Bug 1139073 (CVE-2019-11135)

Summary: EMU: VUL-0: CVE-2019-11135: November 2019 CPU issue aka "TSX Asynchronous Abort (TAA)"
Product: [Novell Products] SUSE Security Incidents Reporter: Alexandros Toptsoglou <atoptsoglou>
Component: IncidentsAssignee: Borislav Petkov <bpetkov>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: aginies, bpetkov, carnold, claudio.fontana, emu, jbeulich, jfehlig, jgross, jkosina, jroedel, lpechacek, meissner, mhocko, mkoutny, simonf.lees
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/235618/
Whiteboard: CVSSv3:SUSE:CVE-2019-11135:6.5:(AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N) maint:released:sle10-sp3:64403
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 1152497, 1152505, 1152506    
Attachments: TAA-enumeration.txt
follow up fix

Comment 3 Marcus Meissner 2019-07-10 15:07:32 UTC 
CRD: 2019-11-12 10:00PST
Comment 11 Marcus Meissner 2019-10-09 12:31:25 UTC 
Created attachment 820901 [details]
TAA-enumeration.txt

strategy for TSX disablement
Comment 15 Simon Lees 2019-11-05 02:46:39 UTC 
This will be handled under the EMU process once we have submissions.
Comment 17 Marcus Meissner 2019-11-05 11:53:42 UTC 
Proposed patchinfo text:

CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described "Microarchitectural Data Sampling" attack.

The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).

The set of options available is described in our TID at "TID link".
Comment 33 Marcus Meissner 2019-11-08 14:55:44 UTC 
https://www.suse.com/support/kb/doc/?id=7024251

will be the TID link
Comment 39 Marcus Meissner 2019-11-12 18:02:26 UTC 
now public
Comment 40 Swamp Workflow Management 2019-11-12 19:01:29 UTC 
This is an autogenerated message for OBS integration:
This bug (1139073) was mentioned in
https://build.opensuse.org/request/show/747901 15.0 / kernel-source
Comment 41 Swamp Workflow Management 2019-11-12 22:51:04 UTC 
This is an autogenerated message for OBS integration:
This bug (1139073) was mentioned in
https://build.opensuse.org/request/show/747951 15.1 / kernel-source
Comment 42 Swamp Workflow Management 2019-11-12 23:14:26 UTC 
SUSE-SU-2019:2948-1: An update that solves 6 vulnerabilities and has 30 fixes is now available.

Category: security (important)
Bug References: 1051510,1082635,1083647,1090631,1096254,1117665,1119461,1119465,1123034,1135966,1135967,1137040,1138190,1139073,1140090,1143706,1144338,1144903,1146612,1149119,1150457,1151225,1152624,1153476,1153509,1153969,1154737,1154848,1154858,1154905,1154959,1155178,1155179,1155184,1155186,1155671
CVE References: CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-16233
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.40.1, kgraft-patch-SLE12-SP4_Update_10-1-6.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Swamp Workflow Management 2019-11-12 23:20:21 UTC 
SUSE-SU-2019:2949-1: An update that solves 49 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 1051510,1084878,1117665,1131107,1133140,1135966,1135967,1136261,1137865,1139073,1140671,1141013,1141054,1142458,1143187,1144123,1144903,1145477,1146042,1146163,1146285,1146361,1146378,1146391,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146540,1146543,1146547,1146550,1146584,1146589,1147022,1147122,1148394,1148938,1149083,1149376,1149522,1149527,1149555,1149612,1150025,1150112,1150452,1150457,1150465,1150727,1150942,1151347,1151350,1152685,1152782,1152788,1153158,1153263,1154103,1154372,1155131,1155671
CVE References: CVE-2016-10906,CVE-2017-18379,CVE-2017-18509,CVE-2017-18551,CVE-2017-18595,CVE-2018-12207,CVE-2018-20976,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-13272,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14821,CVE-2019-14835,CVE-2019-15098,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15239,CVE-2019-15290,CVE-2019-15291,CVE-2019-15505,CVE-2019-15666,CVE-2019-15807,CVE-2019-15902,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16413,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.107.1, kernel-source-4.4.180-94.107.1, kernel-syms-4.4.180-94.107.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.107.1, kernel-source-4.4.180-94.107.1, kernel-syms-4.4.180-94.107.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.107.1, kernel-source-4.4.180-94.107.1, kernel-syms-4.4.180-94.107.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.107.1, kernel-source-4.4.180-94.107.1, kernel-syms-4.4.180-94.107.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.107.1, kernel-source-4.4.180-94.107.1, kernel-syms-4.4.180-94.107.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.107.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.107.1, kernel-source-4.4.180-94.107.1, kernel-syms-4.4.180-94.107.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.180-94.107.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.107.1, kernel-source-4.4.180-94.107.1, kernel-syms-4.4.180-94.107.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 44 Swamp Workflow Management 2019-11-12 23:51:34 UTC 
