Bug 1193442 - (CVE-2021-28714) VUL-0: CVE-2021-28714,CVE-2021-28715: kernel-source,kernel-source-azure,kernel-source-rt: xen: Guest can force Linux netback driver to hog large amounts of kernel memory (XSA-392)
(CVE-2021-28714)
VUL-0: CVE-2021-28714,CVE-2021-28715: kernel-source,kernel-source-azure,kerne...
Status: RESOLVED FIXED
: 1190491 (view as bug list)
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/316358/
CVSSv3.1:SUSE:CVE-2021-28714:5.5:(AV:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2021-12-06 15:26 UTC by Gianluca Gabrielli
Modified: 2022-07-21 20:21 UTC (History)
7 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
Upstream patches (2.72 KB, patch)
2021-12-06 15:28 UTC, Gianluca Gabrielli
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Gianluca Gabrielli 2021-12-06 15:26:45 UTC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

                    Xen Security Advisory XSA-392

 Guest can force Linux netback driver to hog large amounts of kernel memory

              *** EMBARGOED UNTIL 2021-12-20 12:00 UTC ***

ISSUE DESCRIPTION
=================

Incoming data packets for a guest in the Linux kernel's netback driver
are buffered until the guest is ready to process them. There are some
measures taken for avoiding to pile up too much data, but those can
be bypassed by the guest:

There is a timeout how long the client side of an interface can stop
consuming new packets before it is assumed to have stalled, but this
timeout is rather long (60 seconds by default). Using a UDP connection
on a fast interface can easily accumulate gigabytes of data in that
time.

The timeout could even never trigger if the guest manages to have only
one free slot in its RX queue ring page and the next package would
require more than one free slot, which may be the case when using GSO,
XDP, or software hashing.

IMPACT
======

The Linux kernel's xen-netback backend driver can be forced by guests
to queue arbitrary amounts of network data, finally causing an out of
memory situation in the domain the backend is running in (usually dom0).

VULNERABLE SYSTEMS
==================

All systems using the Linux kernel based network backend xen-netback
are vulnerable.

MITIGATION
==========

Using another PV network backend (e.g. the qemu based "qnic" backend)
will mitigate the problem.

Using a dedicated network driver domain per guest will mitigate the
problem.

RESOLUTION
==========

Applying the attached patches resolves this issue.

xsa392-linux-1.patch   Linux 5.15
xsa392-linux-2.patch   Linux 5.15

$ sha256sum xsa392*
91ec0cf9a6289f788816dbf70840b2534b2bf144c39a9e3251f6a04afce64dd0  xsa392-linux-1.patch
0c553cbbb84f5b2984558e05fd61ef1c80d584605e3d5194360af200bb937704  xsa392-linux-2.patch
$

DEPLOYMENT DURING EMBARGO
=========================

Deployment of patches or mitigations is NOT permitted (except where
all the affected systems and VMs are administered and used only by
organisations which are members of the Xen Project Security Issues
Predisclosure List).  Specifically, deployment on public cloud systems
is NOT permitted.

This is because both, the mitigation, or the deployed patches can
result in discoverable changes of timing or Xenstore entries for the
guest.

Deployment is permitted only AFTER the embargo ends.

(Note: this during-embargo deployment notice is retained in
post-embargo publicly released Xen Project advisories, even though it
is then no longer applicable.  This is to enable the community to have
oversight of the Xen Project Security Team's decisionmaking.)

For more information about permissible uses of embargoed information,
consult the Xen Project community's agreed Security Policy:
  http://www.xenproject.org/security-policy.html
-----BEGIN PGP SIGNATURE-----

iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAmGuJuAMHHBncEB4ZW4u
b3JnAAoJEIP+FMlX6CvZ3vIIAMiQimd385m/T8jOU6UIUXnQQgVmsaIsZX378elC
/2IgbOKhU/T2War21rbdIb+3/gKefZeTNI6M0V/DBo4SRlfVhCTUCG4TodHCUOsQ
KOg4jRk2RHtKCPSagquoni+o74veG34b5SbBqFyAIg7emBatmtbIT2JwuFlsiu4H
vXr2jxj4LO3n9fR+RbYZ5mnd3CpwIUrbZuafdhf7kiFLUivBKqRTJTbXX080pzKP
Sq7Klp40+u8mO5NYy3i1xjPGGzLhPycTwQWvZjbpZ9HzUg+BSlH+fhauh3W/4PZG
17Uum/LimLC00qYWn7cG9vw3iNeXEJpa4jxGvazmDyj9zXQ=
=7Xyg
-----END PGP SIGNATURE-----
Comment 3 Gianluca Gabrielli 2021-12-06 15:28:29 UTC
Created attachment 854347 [details]
Upstream patches
Comment 4 Gianluca Gabrielli 2021-12-07 08:26:57 UTC
     Xen Security Advisory CVE-2021-28714,CVE-2021-28715 / XSA-392
                              version 2

 Guest can force Linux netback driver to hog large amounts of kernel memory

              *** EMBARGOED UNTIL 2021-12-20 12:00 UTC ***

UPDATES IN VERSION 2
====================

CVEs assigned.
Comment 5 Gianluca Gabrielli 2021-12-09 11:07:11 UTC
     Xen Security Advisory CVE-2021-28714,CVE-2021-28715 / XSA-392
                               version 3

 Guest can force Linux netback driver to hog large amounts of kernel memory

              *** EMBARGOED UNTIL 2021-12-20 12:00 UTC ***

UPDATES IN VERSION 3
====================

Modified DEPLOYMENT restrictions

[...]

DEPLOYMENT DURING EMBARGO
=========================

Deployment of the *patches* is permitted during the embargo, even on
public-facing systems with untrusted guest users and administrators.

But: Distribution of updated software is prohibited (except to other
members of the predisclosure list).


Deployment of the *mitigations* (switching to driver domains or using
a qemu based backend) is NOT permitted (except where all the affected
systems and VMs are administered and used only by organisations which
are members of the Xen Project Security Issues Predisclosure List).
Specifically, deployment of the mitigations on public cloud systems is
NOT permitted.

This is because the mitigations will result in discoverable changes of
Xenstore entries for the guest.

Deployment of the mitigations is permitted only AFTER the embargo ends.


Predisclosure list members who wish to deploy significantly different
patches and/or mitigations, please contact the Xen Project Security
Team.

(Note: this during-embargo deployment notice is retained in
post-embargo publicly released Xen Project advisories, even though it
is then no longer applicable.  This is to enable the community to have
oversight of the Xen Project Security Team's decisionmaking.)

For more information about permissible uses of embargoed information,
consult the Xen Project community's agreed Security Policy:
  http://www.xenproject.org/security-policy.html
Comment 6 Gianluca Gabrielli 2021-12-20 13:30:01 UTC
public
Comment 13 Jürgen Groß 2022-01-06 15:21:04 UTC
All code streams have the patches merged now.
Comment 19 Swamp Workflow Management 2022-01-11 20:23:05 UTC
openSUSE-SU-2022:0056-1: An update that solves 14 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1
Comment 20 Swamp Workflow Management 2022-01-11 20:31:20 UTC
SUSE-SU-2022:0056-1: An update that solves 14 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2022-01-13 17:22:05 UTC
SUSE-SU-2022:0068-1: An update that solves 16 vulnerabilities and has 26 fixes is now available.

