1159285 – (CVE-2019-19768) VUL-1: CVE-2019-19768: kernel-source: use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c

Bug 1159285 (CVE-2019-19768) - VUL-1: CVE-2019-19768: kernel-source: use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c

Summary: VUL-1: CVE-2019-19768: kernel-source: use-after-free (read) in the __blk_add_...

Status:	RESOLVED FIXED

Alias:	CVE-2019-19768

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Minor
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/248985/
Whiteboard:	CVSSv3.1:SUSE:CVE-2019-19768:5.3:(AV...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2019-12-16 13:15 UTC by Alexandros Toptsoglou
Modified:	2024-06-25 14:12 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexandros Toptsoglou 2019-12-16 13:15:18 UTC

CVE-2019-19768

In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the
__blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a
blk_io_trace structure and place it in a per-cpu sub-buffer).

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19768
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19768.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19768
https://bugzilla.kernel.org/show_bug.cgi?id=205711

Comment 1 Alexandros Toptsoglou 2019-12-16 13:25:56 UTC

Seems that all our kernels as back as 2.6.32 are affected

Comment 3 Jan Kara 2019-12-16 16:31:08 UTC

Yeah, the bug looks real. The only real fix to this seems to be make all 'struct blk_trace' accesses be protected by RCU and free the structure only after RCU grace period. But that's going to be somewhat bigger effort upstream.

Comment 4 Jan Kara 2020-02-10 11:25:42 UTC

I've posted a patch upstream last week:

https://lore.kernel.org/linux-block/20200206142812.25989-1-jack@suse.cz

Once it gets accepted, I'll backport it to our kernels.

Comment 5 Jan Kara 2020-03-05 10:14:09 UTC

OK, patch got accepted as commit c780e86dd48e "blktrace: Protect q->blk_trace with RCU". I've backported the patch to SLE15-SP2 branch and working on backport for older kernels.

Comment 6 Jan Kara 2020-03-05 15:52:36 UTC

Pushed out fixes to cve/linux-4.12 and cve/linux-4.4 branches.

Comment 8 Swamp Workflow Management 2020-03-20 22:32:01 UTC

This is an autogenerated message for OBS integration:
This bug (1159285) was mentioned in
https://build.opensuse.org/request/show/786996 15.1 / kernel-source

Comment 9 Swamp Workflow Management 2020-03-27 11:21:22 UTC

openSUSE-SU-2020:0388-1: An update that solves four vulnerabilities and has 37 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1056686,1065729,1111666,1111974,1112178,1113956,1114279,1119680,1141895,1156510,1158187,1159285,1161561,1162929,1162931,1164078,1164507,1164632,1165111,1165741,1165873,1165929,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735
CVE References: CVE-2019-19768,CVE-2020-8647,CVE-2020-8649,CVE-2020-9383
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.44.1, kernel-default-4.12.14-lp151.28.44.1, kernel-docs-4.12.14-lp151.28.44.1, kernel-kvmsmall-4.12.14-lp151.28.44.1, kernel-obs-build-4.12.14-lp151.28.44.1, kernel-obs-qa-4.12.14-lp151.28.44.1, kernel-source-4.12.14-lp151.28.44.1, kernel-syms-4.12.14-lp151.28.44.1, kernel-vanilla-4.12.14-lp151.28.44.1

Comment 10 Swamp Workflow Management 2020-03-31 22:21:13 UTC

SUSE-SU-2020:0836-1: An update that solves 5 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1051858,1056686,1060463,1065729,1103990,1103992,1104353,1104745,1109837,1111666,1111974,1112178,1112374,1113956,1114279,1114685,1119680,1127611,1133021,1134090,1136157,1141895,1144333,1146539,1156510,1157424,1158187,1159285,1160659,1161561,1161951,1162928,1162929,1162931,1164078,1164507,1165111,1165404,1165488,1165527,1165741,1165813,1165873,1165929,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735
CVE References: CVE-2019-19768,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.37.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.37.1, kernel-default-4.12.14-197.37.1, kernel-docs-4.12.14-197.37.1, kernel-kvmsmall-4.12.14-197.37.1, kernel-obs-qa-4.12.14-197.37.1, kernel-source-4.12.14-197.37.1, kernel-vanilla-4.12.14-197.37.1, kernel-zfcpdump-4.12.14-197.37.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.37.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.37.1, kernel-obs-build-4.12.14-197.37.1, kernel-source-4.12.14-197.37.1, kernel-syms-4.12.14-197.37.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.37.1, kernel-source-4.12.14-197.37.1, kernel-zfcpdump-4.12.14-197.37.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 11 Swamp Workflow Management 2020-03-31 22:32:17 UTC