SUSE-SU-2019:2946-1: An update that solves 12 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1050244,1050536,1050545,1051510,1055186,1061840,1064802,1065600,1066129,1073513,1082635,1083647,1086323,1087092,1089644,1090631,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1109158,1114279,1117665,1119461,1119465,1123034,1123080,1133140,1134303,1135642,1135854,1135873,1135966,1135967,1137040,1137799,1138190,1139073,1140090,1140729,1140845,1140883,1141600,1142635,1142667,1143706,1144338,1144375,1144449,1144903,1145099,1146612,1148410,1149119,1150452,1150457,1150465,1150875,1151508,1152624,1152685,1152788,1152791,1153112,1153158,1153236,1153263,1153476,1153509,1153646,1153713,1153717,1153718,1153719,1153811,1153969,1154108,1154189,1154354,1154372,1154578,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1155178,1155179,1155184,1155186,1155671
CVE References: CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16995,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.41.1, kernel-livepatch-SLE15_Update_16-1-1.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Swamp Workflow Management 2019-11-13 00:04:15 UTC 
SUSE-SU-2019:2959-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1139073,1141035,1154043,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    ucode-intel-20191112-13.53.1
SUSE OpenStack Cloud 8 (src):    ucode-intel-20191112-13.53.1
SUSE OpenStack Cloud 7 (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server 12-SP5 (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server 12-SP4 (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    ucode-intel-20191112-13.53.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    ucode-intel-20191112-13.53.1
SUSE Enterprise Storage 5 (src):    ucode-intel-20191112-13.53.1
SUSE CaaS Platform 3.0 (src):    ucode-intel-20191112-13.53.1
HPE Helion Openstack 8 (src):    ucode-intel-20191112-13.53.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Swamp Workflow Management 2019-11-13 00:11:32 UTC 
SUSE-SU-2019:2953-1: An update that solves 12 vulnerabilities and has 115 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1050244,1050536,1050545,1051510,1055186,1061840,1064802,1065600,1066129,1073513,1082635,1083647,1086323,1087092,1089644,1090631,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1109158,1114279,1117665,1119461,1119465,1122363,1123034,1123080,1127155,1133140,1134303,1135642,1135854,1135873,1135967,1137040,1137799,1137861,1138190,1139073,1140090,1140729,1140845,1140883,1141600,1142635,1142667,1143706,1144338,1144375,1144449,1144903,1145099,1146612,1148410,1149119,1150452,1150457,1150465,1150875,1151225,1151508,1151680,1152497,1152505,1152506,1152624,1152685,1152782,1152788,1152791,1153108,1153112,1153158,1153236,1153263,1153476,1153509,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154108,1154189,1154354,1154372,1154578,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1154959,1155178,1155179,1155184,1155186,1155671,1155692,1155812,1155817,1155836,1155945,1155982,1156187,919448,987367,998153
CVE References: CVE-2018-12207,CVE-2019-10220,CVE-2019-11135,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666,CVE-2019-18805
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.29.1, kernel-source-azure-4.12.14-6.29.1, kernel-syms-azure-4.12.14-6.29.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 47 Swamp Workflow Management 2019-11-13 00:21:24 UTC 
SUSE-SU-2019:2958-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    ucode-intel-20191112-3.9.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Swamp Workflow Management 2019-11-13 00:29:16 UTC 
SUSE-SU-2019:2947-1: An update that solves 10 vulnerabilities and has 117 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1050244,1050536,1050545,1051510,1055186,1061840,1064802,1065600,1066129,1073513,1082635,1083647,1086323,1087092,1089644,1090631,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1109158,1111666,1112178,1113994,1114279,1117665,1119461,1119465,1123034,1123080,1133140,1134303,1135642,1135854,1135873,1135967,1137040,1137799,1137861,1138190,1139073,1140090,1140729,1140845,1140883,1141600,1142635,1142667,1143706,1144338,1144375,1144449,1144903,1145099,1146612,1148410,1149119,1149853,1150452,1150457,1150465,1150875,1151508,1151807,1152033,1152624,1152665,1152685,1152696,1152697,1152788,1152790,1152791,1153112,1153158,1153236,1153263,1153476,1153509,1153607,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154108,1154189,1154242,1154268,1154354,1154372,1154521,1154578,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1155061,1155178,1155179,1155184,1155186,1155671,802154,814594,919448,987367,998153
CVE References: CVE-2018-12207,CVE-2019-10220,CVE-2019-11135,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16995,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.26.1, kernel-livepatch-SLE15-SP1_Update_7-1-3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 49 Swamp Workflow Management 2019-11-13 00:43:08 UTC 
SUSE-SU-2019:2948-1: An update that solves 6 vulnerabilities and has 30 fixes is now available.

