-4.12.14-197.102.2, kernel-obs-build-4.12.14-197.102.1, kernel-source-4.12.14-197.102.2, kernel-syms-4.12.14-197.102.2
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.102.2, kernel-docs-4.12.14-197.102.2, kernel-obs-build-4.12.14-197.102.1, kernel-source-4.12.14-197.102.2, kernel-syms-4.12.14-197.102.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2021-12-02 11:54:27 UTC

SUSE-SU-2021:3877-1: An update that solves four vulnerabilities, contains one feature and has 11 fixes is now available.

Category: security (important)
Bug References: 1114648,1141655,1190523,1191790,1191961,1192045,1192048,1192273,1192718,1192750,1192753,1192781,1192802,1192906,1192987
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981
JIRA References: SLE-22573
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.103.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.103.1, kernel-obs-build-4.12.14-122.103.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.103.1, kernel-source-4.12.14-122.103.1, kernel-syms-4.12.14-122.103.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.103.1, kgraft-patch-SLE12-SP5_Update_26-1-8.5.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.103.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2021-12-06 14:29:28 UTC

SUSE-SU-2021:3933-1: An update that solves 6 vulnerabilities, contains one feature and has 21 fixes is now available.

Category: security (important)
Bug References: 1094840,1133021,1152489,1169263,1170269,1188601,1190523,1190795,1191790,1191851,1191958,1191961,1191980,1192045,1192229,1192273,1192328,1192718,1192740,1192745,1192750,1192753,1192781,1192802,1192896,1192906,1192918
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981,CVE-2021-37159,CVE-2021-43389
JIRA References: SLE-22573
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.96.1, kernel-default-base-5.3.18-24.96.1.9.44.1
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.96.1, kernel-preempt-5.3.18-24.96.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.96.1, kernel-livepatch-SLE15-SP2_Update_22-1-5.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.96.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.96.1, kernel-obs-build-5.3.18-24.96.1, kernel-preempt-5.3.18-24.96.1, kernel-source-5.3.18-24.96.1, kernel-syms-5.3.18-24.96.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.96.1, kernel-default-base-5.3.18-24.96.1.9.44.1, kernel-preempt-5.3.18-24.96.1, kernel-source-5.3.18-24.96.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.96.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Swamp Workflow Management 2021-12-06 17:46:11 UTC

openSUSE-SU-2021:3941-1: An update that solves four vulnerabilities, contains one feature and has 21 fixes is now available.

Category: security (important)
Bug References: 1152489,1169263,1170269,1184924,1190523,1190795,1191790,1191961,1192045,1192217,1192273,1192328,1192375,1192473,1192718,1192740,1192745,1192750,1192753,1192758,1192781,1192802,1192896,1192906,1192918
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981
JIRA References: SLE-22573
Sources used:
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.37.1, kernel-64kb-5.3.18-59.37.2, kernel-debug-5.3.18-59.37.2, kernel-default-5.3.18-59.37.2, kernel-default-base-5.3.18-59.37.2.18.23.3, kernel-docs-5.3.18-59.37.2, kernel-kvmsmall-5.3.18-59.37.2, kernel-obs-build-5.3.18-59.37.3, kernel-obs-qa-5.3.18-59.37.1, kernel-preempt-5.3.18-59.37.2, kernel-source-5.3.18-59.37.2, kernel-syms-5.3.18-59.37.1, kernel-zfcpdump-5.3.18-59.37.2

Comment 35 Swamp Workflow Management 2021-12-06 17:59:26 UTC

SUSE-SU-2021:3941-1: An update that solves four vulnerabilities, contains one feature and has 21 fixes is now available.