Category: security (important)
Bug References: 1114648,1124431,1167162,1169514,1172073,1179599,1183678,1183897,1184804,1185727,1185762,1187167,1189126,1189158,1189305,1189841,1190317,1190358,1190428,1191229,1191384,1191731,1191876,1192032,1192145,1192267,1192740,1192845,1192847,1192866,1192877,1192946,1192974,1193231,1193306,1193318,1193440,1193442,1193575,1193731,1194087,1194094
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.106.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.106.1, kernel-obs-build-4.12.14-122.106.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.106.1, kernel-source-4.12.14-122.106.1, kernel-syms-4.12.14-122.106.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.106.1, kgraft-patch-SLE12-SP5_Update_27-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.106.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2022-01-14 14:24:32 UTC
SUSE-SU-2022:0079-1: An update that solves 14 vulnerabilities, contains four features and has 58 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192845,1192847,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: ECO-3666,SLE-17823,SLE-20042,SLE-23139
Sources used:
SUSE MicroOS 5.1 (src):    kernel-rt-5.3.18-68.1
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-68.1, kernel-rt_debug-5.3.18-68.1, kernel-source-rt-5.3.18-68.1, kernel-syms-rt-5.3.18-68.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2022-01-14 14:29:40 UTC
SUSE-SU-2022:0080-1: An update that solves 18 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 1114648,1124431,1167162,1169514,1172073,1179599,1183678,1183897,1184804,1185727,1185762,1187167,1189126,1189158,1189305,1189841,1190317,1190358,1190428,1191229,1191384,1191731,1191876,1192032,1192145,1192267,1192740,1192845,1192847,1192866,1192877,1192946,1192974,1192987,1193231,1193306,1193318,1193440,1193442,1193575,1193669,1193727,1193731,1194001,1194087,1194094
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.85.1, kernel-source-azure-4.12.14-16.85.1, kernel-syms-azure-4.12.14-16.85.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2022-01-17 20:21:03 UTC
SUSE-SU-2022:0090-1: An update that solves 15 vulnerabilities, contains one feature and has 18 fixes is now available.

Category: security (important)
Bug References: 1114648,1124431,1167162,1179599,1183678,1183897,1184804,1185727,1185762,1187167,1189126,1189305,1189841,1190358,1191229,1191384,1192032,1192145,1192267,1192740,1192845,1192847,1192877,1192946,1192974,1193231,1193306,1193318,1193440,1193442,1193731,1194087,1194094
CVE References: CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-17288
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.73.1, kernel-rt_debug-4.12.14-10.73.1, kernel-source-rt-4.12.14-10.73.1, kernel-syms-rt-4.12.14-10.73.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2022-01-19 20:25:40 UTC
SUSE-SU-2022:0131-1: An update that solves 13 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
SUSE MicroOS 5.1 (src):    kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.40.1, kernel-livepatch-SLE15-SP3_Update_11-1-7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.40.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2022-01-19 20:34:14 UTC
openSUSE-SU-2022:0131-1: An update that solves 13 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.40.1, kernel-64kb-5.3.18-59.40.1, kernel-debug-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-docs-5.3.18-59.40.1, kernel-kvmsmall-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-obs-qa-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1
Comment 28 Vasilis Liaskovitis 2022-01-20 13:54:14 UTC
*** Bug 1190491 has been marked as a duplicate of this bug. ***
Comment 31 Swamp Workflow Management 2022-01-25 20:34:05 UTC
SUSE-SU-2022:0181-1: An update that solves 10 vulnerabilities, contains one feature and has 42 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1154353,1154355,1161907,1164565,1166780,1176242,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176956,1177440,1178270,1179211,1179426,1179427,1179960,1181148,1181507,1181710,1183534,1183540,1183897,1185726,1185902,1187541,1189126,1191793,1191876,1192267,1192507,1192511,1192569,1192606,1192845,1192847,1192877,1192946,1192969,1192990,1193042,1193169,1193318,1193349,1193440,1193442
CVE References: CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976
JIRA References: SLE-20042
Sources used:
SUSE MicroOS 5.0 (src):    kernel-rt-5.3.18-65.2
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-65.2, kernel-rt_debug-5.3.18-65.2, kernel-source-rt-5.3.18-65.2, kernel-syms-rt-5.3.18-65.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2022-01-26 11:30:57 UTC
SUSE-SU-2022:0197-1: An update that solves 22 vulnerabilities and has 59 fixes is now available.

Category: security (important)
Bug References: 1071995,1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176940,1176956,1177440,1178270,1179211,1179424,1179426,1179427,1179599,1179960,1181148,1181507,1181710,1183534,1183540,1183897,1184209,1185726,1185902,1187541,1189126,1189158,1191271,1191793,1191876,1192267,1192507,1192511,1192569,1192606,1192845,1192847,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193169,1193255,1193306,1193318,1193349,1193440,1193442,1193660,1193669,1193727,1193767,1193901,1193927,1194001,1194087,1194094,1194302,1194516,1194517,1194529,1194888,1194985
CVE References: CVE-2020-27820,CVE-2020-27825,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45485,CVE-2021-45486,CVE-2022-0185,CVE-2022-0322
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.99.1, kernel-livepatch-SLE15-SP2_Update_23-1-5.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.99.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-24.99.1, kernel-default-base-5.3.18-24.99.1.9.46.1, kernel-docs-5.3.18-24.99.1, kernel-obs-build-5.3.18-24.99.1, kernel-preempt-5.3.18-24.99.1, kernel-source-5.3.18-24.99.1, kernel-syms-5.3.18-24.99.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Swamp Workflow Management 2022-02-10 20:21:07 UTC
openSUSE-SU-2022:0366-1: An update that solves 27 vulnerabilities and has 23 fixes is now available.