Category: security (important)
Bug References: 1051510,1082635,1083647,1090631,1096254,1117665,1119461,1119465,1123034,1135966,1135967,1137040,1138190,1139073,1140090,1143706,1144338,1144903,1146612,1149119,1150457,1151225,1152624,1153476,1153509,1153969,1154737,1154848,1154858,1154905,1154959,1155178,1155179,1155184,1155186,1155671
CVE References: CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-16233
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.40.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.40.1, kernel-obs-build-4.12.14-95.40.2
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.40.1, kernel-source-4.12.14-95.40.1, kernel-syms-4.12.14-95.40.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.40.1, kgraft-patch-SLE12-SP4_Update_10-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.40.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.40.1, kernel-source-4.12.14-95.40.1, kernel-syms-4.12.14-95.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 50 Swamp Workflow Management 2019-11-13 00:53:44 UTC 
SUSE-SU-2019:2946-1: An update that solves 12 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1050244,1050536,1050545,1051510,1055186,1061840,1064802,1065600,1066129,1073513,1082635,1083647,1086323,1087092,1089644,1090631,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1109158,1114279,1117665,1119461,1119465,1123034,1123080,1133140,1134303,1135642,1135854,1135873,1135966,1135967,1137040,1137799,1138190,1139073,1140090,1140729,1140845,1140883,1141600,1142635,1142667,1143706,1144338,1144375,1144449,1144903,1145099,1146612,1148410,1149119,1150452,1150457,1150465,1150875,1151508,1152624,1152685,1152788,1152791,1153112,1153158,1153236,1153263,1153476,1153509,1153646,1153713,1153717,1153718,1153719,1153811,1153969,1154108,1154189,1154354,1154372,1154578,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1155178,1155179,1155184,1155186,1155671
CVE References: CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16995,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.41.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.41.1, kernel-docs-4.12.14-150.41.1, kernel-obs-qa-4.12.14-150.41.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.41.1, kernel-livepatch-SLE15_Update_16-1-1.3.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.41.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.41.1, kernel-obs-build-4.12.14-150.41.1, kernel-source-4.12.14-150.41.1, kernel-syms-4.12.14-150.41.1, kernel-vanilla-4.12.14-150.41.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.41.1, kernel-source-4.12.14-150.41.1, kernel-zfcpdump-4.12.14-150.41.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 51 Swamp Workflow Management 2019-11-13 01:02:11 UTC 
SUSE-SU-2019:2957-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE Linux Enterprise Module for Basesystem 15 (src):    ucode-intel-20191112-3.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 52 Swamp Workflow Management 2019-11-13 01:21:12 UTC 
SUSE-SU-2019:2947-1: An update that solves 10 vulnerabilities and has 117 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1050244,1050536,1050545,1051510,1055186,1061840,1064802,1065600,1066129,1073513,1082635,1083647,1086323,1087092,1089644,1090631,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1109158,1111666,1112178,1113994,1114279,1117665,1119461,1119465,1123034,1123080,1133140,1134303,1135642,1135854,1135873,1135967,1137040,1137799,1137861,1138190,1139073,1140090,1140729,1140845,1140883,1141600,1142635,1142667,1143706,1144338,1144375,1144449,1144903,1145099,1146612,1148410,1149119,1149853,1150452,1150457,1150465,1150875,1151508,1151807,1152033,1152624,1152665,1152685,1152696,1152697,1152788,1152790,1152791,1153112,1153158,1153236,1153263,1153476,1153509,1153607,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154108,1154189,1154242,1154268,1154354,1154372,1154521,1154578,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1155061,1155178,1155179,1155184,1155186,1155671,802154,814594,919448,987367,998153