SUSE-SU-2020:0836-1: An update that solves 5 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1051858,1056686,1060463,1065729,1103990,1103992,1104353,1104745,1109837,1111666,1111974,1112178,1112374,1113956,1114279,1114685,1119680,1127611,1133021,1134090,1136157,1141895,1144333,1146539,1156510,1157424,1158187,1159285,1160659,1161561,1161951,1162928,1162929,1162931,1164078,1164507,1165111,1165404,1165488,1165527,1165741,1165813,1165873,1165929,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735
CVE References: CVE-2019-19768,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.37.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.37.1, kernel-default-4.12.14-197.37.1, kernel-docs-4.12.14-197.37.1, kernel-kvmsmall-4.12.14-197.37.1, kernel-obs-qa-4.12.14-197.37.1, kernel-source-4.12.14-197.37.1, kernel-vanilla-4.12.14-197.37.1, kernel-zfcpdump-4.12.14-197.37.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.37.1, kernel-livepatch-SLE15-SP1_Update_10-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.37.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.37.1, kernel-obs-build-4.12.14-197.37.1, kernel-source-4.12.14-197.37.1, kernel-syms-4.12.14-197.37.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.37.1, kernel-source-4.12.14-197.37.1, kernel-zfcpdump-4.12.14-197.37.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 12 Jan Kara 2020-04-06 15:58:55 UTC

I've pushed out the fixes to cve/linux-3.12 and cve/linux-3.0 branches. I had a look at cve/linux-2.6.32 branch but there I wasn't able to use blktrace at all (ioctl returned with ENOTTY) and so I wasn't able to test the patches. Given how old that branch is and the fact that this problem is triggerable by root only, I just wouldn't bother with that branch.

All is done from my side, reassigning back to security team.

Comment 19 Swamp Workflow Management 2020-04-23 13:19:12 UTC

SUSE-SU-2020:1085-1: An update that solves 11 vulnerabilities and has 91 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.18.1, kernel-rt_debug-4.12.14-8.18.1, kernel-source-rt-4.12.14-8.18.1, kernel-syms-rt-4.12.14-8.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2020-04-23 13:52:49 UTC

SUSE-SU-2020:1084-1: An update that solves 11 vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1141895,1142685,1144333,1145051,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159142,1159198,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163508,1163762,1164078,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166982,1167005,1167216,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168273,1168276,1168295,1168367,1168424,1168443,1168552,1168829,1168854,1169013,1169307,1169308
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.8.1, kernel-rt_debug-4.12.14-10.8.1, kernel-source-rt-4.12.14-10.8.1, kernel-syms-rt-4.12.14-10.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 22 Swamp Workflow Management 2020-04-23 19:19:46 UTC

SUSE-SU-2020:1087-1: An update that solves 12 vulnerabilities and has 139 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1051858,1056686,1060463,1065600,1065729,1071995,1083647,1085030,1103990,1103992,1104353,1104745,1109837,1109911,1111666,1111974,1112178,1112374,1113956,1114279,1114685,1118338,1119680,1120386,1127611,1133021,1134090,1136157,1136333,1137325,1141895,1142685,1144333,1145051,1145929,1146539,1148868,1156510,1157424,1158187,1158983,1159037,1159198,1159199,1159285,1160659,1161561,1161951,1162171,1162929,1162931,1163403,1163897,1163971,1164078,1164284,1164507,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.30.1, kernel-source-azure-4.12.14-8.30.1, kernel-syms-azure-4.12.14-8.30.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Swamp Workflow Management 2020-04-27 13:21:05 UTC

SUSE-SU-2020:1118-1: An update that solves 12 vulnerabilities and has 139 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1164078,1164284,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.13.1, kernel-source-azure-4.12.14-16.13.1, kernel-syms-azure-4.12.14-16.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Swamp Workflow Management 2020-04-27 13:38:33 UTC

