Bug 1064388 (CVE-2017-15649) - VUL-0: CVE-2017-15649: kernel: net/packet/af_packet.c allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures
Summary: VUL-0: CVE-2017-15649: kernel: net/packet/af_packet.c allows local users to g...
Status: RESOLVED FIXED
Alias: CVE-2017-15649
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Major
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/193844/
Whiteboard: CVSSv2:SUSE:CVE-2017-15649:6.9:(AV:L...
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-20 08:22 UTC by Johannes Segitz
Modified: 2024-07-04 09:13 UTC (History)
10 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
CVE-2017-15649.c (3.22 KB, text/plain)
2017-10-20 08:36 UTC, Marcus Meissner 		Details
3.12.61-52.99 (ppc64le) gets crashed (66.35 KB, text/plain)
2017-10-30 10:59 UTC, Klaus Wagner 		Details
3.12.61-52.99 (x86_64) gets crashed (10.98 KB, text/plain)
2017-10-30 11:00 UTC, Klaus Wagner 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Marcus Meissner 2017-10-20 08:32:17 UTC 
reproducer triggers for me on tumbleweed, also on kernel 4.4.

sle11 has troubles as it does not have this user shared namespace feature used.
Comment 2 Marcus Meissner 2017-10-20 08:36:07 UTC 
Created attachment 745284 [details]
CVE-2017-15649.c

QA REPRODUCER:

gcc -pthread -O2 -o CVE-2017-15649 CVE-2017-15649.c

./CVE-2017-15649

should not crash the kernel. (do not be confused that it prints id=root, this is due to the namespace switch before the exploit)
Comment 3 Michal Hocko 2017-10-20 08:38:50 UTC 
Both commits point to dc99f600698d ("packet: Add fanout support."). Which is
$ git describe --contains dc99f600698d
v3.0-git1~12^2~229

but in fact it is in the 3.0..3.1 range and our 3.0 based kernels do not seem to have it. So if this is really the commit which has introduced the issue SLE11* shouldn't be affected.
Comment 5 Jiri Slaby 2017-10-20 09:26:23 UTC 
In stable 4.13.6.

NOT in stable 4.4.93 (latest 4.4.*).
Comment 6 Michal Kubeček 2017-10-20 09:35:39 UTC 
Yes, commit dc99f600698d is 3.1-rc1 and hasn't been backported to any of our
older kernels. As this is the initial commit adding the fanout infrastructure
as such, branches based on kernel <= 3.0 are safe.

On the other end, master is already fixed via 4.14-rc4 and stable via 4.13.6.
That leaves us with

  SLE15
  SLE12-SP3
  SLE12-SP2
  cve/linux-3.12
Comment 7 Michal Kubeček 2017-10-20 15:25:00 UTC 
The two fixes

  008ba2a13f2d  packet: hold bind lock when rebinding to fanout hook
  4971613c1639  packet: in packet_do_bind, test fanout with bind_lock held

are now present in or have been submitted to (*) all relevant branches:

  stable                  4.13.6
  SLE15                   d09ce1887a72 *
  SLE12-SP3               fbf37987471f
  SLE12-SP2               d360124864db
  cve/linux-3.12          cdca61fab372 *

Reassigning back to the security team.
Comment 10 Bernhard Wiedemann 2017-10-22 10:03:09 UTC 
This is an autogenerated message for OBS integration:
This bug (1064388) was mentioned in
https://build.opensuse.org/request/show/535772 42.2 / kernel-source
https://build.opensuse.org/request/show/535773 42.3 / kernel-source
Comment 12 Swamp Workflow Management 2017-10-25 13:15:32 UTC 
openSUSE-SU-2017:2846-1: An update that solves three vulnerabilities and has 60 fixes is now available.