CVE References: CVE-2018-12207,CVE-2019-10220,CVE-2019-11135,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16995,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.26.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.26.1, kernel-default-4.12.14-197.26.1, kernel-docs-4.12.14-197.26.1, kernel-kvmsmall-4.12.14-197.26.1, kernel-obs-qa-4.12.14-197.26.1, kernel-source-4.12.14-197.26.1, kernel-vanilla-4.12.14-197.26.1, kernel-zfcpdump-4.12.14-197.26.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.26.1, kernel-livepatch-SLE15-SP1_Update_7-1-3.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.26.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.26.1, kernel-obs-build-4.12.14-197.26.1, kernel-source-4.12.14-197.26.1, kernel-syms-4.12.14-197.26.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.26.1, kernel-source-4.12.14-197.26.1, kernel-zfcpdump-4.12.14-197.26.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.26.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 53 Swamp Workflow Management 2019-11-13 01:34:55 UTC 
SUSE-SU-2019:2950-1: An update that solves 40 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1117665,1123959,1137586,1137865,1137944,1139073,1139751,1142857,1144903,1145477,1145922,1146042,1146163,1146285,1146361,1146378,1146391,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146540,1146543,1146547,1146584,1146612,1147122,1148938,1149376,1149522,1149527,1149555,1150025,1150112,1150452,1150457,1150465,1151347,1151350,1152782,1152788,1153119,1155671,999278
CVE References: CVE-2016-10906,CVE-2017-18509,CVE-2017-18551,CVE-2017-18595,CVE-2018-12207,CVE-2018-20976,CVE-2019-10207,CVE-2019-10220,CVE-2019-11135,CVE-2019-11477,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14821,CVE-2019-14835,CVE-2019-15098,CVE-2019-15118,CVE-2019-15212,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15290,CVE-2019-15291,CVE-2019-15505,CVE-2019-15807,CVE-2019-15902,CVE-2019-15926,CVE-2019-15927,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16413,CVE-2019-17055,CVE-2019-17056,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.124.1, kernel-source-3.12.74-60.64.124.1, kernel-syms-3.12.74-60.64.124.1, kernel-xen-3.12.74-60.64.124.1, kgraft-patch-SLE12-SP1_Update_37-1-2.3.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.124.1, kernel-source-3.12.74-60.64.124.1, kernel-syms-3.12.74-60.64.124.1, kernel-xen-3.12.74-60.64.124.1, kgraft-patch-SLE12-SP1_Update_37-1-2.3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.124.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 54 Swamp Workflow Management 2019-11-13 08:32:09 UTC 
This is an autogenerated message for OBS integration:
This bug (1139073) was mentioned in
https://build.opensuse.org/request/show/748033 15.1 / kernel-source
Comment 59 Swamp Workflow Management 2019-11-13 20:16:59 UTC 
SUSE-SU-2019:14217-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    microcode_ctl-1.17-102.83.47.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    microcode_ctl-1.17-102.83.47.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 60 Swamp Workflow Management 2019-11-14 11:12:31 UTC 
openSUSE-SU-2019:2504-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
openSUSE Leap 15.0 (src):    ucode-intel-20191112-lp150.2.30.1
Comment 61 Swamp Workflow Management 2019-11-14 11:19:29 UTC 
openSUSE-SU-2019:2503-1: An update that solves 10 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1082635,1083647,1090631,1096254,1117665,1119461,1119465,1123034,1135966,1135967,1137040,1138190,1139073,1140090,1143706,1144338,1144903,1146612,1149119,1150457,1150466,1152624,1152685,1152782,1153476,1153509,1153681,1153969,1154124,1154526,1154737,1154848,1154858,1154905,1154956,1155021,1155178,1155179,1155184,1155186,1155671,1155692,1155836,1155982,1156187,1156429
CVE References: CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-16231,CVE-2019-16233,CVE-2019-16995,CVE-2019-17055,CVE-2019-18805