Category: security (important)
Bug References: 1152489,1169263,1170269,1184924,1190523,1190795,1191790,1191961,1192045,1192217,1192273,1192328,1192375,1192473,1192718,1192740,1192745,1192750,1192753,1192758,1192781,1192802,1192896,1192906,1192918
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981
JIRA References: SLE-22573
Sources used:
SUSE MicroOS 5.1 (src):    kernel-default-5.3.18-59.37.2, kernel-default-base-5.3.18-59.37.2.18.23.3
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.37.2, kernel-preempt-5.3.18-59.37.2
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.37.2, kernel-livepatch-SLE15-SP3_Update_10-1-7.3.2
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.37.2
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.37.2, kernel-obs-build-5.3.18-59.37.3, kernel-preempt-5.3.18-59.37.2, kernel-source-5.3.18-59.37.2, kernel-syms-5.3.18-59.37.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.37.2, kernel-default-5.3.18-59.37.2, kernel-default-base-5.3.18-59.37.2.18.23.3, kernel-preempt-5.3.18-59.37.2, kernel-source-5.3.18-59.37.2, kernel-zfcpdump-5.3.18-59.37.2
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.37.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Swamp Workflow Management 2021-12-07 20:27:23 UTC

SUSE-SU-2021:3969-1: An update that solves 37 vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 1085235,1085308,1087078,1087082,1100394,1102640,1105412,1108488,1129898,1133374,1171420,1173489,1174161,1181854,1184804,1185377,1185726,1185758,1186109,1186482,1188172,1188563,1188601,1188838,1188876,1188983,1188985,1189057,1189262,1189291,1189399,1189400,1189706,1189846,1189884,1190023,1190025,1190067,1190117,1190159,1190351,1190479,1190534,1190601,1190717,1191193,1191315,1191317,1191790,1191800,1191961,1192045,1192267,1192379,1192400,1192775,1192781,1192802
CVE References: CVE-2018-3639,CVE-2018-9517,CVE-2019-3874,CVE-2019-3900,CVE-2020-12770,CVE-2020-3702,CVE-2021-0941,CVE-2021-20320,CVE-2021-20322,CVE-2021-22543,CVE-2021-31916,CVE-2021-33033,CVE-2021-34556,CVE-2021-34981,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3655,CVE-2021-3656,CVE-2021-3659,CVE-2021-3679,CVE-2021-37159,CVE-2021-3732,CVE-2021-3744,CVE-2021-3752,CVE-2021-3753,CVE-2021-37576,CVE-2021-3760,CVE-2021-3764,CVE-2021-3772,CVE-2021-38160,CVE-2021-38198,CVE-2021-38204,CVE-2021-40490,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.78.1, kernel-docs-4.12.14-150.78.2, kernel-obs-build-4.12.14-150.78.2, kernel-source-4.12.14-150.78.1, kernel-syms-4.12.14-150.78.1, kernel-vanilla-4.12.14-150.78.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.78.1, kernel-docs-4.12.14-150.78.2, kernel-obs-build-4.12.14-150.78.2, kernel-source-4.12.14-150.78.1, kernel-syms-4.12.14-150.78.1, kernel-vanilla-4.12.14-150.78.1, kernel-zfcpdump-4.12.14-150.78.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.78.1, kernel-livepatch-SLE15_Update_26-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.78.1, kernel-docs-4.12.14-150.78.2, kernel-obs-build-4.12.14-150.78.2, kernel-source-4.12.14-150.78.1, kernel-syms-4.12.14-150.78.1, kernel-vanilla-4.12.14-150.78.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.78.1, kernel-docs-4.12.14-150.78.2, kernel-obs-build-4.12.14-150.78.2, kernel-source-4.12.14-150.78.1, kernel-syms-4.12.14-150.78.1, kernel-vanilla-4.12.14-150.78.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.78.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 37 Swamp Workflow Management 2021-12-08 14:28:13 UTC

SUSE-SU-2021:3972-1: An update that solves 40 vulnerabilities and has 47 fixes is now available.