Category: security (important)
Bug References: 1004527,1012382,1015342,1015343,1019675,1019680,1019695,1019699,1020412,1020989,1022595,1022604,1022912,1024346,1024373,1025461,1032150,1034075,1037579,1037890,1050471,1052360,1055567,1056230,1056427,1056587,1056596,1058135,1059863,1060249,1060400,1060985,1061451,1061721,1061775,1062279,1062520,1062962,1063102,1063349,1063460,1063475,1063501,1063509,1063520,1063570,1063667,1063695,1064064,1064206,1064388,1064436,963575,964944,966170,966172,966186,966191,966316,966318,969476,969477,971975
CVE References: CVE-2017-13080,CVE-2017-15265,CVE-2017-15649
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.92-31.1, kernel-default-4.4.92-31.1, kernel-docs-4.4.92-31.2, kernel-obs-build-4.4.92-31.1, kernel-obs-qa-4.4.92-31.1, kernel-source-4.4.92-31.1, kernel-syms-4.4.92-31.1, kernel-vanilla-4.4.92-31.1
Comment 13 Swamp Workflow Management 2017-10-25 13:40:49 UTC 
SUSE-SU-2017:2847-1: An update that solves 11 vulnerabilities and has 170 fixes is now available.

Category: security (important)
Bug References: 1004527,1005776,1005778,1005780,1005781,1012382,1012829,1015342,1015343,1019675,1019680,1019695,1019699,1020412,1020645,1020657,1020989,1021424,1022595,1022604,1022743,1022912,1022967,1024346,1024373,1024405,1025461,1030850,1031717,1031784,1032150,1034048,1034075,1035479,1036060,1036215,1036737,1037579,1037838,1037890,1038583,1040813,1042847,1043598,1044503,1046529,1047238,1047487,1047989,1048155,1048228,1048325,1048327,1048356,1048501,1048893,1048912,1048934,1049226,1049272,1049291,1049336,1049361,1049580,1050471,1050742,1051790,1051987,1052093,1052094,1052095,1052360,1052384,1052580,1052593,1052888,1053043,1053309,1053472,1053627,1053629,1053633,1053681,1053685,1053802,1053915,1053919,1054082,1054084,1054654,1055013,1055096,1055272,1055290,1055359,1055493,1055567,1055709,1055755,1055896,1055935,1055963,1056061,1056185,1056230,1056261,1056427,1056587,1056588,1056596,1056686,1056827,1056849,1056982,1057015,1057031,1057035,1057038,1057047,1057067,1057383,1057498,1057849,1058038,1058116,1058135,1058410,1058507,1058512,1058550,1059051,1059465,1059500,1059863,1060197,1060229,1060249,1060400,1060985,1061017,1061046,1061064,1061067,1061172,1061451,1061721,1061775,1061831,1061872,1062279,1062520,1062962,1063102,1063349,1063460,1063475,1063479,1063501,1063509,1063520,1063570,1063667,1063671,1063695,1064064,1064206,1064388,1064436,963575,964944,966170,966172,966186,966191,966316,966318,969476,969477,969756,971975,981309
CVE References: CVE-2017-1000252,CVE-2017-11472,CVE-2017-12134,CVE-2017-12153,CVE-2017-12154,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14489,CVE-2017-15265,CVE-2017-15649
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.92-6.18.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.92-6.18.3, kernel-obs-build-4.4.92-6.18.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.92-6.18.1, kernel-source-4.4.92-6.18.1, kernel-syms-4.4.92-6.18.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_4-1-4.3
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.92-6.18.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.92-6.18.1, kernel-source-4.4.92-6.18.1, kernel-syms-4.4.92-6.18.1
Comment 14 Swamp Workflow Management 2017-10-27 16:51:40 UTC 
SUSE-SU-2017:2869-1: An update that solves 16 vulnerabilities and has 120 fixes is now available.