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.82.1, kernel-default-4.12.14-lp150.12.82.1, kernel-docs-4.12.14-lp150.12.82.1, kernel-kvmsmall-4.12.14-lp150.12.82.1, kernel-obs-build-4.12.14-lp150.12.82.1, kernel-obs-qa-4.12.14-lp150.12.82.1, kernel-source-4.12.14-lp150.12.82.1, kernel-syms-4.12.14-lp150.12.82.1, kernel-vanilla-4.12.14-lp150.12.82.1
Comment 62 Swamp Workflow Management 2019-11-14 14:11:29 UTC 
openSUSE-SU-2019:2509-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
openSUSE Leap 15.1 (src):    ucode-intel-20191112-lp151.2.9.1
Comment 63 Swamp Workflow Management 2019-11-14 14:18:43 UTC 
openSUSE-SU-2019:2507-1: An update that solves 8 vulnerabilities and has 29 fixes is now available.

Category: security (important)
Bug References: 1048942,1051510,1082635,1090631,1096254,1111666,1117665,1119461,1119465,1123034,1135966,1135967,1138190,1139073,1140090,1143706,1144903,1149119,1150466,1152665,1152696,1152697,1152782,1153681,1154124,1154526,1154858,1154905,1154956,1155021,1155061,1155671,1155692,1155836,1155982,1156187,1156429
CVE References: CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-16231,CVE-2019-17055,CVE-2019-18805
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.32.1, kernel-default-4.12.14-lp151.28.32.1, kernel-docs-4.12.14-lp151.28.32.1, kernel-kvmsmall-4.12.14-lp151.28.32.1, kernel-obs-build-4.12.14-lp151.28.32.1, kernel-obs-qa-4.12.14-lp151.28.32.1, kernel-source-4.12.14-lp151.28.32.1, kernel-syms-4.12.14-lp151.28.32.1, kernel-vanilla-4.12.14-lp151.28.32.1
Comment 64 Swamp Workflow Management 2019-11-15 17:12:26 UTC 
SUSE-SU-2019:2988-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    ucode-intel-20191112a-13.56.1
SUSE OpenStack Cloud 8 (src):    ucode-intel-20191112a-13.56.1
SUSE OpenStack Cloud 7 (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server 12-SP4 (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    ucode-intel-20191112a-13.56.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    ucode-intel-20191112a-13.56.1
SUSE Enterprise Storage 5 (src):    ucode-intel-20191112a-13.56.1
SUSE CaaS Platform 3.0 (src):    ucode-intel-20191112a-13.56.1
HPE Helion Openstack 8 (src):    ucode-intel-20191112a-13.56.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 65 Swamp Workflow Management 2019-11-15 17:13:27 UTC 
SUSE-SU-2019:2986-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE Linux Enterprise Module for Basesystem 15 (src):    ucode-intel-20191112a-3.31.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 66 Swamp Workflow Management 2019-11-15 17:14:22 UTC 
SUSE-SU-2019:2987-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    ucode-intel-20191112a-3.13.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 67 Swamp Workflow Management 2019-11-15 17:15:18 UTC 
SUSE-SU-2019:14220-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    microcode_ctl-1.17-102.83.50.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    microcode_ctl-1.17-102.83.50.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 69 Swamp Workflow Management 2019-11-18 14:12:28 UTC 
openSUSE-SU-2019:2528-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
openSUSE Leap 15.1 (src):    ucode-intel-20191112a-lp151.2.12.1
Comment 70 Swamp Workflow Management 2019-11-18 14:14:02 UTC 
openSUSE-SU-2019:2527-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
openSUSE Leap 15.0 (src):    ucode-intel-20191112a-lp150.2.33.1
Comment 75 Swamp Workflow Management 2019-11-28 20:13:39 UTC 
SUSE-SU-2019:3091-1: An update that solves two vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1139073,1141035,1155988,1157004
CVE References: CVE-2019-11135,CVE-2019-11139
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    ucode-intel-20191115-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 77 Swamp Workflow Management 2019-12-06 23:24:17 UTC 