Category: security (important)
Bug References: 1087082,1100416,1108488,1129735,1129898,1133374,1153720,1171420,1176724,1176931,1180624,1181854,1181855,1183050,1183861,1184673,1184804,1185377,1185677,1185726,1185727,1185758,1185973,1186063,1186482,1186483,1186672,1188026,1188172,1188563,1188601,1188613,1188838,1188842,1188876,1188983,1188985,1189057,1189262,1189278,1189291,1189399,1189400,1189418,1189420,1189706,1189846,1189884,1190023,1190025,1190067,1190115,1190117,1190118,1190159,1190276,1190349,1190350,1190351,1190432,1190479,1190534,1190601,1190717,1191193,1191315,1191317,1191318,1191529,1191530,1191628,1191660,1191790,1191801,1191813,1191961,1192036,1192045,1192048,1192267,1192379,1192400,1192444,1192549,1192775,1192781,1192802
CVE References: CVE-2018-13405,CVE-2018-9517,CVE-2019-3874,CVE-2019-3900,CVE-2020-0429,CVE-2020-12770,CVE-2020-3702,CVE-2021-0941,CVE-2021-20322,CVE-2021-22543,CVE-2021-31916,CVE-2021-34556,CVE-2021-34981,CVE-2021-3542,CVE-2021-35477,CVE-2021-3640,CVE-2021-3653,CVE-2021-3655,CVE-2021-3656,CVE-2021-3659,CVE-2021-3679,CVE-2021-3715,CVE-2021-37159,CVE-2021-3732,CVE-2021-3744,CVE-2021-3752,CVE-2021-3753,CVE-2021-37576,CVE-2021-3759,CVE-2021-3760,CVE-2021-3764,CVE-2021-3772,CVE-2021-38160,CVE-2021-38198,CVE-2021-38204,CVE-2021-40490,CVE-2021-41864,CVE-2021-42008,CVE-2021-42252,CVE-2021-42739
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.83.2, kernel-source-4.12.14-95.83.2, kernel-syms-4.12.14-95.83.2
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.83.2, kernel-source-4.12.14-95.83.2, kernel-syms-4.12.14-95.83.2
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.83.2, kernel-source-4.12.14-95.83.2, kernel-syms-4.12.14-95.83.2
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.83.2, kernel-source-4.12.14-95.83.2, kernel-syms-4.12.14-95.83.2
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.83.2, kgraft-patch-SLE12-SP4_Update_23-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.83.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Swamp Workflow Management 2021-12-09 14:18:45 UTC

SUSE-SU-2021:3978-1: An update that solves 7 vulnerabilities, contains one feature and has 27 fixes is now available.

Category: security (important)
Bug References: 1094840,1133021,1152489,1153275,1169263,1169514,1170269,1176940,1179599,1188601,1190523,1190795,1191790,1191851,1191958,1191961,1191980,1192045,1192229,1192273,1192328,1192718,1192740,1192745,1192750,1192753,1192781,1192802,1192896,1192906,1192918,1192987,1192998,1193002
CVE References: CVE-2020-27820,CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981,CVE-2021-37159,CVE-2021-43389
JIRA References: SLE-22573
Sources used:
SUSE MicroOS 5.0 (src):    kernel-rt-5.3.18-62.2
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-62.2, kernel-rt_debug-5.3.18-62.3, kernel-source-rt-5.3.18-62.3, kernel-syms-rt-5.3.18-62.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 Swamp Workflow Management 2021-12-09 20:28:15 UTC

SUSE-SU-2021:3979-1: An update that solves four vulnerabilities, contains one feature and has 23 fixes is now available.

Category: security (important)
Bug References: 1152489,1169263,1170269,1184924,1190523,1190795,1191790,1191961,1192045,1192217,1192273,1192328,1192375,1192473,1192691,1192718,1192740,1192745,1192750,1192753,1192758,1192781,1192802,1192874,1192896,1192906,1192918
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981
JIRA References: SLE-22573
Sources used:
SUSE MicroOS 5.1 (src):    kernel-rt-5.3.18-65.2
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-65.2, kernel-rt_debug-5.3.18-65.2, kernel-source-rt-5.3.18-65.2, kernel-syms-rt-5.3.18-65.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Swamp Workflow Management 2021-12-10 14:47:07 UTC

SUSE-SU-2021:3992-1: An update that solves four vulnerabilities, contains one feature and has 15 fixes is now available.

Category: security (important)
Bug References: 1114648,1141655,1169514,1190317,1190523,1191790,1191876,1191961,1192045,1192048,1192273,1192718,1192750,1192753,1192781,1192802,1192866,1192906,1192987
CVE References: CVE-2021-0941,CVE-2021-20322,CVE-2021-31916,CVE-2021-34981
JIRA References: SLE-22573
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.70.2, kernel-rt_debug-4.12.14-10.70.2, kernel-source-rt-4.12.14-10.70.2, kernel-syms-rt-4.12.14-10.70.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 41 Marcus Meissner 2022-01-25 13:03:26 UTC

released