Category: security (important)
Bug References: 1006180,1011913,1012382,1012829,1013887,1019151,1020645,1020657,1021424,1022476,1022743,1022967,1023175,1024405,1028173,1028286,1029693,1030552,1030850,1031515,1031717,1031784,1033587,1034048,1034075,1034762,1036303,1036632,1037344,1037404,1037994,1038078,1038583,1038616,1038792,1039915,1040307,1040351,1041958,1042286,1042314,1042422,1042778,1043652,1044112,1044636,1045154,1045563,1045922,1046682,1046821,1046985,1047027,1047048,1047096,1047118,1047121,1047152,1047277,1047343,1047354,1047487,1047651,1047653,1047670,1048155,1048221,1048317,1048891,1048893,1048914,1048934,1049226,1049483,1049486,1049580,1049603,1049645,1049882,1050061,1050188,1051022,1051059,1051239,1051399,1051478,1051479,1051556,1051663,1051790,1052049,1052223,1052533,1052580,1052593,1052709,1052773,1052794,1052888,1053117,1053802,1053915,1053919,1054084,1055013,1055096,1055359,1055493,1055755,1055896,1056261,1056588,1056827,1056982,1057015,1058038,1058116,1058410,1058507,1059051,1059465,1060197,1061017,1061046,1061064,1061067,1061172,1061831,1061872,1063667,1064206,1064388,964063,971975,974215,981309
CVE References: CVE-2017-1000252,CVE-2017-10810,CVE-2017-11472,CVE-2017-11473,CVE-2017-12134,CVE-2017-12153,CVE-2017-12154,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14489,CVE-2017-15649,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-8831
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    kernel-default-4.4.90-92.45.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    kernel-docs-4.4.90-92.45.3, kernel-obs-build-4.4.90-92.45.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    kernel-default-4.4.90-92.45.1, kernel-source-4.4.90-92.45.1, kernel-syms-4.4.90-92.45.1
SUSE Linux Enterprise Server 12-SP2 (src):    kernel-default-4.4.90-92.45.1, kernel-source-4.4.90-92.45.1, kernel-syms-4.4.90-92.45.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP2_Update_14-1-2.4
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.90-92.45.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    kernel-default-4.4.90-92.45.1, kernel-source-4.4.90-92.45.1, kernel-syms-4.4.90-92.45.1
SUSE Container as a Service Platform ALL (src):    kernel-default-4.4.90-92.45.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.90-92.45.1
Comment 15 Swamp Workflow Management 2017-10-29 20:11:55 UTC 
openSUSE-SU-2017:2905-1: An update that solves three vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1012382,1020645,1022595,1022600,1025461,1028971,1034048,1055567,1056427,1059863,1060985,1061451,1062520,1062962,1063460,1063475,1063501,1063509,1063520,1063667,1063695,1064206,1064388,964944,966170,966172,966186,966191,966316,966318,969474,969475,969476,969477,971975
CVE References: CVE-2017-13080,CVE-2017-15265,CVE-2017-15649
Sources used:
openSUSE Leap 42.2 (src):    kernel-debug-4.4.92-18.36.1, kernel-default-4.4.92-18.36.1, kernel-docs-4.4.92-18.36.2, kernel-obs-build-4.4.92-18.36.1, kernel-obs-qa-4.4.92-18.36.1, kernel-source-4.4.92-18.36.1, kernel-syms-4.4.92-18.36.1, kernel-vanilla-4.4.92-18.36.1
Comment 16 Klaus Wagner 2017-10-30 10:59:52 UTC 
Created attachment 746317 [details]
3.12.61-52.99  (ppc64le) gets crashed

Re: comment 2.

during QA for SLES-12 LTSS kernel update candidate 3.12.61-52.99
the reproducer was found to cause crashes on ppc64le and x86_64.
Comment 17 Klaus Wagner 2017-10-30 11:00:46 UTC 
Created attachment 746318 [details]
3.12.61-52.99  (x86_64) gets crashed
Comment 18 Vítězslav Čížek 2017-10-30 11:12:07 UTC 
Michal,
Could you please have a look?
Comment 19 Michal Kubeček 2017-10-30 11:46:21 UTC 
This is most likely the same issue as Nicolai found on Friday (cve/linux-3.12
broken due to changes that happened in upstream 4.10). I'm currently reviewing
the fix he proposed.
Comment 20 Michal Kubeček 2017-10-30 13:01:34 UTC 
Nicolai, your fix from users/nstange/cve/linux-3.12/bsc1064388-fix looks
correct to me (except for the "Fixes" tag as I can't find commit d7ce9d3c7eca
in either kernel-source or expanded tree).