SUSE-SU-2019:3200-1: An update that solves 44 vulnerabilities and has 258 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1054914,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113994,1114279,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120902,1122363,1123034,1123080,1123105,1126390,1127155,1127354,1127371,1127988,1131107,1131304,1131489,1133140,1134476,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1138539,1139073,1140090,1140155,1140729,1140845,1140883,1141013,1141340,1141543,1141600,1142076,1142635,1142667,1142924,1143706,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149651,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150457,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151955,1152024,1152025,1152026,1152033,1152161,1152187,1152325,1152457,1152460,1152466,1152525,1152624,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155671,1155689,1155692,1155836,1155897,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068
CVE References: CVE-2017-18595,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-15030,CVE-2019-15031,CVE-2019-15916,CVE-2019-16231,CVE-2019-16233,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kgraft-patch-SLE12-SP5_Update_1-1-8.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 78 Swamp Workflow Management 2019-12-07 00:01:32 UTC 
SUSE-SU-2019:3200-1: An update that solves 44 vulnerabilities and has 258 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1054914,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113994,1114279,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120902,1122363,1123034,1123080,1123105,1126390,1127155,1127354,1127371,1127988,1131107,1131304,1131489,1133140,1134476,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1138539,1139073,1140090,1140155,1140729,1140845,1140883,1141013,1141340,1141543,1141600,1142076,1142635,1142667,1142924,1143706,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149651,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150457,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151955,1152024,1152025,1152026,1152033,1152161,1152187,1152325,1152457,1152460,1152466,1152525,1152624,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155671,1155689,1155692,1155836,1155897,1155982,1156187,1156258,1156429,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157908,1158049,1158063,1158064,1158065,1158066,1158067,1158068
CVE References: CVE-2017-18595,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-15030,CVE-2019-15031,CVE-2019-15916,CVE-2019-16231,CVE-2019-16233,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.7.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.7.1, kernel-obs-build-4.12.14-122.7.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kernel-source-4.12.14-122.7.1, kernel-syms-4.12.14-122.7.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.7.1, kgraft-patch-SLE12-SP5_Update_1-1-8.7.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 79 Swamp Workflow Management 2019-12-11 08:30:23 UTC 
This is an autogenerated message for OBS integration:
This bug (1139073) was mentioned in
https://build.opensuse.org/request/show/755736 Factory / spectre-meltdown-checker
Comment 82 Swamp Workflow Management 2019-12-13 23:22:28 UTC 
SUSE-SU-2019:3294-1: An update that solves 16 vulnerabilities and has 124 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1055186,1061840,1064802,1065600,1066129,1073513,1082635,1083647,1086323,1087092,1089644,1090631,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1109158,1114279,1117665,1119461,1119465,1122363,1123034,1123080,1127155,1131107,1133140,1134303,1135642,1135854,1135873,1135966,1135967,1137040,1137799,1137861,1138190,1139073,1140090,1140729,1140845,1140883,1141600,1142635,1142667,1143706,1144338,1144375,1144449,1144903,1145099,1146612,1148410,1149119,1149448,1150452,1150457,1150465,1150466,1150875,1151225,1151508,1151680,1152497,1152505,1152506,1152624,1152685,1152782,1152788,1152791,1153112,1153158,1153236,1153263,1153476,1153509,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154108,1154124,1154189,1154354,1154372,1154526,1154578,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1154959,1155021,1155178,1155179,1155184,1155186,1155671,1155692,1155812,1155817,1155836,1155945,1155982,1156187,1156429,1156466,1156494,1156609,1156700,1156729,1156882