Category: security (critical)
Bug References: 1071995,1124431,1167162,1169514,1172073,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191241,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1193927,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195166,1195254
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-197.105.1, kernel-default-4.12.14-197.105.1, kernel-kvmsmall-4.12.14-197.105.1, kernel-vanilla-4.12.14-197.105.1, kernel-zfcpdump-4.12.14-197.105.1
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-197.105.1, kernel-default-4.12.14-197.105.1, kernel-kvmsmall-4.12.14-197.105.1, kernel-vanilla-4.12.14-197.105.1, kernel-zfcpdump-4.12.14-197.105.1
Comment 44 Swamp Workflow Management 2022-02-10 20:28:25 UTC
SUSE-SU-2022:0362-1: An update that solves 23 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1012382,1179960,1183696,1186207,1192032,1192267,1192847,1192877,1192946,1193157,1193440,1193442,1193507,1193575,1193669,1193727,1193861,1193864,1193867,1194001,1194087,1194094,1194272,1194302,1194516,1194529,1194880
CVE References: CVE-2018-25020,CVE-2019-0136,CVE-2020-35519,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4155,CVE-2021-4197,CVE-2021-4202,CVE-2021-43976,CVE-2021-45095,CVE-2021-45485,CVE-2021-45486,CVE-2022-0330
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.153.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.153.1, kernel-source-4.4.180-94.153.1, kernel-syms-4.4.180-94.153.1, kgraft-patch-SLE12-SP3_Update_42-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Swamp Workflow Management 2022-02-10 20:39:33 UTC
SUSE-SU-2022:0367-1: An update that solves 27 vulnerabilities and has 23 fixes is now available.

Category: security (critical)
Bug References: 1071995,1124431,1167162,1169514,1172073,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191241,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193506,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195166,1195254
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1, kernel-zfcpdump-4.12.14-150.83.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.83.1, kernel-livepatch-SLE15_Update_27-1-1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.83.1, kernel-docs-4.12.14-150.83.1, kernel-obs-build-4.12.14-150.83.1, kernel-source-4.12.14-150.83.1, kernel-syms-4.12.14-150.83.1, kernel-vanilla-4.12.14-150.83.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.83.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Swamp Workflow Management 2022-02-10 20:45:03 UTC
SUSE-SU-2022:0366-1: An update that solves 27 vulnerabilities and has 23 fixes is now available.

Category: security (critical)
Bug References: 1071995,1124431,1167162,1169514,1172073,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191241,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1193927,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195166,1195254
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4135,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1, kernel-zfcpdump-4.12.14-197.105.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.105.1, kernel-livepatch-SLE15-SP1_Update_28-1-3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.105.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.105.1, kernel-docs-4.12.14-197.105.1, kernel-obs-build-4.12.14-197.105.1, kernel-source-4.12.14-197.105.1, kernel-syms-4.12.14-197.105.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 47 Swamp Workflow Management 2022-02-11 11:31:00 UTC
SUSE-SU-2022:0371-1: An update that solves 27 vulnerabilities and has 22 fixes is now available.