Aleš, could you please resubmit the 3.12 based updates with this fix?
Comment 21 Vítězslav Čížek 2017-10-30 13:22:27 UTC 
Michal,
Just to be sure, does SP1 need a resubmission too?
QA haven't found the issue in the SP1 update, but we also have kernel 3.12 there.
Comment 22 Michal Kubeček 2017-10-30 13:35:03 UTC 
Sorry for messing up again. SLE12-SP1 is actually fine. The backup is broken
because SLE12-LTSS is missing mainline commit 2bd624b4611f from 4.10 which
removes a call to dev_add_pack() from fanout_add(). However, SLE12-SP1-LTSS
branch received this commit with 3.12.71 stable update while SLE12-LTSS did
not (it stopped at 3.12.61).

So what needs to be done is to merge Nicolai's fix into SLE12-LTSS only, _not_
into SLE12-SP1-LTSS. It is questionable what to do with cve/linux-3.12 branch
as technically it should receive the same version of the fix as SLE12-LTSS
(it lacks backport of commit 2bd624b4611f) but then upon merge into
SLE12-SP1-LTSS, it should be reverted to current version in SLE12-SP1-LTSS.
Sigh...
Comment 23 Nicolai Stange 2017-10-30 14:12:09 UTC 
(In reply to Michal Kubeček from comment #20)
> Nicolai, your fix from users/nstange/cve/linux-3.12/bsc1064388-fix looks
> correct to me (except for the "Fixes" tag as I can't find commit d7ce9d3c7eca
> in either kernel-source or expanded tree).

"Fixes" tag corrected.
Comment 24 Ales Novak 2017-10-30 17:10:00 UTC 
I've merged users/nstange/cve/linux-3.12/bsc1064388-fix to cve/linux-3.12, merged that to SLE12-LTSS and resubmitted it.

Then I've empty-merged cve/linux-3.12 to SLE12-SP1-LTSS.

Thanks for all the care.
Comment 25 Swamp Workflow Management 2017-10-30 18:32:38 UTC 
SUSE-SU-2017:2908-1: An update that solves 30 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1001459,1012985,1023287,1027149,1028217,1030531,1030552,1031515,1033960,1034405,1035531,1035738,1037182,1037183,1037994,1038544,1038564,1038879,1038883,1038981,1038982,1039348,1039354,1039456,1039721,1039864,1039882,1039883,1039885,1040069,1041160,1041429,1041431,1042696,1042832,1042863,1044125,1045327,1045487,1045922,1046107,1048275,1048788,1049645,1049882,1053148,1053152,1053317,1056588,1056982,1057179,1058410,1058507,1058524,1059863,1062471,1062520,1063667,1064388,856774,860250,863764,878240,922855,922871,986924,993099,994364
CVE References: CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE OpenStack Cloud 6 (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.63.1
Comment 26 Swamp Workflow Management 2017-11-02 17:20:56 UTC 
SUSE-SU-2017:2920-1: An update that solves 36 vulnerabilities and has 22 fixes is now available.

Category: security (important)
Bug References: 1008353,1012422,1017941,1029850,1030593,1032268,1034405,1034670,1035576,1035877,1036752,1037182,1037183,1037306,1037994,1038544,1038879,1038981,1038982,1039348,1039349,1039354,1039456,1039721,1039882,1039883,1039885,1040069,1041431,1041958,1044125,1045327,1045487,1045922,1046107,1047408,1048275,1049645,1049882,1052593,1053148,1053152,1056588,1056982,1057179,1058038,1058410,1058507,1058524,1062520,1063667,1064388,938162,975596,977417,984779,985562,990682
CVE References: CVE-2015-9004,CVE-2016-10229,CVE-2016-9604,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-2647,CVE-2017-6951,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8106,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.101.1, kernel-source-3.12.61-52.101.1, kernel-syms-3.12.61-52.101.1, kernel-xen-3.12.61-52.101.1, kgraft-patch-SLE12_Update_28-1-8.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.101.1
Comment 31 Swamp Workflow Management 2017-12-12 14:15:14 UTC 
SUSE-SU-2017:3267-1: An update that solves 5 vulnerabilities and has 56 fixes is now available.