CVE References: CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-15916,CVE-2019-16231,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666,CVE-2019-18805
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.9.3, kernel-rt_debug-4.12.14-8.9.3, kernel-source-rt-4.12.14-8.9.3, kernel-syms-rt-4.12.14-8.9.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 83 Swamp Workflow Management 2019-12-13 23:44:41 UTC 
SUSE-SU-2019:3295-1: An update that solves 20 vulnerabilities and has 186 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1054914,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1104967,1109158,1111666,1112178,1113722,1113994,1114279,1117665,1119086,1119461,1119465,1123034,1123080,1127988,1131107,1131304,1133140,1134303,1135642,1135854,1135873,1135966,1135967,1137040,1137069,1137799,1137861,1137865,1137959,1137982,1138190,1139073,1140090,1140155,1140729,1140845,1140883,1141013,1141600,1142076,1142635,1142667,1143706,1144338,1144375,1144449,1144903,1145099,1146042,1146519,1146540,1146612,1146664,1148133,1148410,1148712,1148868,1149119,1149313,1149446,1149448,1149555,1149651,1149853,1150305,1150381,1150423,1150452,1150457,1150465,1150466,1150846,1150875,1151067,1151192,1151350,1151508,1151610,1151661,1151662,1151667,1151680,1151807,1151891,1151955,1152024,1152025,1152026,1152033,1152161,1152187,1152243,1152325,1152457,1152460,1152466,1152497,1152505,1152506,1152525,1152624,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152972,1152974,1152975,1153112,1153158,1153236,1153263,1153476,1153509,1153607,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154108,1154124,1154189,1154242,1154268,1154354,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154747,1154848,1154858,1154905,1154956,1155021,1155061,1155178,1155179,1155184,1155186,1155671,1155692,1155812,1155817,1155836,1155945,1155982,1156187,1156429,1156466,1156494,1156609,1156700,1156729,1156882
CVE References: CVE-2017-18595,CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-15291,CVE-2019-15916,CVE-2019-16231,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666,CVE-2019-18805,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.14.3, kernel-rt_debug-4.12.14-14.14.3, kernel-source-rt-4.12.14-14.14.2, kernel-syms-rt-4.12.14-14.14.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.14.3, kernel-rt_debug-4.12.14-14.14.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 84 Swamp Workflow Management 2019-12-19 11:13:02 UTC 
SUSE-SU-2019:3340-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1117665,1139073
CVE References: CVE-2018-12207,CVE-2019-11135
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    spectre-meltdown-checker-0.43-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 86 Swamp Workflow Management 2019-12-19 20:11:20 UTC 
SUSE-SU-2019:3348-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1117665,1139073
CVE References: CVE-2018-12207,CVE-2019-11135
Sources used:
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    spectre-meltdown-checker-0.43-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 87 Swamp Workflow Management 2019-12-31 05:13:21 UTC 
openSUSE-SU-2019:2710-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1117665,1139073
CVE References: CVE-2018-12207,CVE-2019-11135
Sources used:
openSUSE Leap 15.1 (src):    spectre-meltdown-checker-0.43-lp151.3.3.1
Comment 88 Marcus Meissner 2020-01-06 16:12:41 UTC 
done
Comment 90 Swamp Workflow Management 2020-01-14 14:26:26 UTC 
SUSE-SU-2020:0093-1: An update that solves 80 vulnerabilities and has 310 fixes is now available.

Category: security (important)