SUSE-SU-2020:1119-1: An update that solves 11 vulnerabilities and has 96 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1071995,1083647,1085030,1104967,1109911,1111666,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.40.1, kernel-source-azure-4.12.14-6.40.1, kernel-syms-azure-4.12.14-6.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 25 Swamp Workflow Management 2020-04-28 10:27:43 UTC

SUSE-SU-2020:1123-1: An update that solves 10 vulnerabilities and has 89 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1051858,1056686,1060463,1065729,1083647,1085030,1103990,1103992,1104353,1104745,1109837,1109911,1111666,1111974,1112178,1112374,1113956,1114279,1114685,1119680,1120386,1127611,1133021,1134090,1136157,1141895,1144333,1145051,1146539,1157424,1158187,1158983,1159198,1159285,1160659,1161561,1161951,1162171,1162929,1162931,1164078,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166982,1167005,1167216,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168273,1168276,1168295,1168367,1168424,1168443,1168552,1168829,1168854,1169013,1169307,1169308
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.23.1, kernel-rt_debug-4.12.14-14.23.1, kernel-source-rt-4.12.14-14.23.1, kernel-syms-rt-4.12.14-14.23.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.23.1, kernel-rt_debug-4.12.14-14.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 26 Swamp Workflow Management 2020-04-29 16:18:29 UTC

SUSE-SU-2020:1141-1: An update that solves 11 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kgraft-patch-SLE12-SP4_Update_13-1-6.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 27 Swamp Workflow Management 2020-04-29 16:34:49 UTC

SUSE-SU-2020:1141-1: An update that solves 11 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.51.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.51.1, kernel-obs-build-4.12.14-95.51.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kernel-source-4.12.14-95.51.1, kernel-syms-4.12.14-95.51.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kgraft-patch-SLE12-SP4_Update_13-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.51.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Swamp Workflow Management 2020-04-29 16:50:28 UTC

SUSE-SU-2020:1142-1: An update that solves 13 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144162,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1163971,1164051,1164078,1164115,1164284,1164388,1164471,1164507,1164598,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kgraft-patch-SLE12-SP5_Update_4-1-8.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2020-04-29 17:14:59 UTC

SUSE-SU-2020:1142-1: An update that solves 13 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144162,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1163971,1164051,1164078,1164115,1164284,1164388,1164471,1164507,1164598,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.20.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.20.1, kernel-obs-build-4.12.14-122.20.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kernel-source-4.12.14-122.20.1, kernel-syms-4.12.14-122.20.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kgraft-patch-SLE12-SP5_Update_4-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.20.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Swamp Workflow Management 2020-04-30 19:19:22 UTC

SUSE-SU-2020:14354-1: An update that solves 28 vulnerabilities and has 20 fixes is now available.

Category: security (important)
Bug References: 1012382,1091041,1105327,1131107,1136471,1136922,1146519,1146544,1146612,1148871,1149448,1152631,1156652,1157038,1157070,1157143,1157155,1157157,1157303,1157344,1157678,1157804,1157923,1158381,1158410,1158413,1158427,1158445,1158823,1158824,1158834,1158900,1158904,1159285,1159841,1159908,1159911,1161358,1162928,1162929,1162931,1164078,1165111,1165985,1167629,1168075,1168829,1168854
CVE References: CVE-2019-12456,CVE-2019-14896,CVE-2019-14897,CVE-2019-15213,CVE-2019-15916,CVE-2019-18660,CVE-2019-18675,CVE-2019-19066,CVE-2019-19073,CVE-2019-19074,CVE-2019-19227,CVE-2019-19523,CVE-2019-19524,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19537,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20096,CVE-2020-10942,CVE-2020-11608,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server 11-SP4-LTSS (src):    kernel-bigmem-3.0.101-108.111.1, kernel-default-3.0.101-108.111.1, kernel-ec2-3.0.101-108.111.1, kernel-pae-3.0.101-108.111.1, kernel-ppc64-3.0.101-108.111.1, kernel-source-3.0.101-108.111.1, kernel-syms-3.0.101-108.111.1, kernel-trace-3.0.101-108.111.1, kernel-xen-3.0.101-108.111.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.111.1, kernel-pae-3.0.101-108.111.1, kernel-ppc64-3.0.101-108.111.1, kernel-trace-3.0.101-108.111.1, kernel-xen-3.0.101-108.111.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-108.111.1, kernel-default-3.0.101-108.111.1, kernel-ec2-3.0.101-108.111.1, kernel-pae-3.0.101-108.111.1, kernel-ppc64-3.0.101-108.111.1, kernel-trace-3.0.101-108.111.1, kernel-xen-3.0.101-108.111.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2020-05-12 13:24:44 UTC