Category: security (important)
Bug References: 1012382,1017461,1020645,1022595,1022600,1022914,1022967,1025461,1028971,1030061,1034048,1037890,1052593,1053919,1055493,1055567,1055755,1055896,1056427,1058135,1058410,1058624,1059051,1059465,1059863,1060197,1060985,1061017,1061046,1061064,1061067,1061172,1061451,1061831,1061872,1062520,1062962,1063460,1063475,1063501,1063509,1063520,1063667,1063695,1064206,1064388,1064701,964944,966170,966172,966186,966191,966316,966318,969474,969475,969476,969477,971975,974590,996376
CVE References: CVE-2017-12153,CVE-2017-13080,CVE-2017-14489,CVE-2017-15265,CVE-2017-15649
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP2 (src):    kernel-rt-4.4.95-21.1, kernel-rt_debug-4.4.95-21.1, kernel-source-rt-4.4.95-21.1, kernel-syms-rt-4.4.95-21.1
Comment 32 Swamp Workflow Management 2017-12-14 14:25:05 UTC 
SUSE-SU-2017:3307-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1064388,1064392,1069708
CVE References: CVE-2017-15649,CVE-2017-16939
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_28-2-2.1
Comment 33 Swamp Workflow Management 2017-12-14 20:11:57 UTC 
SUSE-SU-2017:3315-1: An update that solves one vulnerability and has one errata is now available.

Category: security (important)
Bug References: 1064388,1064392
CVE References: CVE-2017-15649
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_29-2-2.1
Comment 34 Swamp Workflow Management 2018-01-26 14:08:17 UTC 
SUSE-SU-2018:0233-1: An update that solves one vulnerability and has one errata is now available.

Category: security (important)
Bug References: 1064388,1064392
CVE References: CVE-2017-15649
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_30-2-2.1
Comment 35 Marcus Meissner 2018-02-09 07:06:09 UTC 
released
Comment 47 Swamp Workflow Management 2019-05-21 06:10:44 UTC 
openSUSE-SU-2019:1407-1: An update that solves 14 vulnerabilities and has 90 fixes is now available.

Category: security (important)
Bug References: 1012382,1020645,1020989,1031492,1047487,1051510,1053043,1062056,1063638,1064388,1066223,1070872,1085539,1087092,1094244,1096480,1096728,1097104,1100132,1103186,1105348,1106110,1106913,1106929,1108293,1110785,1110946,1111331,1112063,1112178,1113399,1114542,1114638,1114648,1114893,1116803,1118338,1118506,1119086,1119974,1120902,1122776,1122822,1125580,1126040,1126356,1127445,1129138,1129278,1129326,1129770,1130130,1130343,1130344,1130345,1130346,1130347,1130356,1130425,1130567,1130737,1130972,1131107,1131416,1131427,1131488,1131587,1131659,1131857,1131900,1131934,1131935,1131980,1132212,1132227,1132534,1132589,1132618,1132619,1132634,1132635,1132636,1132637,1132638,1132727,1132828,1133188,1133308,1133584,1134160,1134162,1134537,1134564,1134565,1134566,1134651,1134760,1134848,1135013,1135014,1135015,1135100,843419,994770
CVE References: CVE-2018-1000204,CVE-2018-10853,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-15594,CVE-2018-17972,CVE-2018-5814,CVE-2019-11091,CVE-2019-11486,CVE-2019-11815,CVE-2019-11884,CVE-2019-3882,CVE-2019-9503
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.179-99.1, kernel-default-4.4.179-99.1, kernel-docs-4.4.179-99.1, kernel-obs-build-4.4.179-99.1, kernel-obs-qa-4.4.179-99.1, kernel-source-4.4.179-99.1, kernel-syms-4.4.179-99.1, kernel-vanilla-4.4.179-99.1