Bug References: 1046299,1046303,1046305,1048942,1050244,1050536,1050545,1051510,1055117,1055186,1061840,1064802,1065600,1065729,1066129,1071995,1073513,1078248,1082555,1082635,1083647,1086323,1087092,1089644,1090631,1090888,1091041,1093205,1096254,1097583,1097584,1097585,1097586,1097587,1097588,1098291,1101674,1103989,1103990,1103991,1104353,1104427,1104745,1104967,1106434,1108043,1108382,1109158,1109837,1111666,1112178,1112374,1113722,1113956,1113994,1114279,1115026,1117169,1117665,1118661,1119086,1119113,1119461,1119465,1120853,1120902,1122363,1123034,1123080,1123105,1126206,1126390,1127155,1127354,1127371,1127611,1127988,1129770,1131107,1131304,1131489,1133140,1134476,1134973,1134983,1135642,1135854,1135873,1135966,1135967,1136261,1137040,1137069,1137223,1137236,1137799,1137861,1137865,1137959,1137982,1138039,1138190,1139073,1140090,1140155,1140729,1140845,1140883,1140948,1141013,1141340,1141543,1142076,1142095,1142635,1142667,1142924,1143706,1143959,1144333,1144338,1144375,1144449,1144653,1144903,1145099,1145661,1146042,1146519,1146544,1146612,1146664,1148133,1148410,1148712,1148859,1148868,1149083,1149119,1149224,1149446,1149448,1149555,1149652,1149713,1149853,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150305,1150381,1150423,1150452,1150457,1150465,1150466,1150562,1150727,1150846,1150860,1150861,1150875,1150933,1151021,1151067,1151192,1151225,1151350,1151508,1151548,1151610,1151661,1151662,1151667,1151671,1151680,1151807,1151891,1151900,1151910,1151955,1152024,1152025,1152026,1152033,1152107,1152161,1152187,1152325,1152446,1152457,1152460,1152466,1152497,1152505,1152506,1152525,1152624,1152631,1152665,1152685,1152696,1152697,1152782,1152788,1152790,1152791,1152885,1152972,1152974,1152975,1153108,1153112,1153158,1153236,1153263,1153476,1153509,1153607,1153628,1153646,1153681,1153713,1153717,1153718,1153719,1153811,1153969,1154043,1154048,1154058,1154108,1154124,1154189,1154242,1154244,1154268,1154354,1154355,1154372,1154521,1154526,1154578,1154601,1154607,1154608,1154610,1154611,1154651,1154737,1154768,1154848,1154858,1154905,1154916,1154956,1154959,1155021,1155061,1155178,1155179,1155184,1155186,1155331,1155334,1155671,1155689,1155692,1155812,1155817,1155836,1155897,1155921,1155945,1156187,1156258,1156259,1156286,1156429,1156462,1156466,1156471,1156494,1156609,1156700,1156729,1156882,1156928,1157032,1157038,1157042,1157044,1157045,1157046,1157049,1157070,1157115,1157143,1157145,1157158,1157160,1157162,1157169,1157171,1157173,1157178,1157180,1157182,1157183,1157184,1157191,1157193,1157197,1157298,1157303,1157304,1157307,1157324,1157333,1157386,1157424,1157463,1157499,1157678,1157698,1157778,1157853,1157895,1157908,1158021,1158049,1158063,1158064,1158065,1158066,1158067,1158068,1158071,1158082,1158094,1158132,1158381,1158394,1158398,1158407,1158410,1158413,1158417,1158427,1158445,1158533,1158637,1158638,1158639,1158640,1158641,1158643,1158644,1158645,1158646,1158647,1158649,1158651,1158652,1158819,1158823,1158824,1158827,1158834,1158893,1158900,1158903,1158904,1158954,1159024,1159096,1159297,1159483,1159484,1159500,1159569,1159841,1159908,1159909,1159910,972655
CVE References: CVE-2017-18595,CVE-2018-12207,CVE-2019-0154,CVE-2019-0155,CVE-2019-10220,CVE-2019-11135,CVE-2019-14821,CVE-2019-14835,CVE-2019-14895,CVE-2019-14901,CVE-2019-15030,CVE-2019-15031,CVE-2019-15213,CVE-2019-15916,CVE-2019-16231,CVE-2019-16232,CVE-2019-16233,CVE-2019-16234,CVE-2019-16746,CVE-2019-16995,CVE-2019-17055,CVE-2019-17056,CVE-2019-17133,CVE-2019-17666,CVE-2019-18660,CVE-2019-18683,CVE-2019-18805,CVE-2019-18808,CVE-2019-18809,CVE-2019-19046,CVE-2019-19049,CVE-2019-19051,CVE-2019-19052,CVE-2019-19056,CVE-2019-19057,CVE-2019-19058,CVE-2019-19060,CVE-2019-19062,CVE-2019-19063,CVE-2019-19065,CVE-2019-19066,CVE-2019-19067,CVE-2019-19068,CVE-2019-19073,CVE-2019-19074,CVE-2019-19075,CVE-2019-19077,CVE-2019-19078,CVE-2019-19080,CVE-2019-19081,CVE-2019-19082,CVE-2019-19083,CVE-2019-19227,CVE-2019-19319,CVE-2019-19332,CVE-2019-19338,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19526,CVE-2019-19527,CVE-2019-19528,CVE-2019-19529,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19543,CVE-2019-19767,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.7.1, kernel-source-azure-4.12.14-16.7.1, kernel-syms-azure-4.12.14-16.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.