SUSE-SU-2020:1255-1: An update that solves 53 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1037216,1075091,1075994,1087082,1087813,1091041,1099279,1120386,1131107,1133147,1136449,1137325,1146519,1146544,1146612,1149591,1153811,1154844,1155311,1155897,1156060,1157038,1157042,1157070,1157143,1157155,1157157,1157158,1157303,1157324,1157333,1157464,1157804,1157923,1158021,1158132,1158381,1158394,1158398,1158410,1158413,1158417,1158427,1158445,1158819,1158823,1158824,1158827,1158834,1158900,1158903,1158904,1159199,1159285,1159297,1159841,1159908,1159910,1159911,1159912,1160195,1162227,1162298,1162928,1162929,1162931,1163971,1164069,1164078,1164846,1165111,1165311,1165873,1165881,1165984,1165985,1167629,1168075,1168295,1168424,1168829,1168854,1170056,1170345,1170778
CVE References: CVE-2017-18255,CVE-2018-21008,CVE-2019-14615,CVE-2019-14895,CVE-2019-14896,CVE-2019-14897,CVE-2019-14901,CVE-2019-15213,CVE-2019-18660,CVE-2019-18675,CVE-2019-18683,CVE-2019-19052,CVE-2019-19062,CVE-2019-19066,CVE-2019-19073,CVE-2019-19074,CVE-2019-19319,CVE-2019-19332,CVE-2019-19447,CVE-2019-19523,CVE-2019-19524,CVE-2019-19525,CVE-2019-19527,CVE-2019-19530,CVE-2019-19531,CVE-2019-19532,CVE-2019-19533,CVE-2019-19534,CVE-2019-19535,CVE-2019-19536,CVE-2019-19537,CVE-2019-19767,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20096,CVE-2019-3701,CVE-2019-5108,CVE-2019-9455,CVE-2019-9458,CVE-2020-10690,CVE-2020-10720,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-2732,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1, kgraft-patch-SLE12-SP2_Update_34-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.129.1, kernel-source-4.4.121-92.129.1, kernel-syms-4.4.121-92.129.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.129.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2020-05-14 13:18:01 UTC

SUSE-SU-2020:1275-1: An update that solves 35 vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 1056134,1087813,1120386,1133147,1137325,1145929,1149591,1154118,1154844,1155689,1157155,1157157,1157303,1157804,1158021,1158642,1158819,1159199,1159285,1159297,1159841,1159908,1159910,1159911,1159912,1160195,1161586,1162227,1162928,1162929,1162931,1163508,1163971,1164009,1164051,1164069,1164078,1164846,1165111,1165311,1165873,1165881,1165984,1165985,1167421,1167423,1167629,1168075,1168295,1168424,1168829,1168854,1170056,1170345,1170778,1170847
CVE References: CVE-2017-18255,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-21008,CVE-2019-11091,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-18675,CVE-2019-19066,CVE-2019-19319,CVE-2019-19447,CVE-2019-19767,CVE-2019-19768,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20096,CVE-2019-3701,CVE-2019-5108,CVE-2019-9455,CVE-2019-9458,CVE-2020-10690,CVE-2020-10720,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-2732,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.116.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.116.1, kernel-source-4.4.180-94.116.1, kernel-syms-4.4.180-94.116.1, kgraft-patch-SLE12-SP3_Update_31-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Swamp Workflow Management 2020-06-18 13:21:59 UTC

SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 Swamp Workflow Management 2020-06-18 13:42:31 UTC

SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.52.1, kernel-livepatch-SLE15_Update_18-1-1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Marcus Meissner 2024-04-15 12:22:56 UTC

released