Category: security (important)
Bug References: 1071995,1124431,1167162,1169514,1172073,1177101,1179599,1184804,1185377,1186207,1186222,1187167,1189305,1189841,1190358,1190428,1191229,1191384,1191731,1192032,1192267,1192740,1192845,1192847,1192877,1192946,1193306,1193440,1193442,1193507,1193575,1193669,1193727,1193731,1193767,1193861,1193864,1193867,1194001,1194048,1194087,1194227,1194302,1194516,1194529,1194880,1194888,1194985,1195254
CVE References: CVE-2018-25020,CVE-2019-15126,CVE-2020-27820,CVE-2021-0920,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4197,CVE-2021-4202,CVE-2021-43975,CVE-2021-43976,CVE-2021-44733,CVE-2021-45095,CVE-2021-45486,CVE-2022-0322,CVE-2022-0330,CVE-2022-0435
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.88.1, kernel-source-4.12.14-95.88.1, kernel-syms-4.12.14-95.88.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.88.1, kgraft-patch-SLE12-SP4_Update_24-1-6.5.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.88.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Swamp Workflow Management 2022-02-17 17:24:51 UTC
SUSE-SU-2022:0477-1: An update that solves 23 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1012382,1179960,1183696,1186207,1192032,1192847,1192877,1192946,1193157,1193440,1193442,1193575,1193669,1193727,1193861,1193864,1193867,1194001,1194087,1194094,1194272,1194302,1194516,1194529,1194880
CVE References: CVE-2018-25020,CVE-2019-0136,CVE-2020-35519,CVE-2021-0935,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28715,CVE-2021-33098,CVE-2021-3564,CVE-2021-39648,CVE-2021-39657,CVE-2021-4002,CVE-2021-4083,CVE-2021-4149,CVE-2021-4155,CVE-2021-4197,CVE-2021-4202,CVE-2021-43976,CVE-2021-45095,CVE-2021-45485,CVE-2021-45486,CVE-2022-0330
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.164.1, kernel-source-4.4.121-92.164.1, kernel-syms-4.4.121-92.164.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 49 Swamp Workflow Management 2022-03-01 20:31:38 UTC
openSUSE-SU-2022:0056-1: An update that solves 17 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192877,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1194175,1194176,1194177,1194266
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-33098,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486,CVE-2022-23096,CVE-2022-23097,CVE-2022-23098
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.34.1, kernel-source-azure-5.3.18-38.34.1, kernel-syms-azure-5.3.18-38.34.1
openSUSE Backports SLE-15-SP3 (src):    connman-1.41-bp153.2.3.1
Comment 50 Swamp Workflow Management 2022-05-07 16:22:07 UTC
openSUSE-SU-2022:0131-1: An update that solves 14 vulnerabilities, contains one feature and has 61 fixes is now available.

Category: security (important)
Bug References: 1139944,1151927,1152489,1153275,1154353,1154355,1161907,1164565,1166780,1169514,1176242,1176447,1176536,1176544,1176545,1176546,1176548,1176558,1176559,1176774,1176940,1176956,1177440,1178134,1178270,1179211,1179424,1179426,1179427,1179599,1181148,1181507,1181710,1182404,1183534,1183540,1183897,1184318,1185726,1185902,1186332,1187541,1189126,1189158,1191793,1191876,1192267,1192320,1192507,1192511,1192569,1192606,1192691,1192845,1192847,1192874,1192946,1192969,1192987,1192990,1192998,1193002,1193042,1193139,1193169,1193306,1193318,1193349,1193440,1193442,1193655,1193993,1194087,1194094,1195323
CVE References: CVE-2020-24504,CVE-2020-27820,CVE-2021-2032,CVE-2021-28711,CVE-2021-28712,CVE-2021-28713,CVE-2021-28714,CVE-2021-28715,CVE-2021-4001,CVE-2021-4002,CVE-2021-43975,CVE-2021-43976,CVE-2021-45485,CVE-2021-45486
JIRA References: SLE-22574
Sources used:
openSUSE Leap 15.4 (src):    keycloak-18.0.0-lp154.2.3.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-59.40.1, kernel-64kb-5.3.18-59.40.1, kernel-debug-5.3.18-59.40.1, kernel-default-5.3.18-59.40.1, kernel-default-base-5.3.18-59.40.1.18.25.1, kernel-docs-5.3.18-59.40.1, kernel-kvmsmall-5.3.18-59.40.1, kernel-obs-build-5.3.18-59.40.1, kernel-obs-qa-5.3.18-59.40.1, kernel-preempt-5.3.18-59.40.1, kernel-source-5.3.18-59.40.1, kernel-syms-5.3.18-59.40.1, kernel-zfcpdump-5.3.18-59.40.1
Comment 54 Gabriele Sonnu 2022-05-20 08:00:58 UTC
Done.