1159198 – (CVE-2019-19770) VUL-0: CVE-2019-19770: kernel: use-after-free in the debugfs_remove function

Bug 1159198 (CVE-2019-19770) - VUL-0: CVE-2019-19770: kernel: use-after-free in the debugfs_remove function

Summary: VUL-0: CVE-2019-19770: kernel: use-after-free in the debugfs_remove function

Status:	RESOLVED INVALID

Alias:	CVE-2019-19770

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Luis Chamberlain
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/248987/
Whiteboard:	CVSSv2:NVD:CVE-2019-19770:5.0:(AV:N/...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2019-12-13 12:21 UTC by Johannes Segitz
Modified:	2024-06-25 14:11 UTC (History)
CC List:	7 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Johannes Segitz 2019-12-13 12:21:56 UTC

CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free (read) in the
debugfs_remove function in fs/debugfs/inode.c (which is used to remove a file or
directory in debugfs that was previously created with a call to another debugfs
function such as debugfs_create_file).

Seems to be in all kernels

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-19770
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19770.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19770
https://bugzilla.kernel.org/show_bug.cgi?id=205713

Comment 2 Luis Chamberlain 2020-02-17 17:06:50 UTC

The same use-after-free issue exists in fs/tracefs/inode.c, but the CVE was trigger happy, and so does not document this. Al Viro's upstream commit a3d1e7eb5abe3aa1095bc75d1a6760d3809bd672 (simple_recursive_removal(): kernel-side rm -rf for ramfs-style filesystems) merged on v5.6-rc1 addresses both of these races by introducing a  recursive call which handles this in a race-free manner and shares the code path in one new caller. I'll be running some selftests to ensure no regressions are introduced prior to pushing out though.

Comment 3 Luis Chamberlain 2020-02-19 04:57:32 UTC

(In reply to Luis Chamberlain from comment #2)
> The same use-after-free issue exists in fs/tracefs/inode.c, but the CVE was
> trigger happy, and so does not document this. Al Viro's upstream commit
> a3d1e7eb5abe3aa1095bc75d1a6760d3809bd672 (simple_recursive_removal():
> kernel-side rm -rf for ramfs-style filesystems) merged on v5.6-rc1 addresses
> both of these races by introducing a  recursive call which handles this in a
> race-free manner and shares the code path in one new caller. I'll be running
> some selftests to ensure no regressions are introduced prior to pushing out
> though.

The fix indeed works well, and I cannot detect regressions, based on a battery of tests I ran using ftrace selftests, which include / cover the tracefs code path. There are no debugfs selftests, however reboot covers this.

For v4.12 things are a bit trickier, given that there is a lot of context on Al Viro's commit a3d1e7eb5abe ("simple_recursive_removal(): kernel-side rm -rf for ramfs-style filesystems") which comes from a lot of prior work. Below are the candidates I was able to backport successfully (at least compile time), from oldest to the latest needed commit. Below I list them in 4 groups:

<commit-id> <introduced-on> <commit-name>

Nicolai Stange's per-file removal protection:

7c8d469877b16d2c1cecf101a0abb7b218db85bc v4.15-rc1~89^2~10 debugfs: add support for more elaborate ->d_fsdata
e9117a5a4bf65d8e99f060d356a04d27a60b436d v4.15-rc1~89^2~9 debugfs: implement per-file removal protection
055ab8e3e3d52e005d2047b14ce63551b3a8b8b5 v4.15-rc1~89^2~8 debugfs: debugfs_real_fops(): drop __must_hold sparse annotation
69d29f9e6a53559895e6f785f6cf72daa738f132 v4.15-rc1~89^2~7 debugfs: convert to debugfs_file_get() and -put()
7cda7b8f97da9382bb945d541a85cde58d5dac27 v4.15-rc1~89^2~6 IB/hfi1: convert to debugfs_file_get() and -put()
c9afbec27089cd6b4e621b639f41c7fc726c3bf1 v4.15-rc1~89^2~5 debugfs: purge obsolete SRCU based removal protection
154b9d7512ae012aca7b4e90af67a72419ad1941 v4.15-rc1~89^2~4 debugfs: call debugfs_real_fops() only after debugfs_file_get()
7d39bc50c47b3f8ed0e1a9d671ecb9ec02f10a2d v4.15-rc1~89^2~3 debugfs: defer debugfs_fsdata allocation to first usage

Simple comment fix:                                                                                
0eeb27311f3a06b39ed51027260fb46c8b04357c v5.1-rc1~146^2~55 debugfs: debugfs_use_start/finish do not exist anymore

Amir Goldstein simplification, part of new fs notify calls:
823e545c027795997f29ec5c255aff605cf39e85 v5.3-rc1~153^2~4 debugfs: simplify __debugfs_remove_file()

Al Viros fix:                                                                                
a3d1e7eb5abe3aa1095bc75d1a6760d3809bd672 v5.6-rc1~59^2 simple_recursive_removal(): kernel-side rm -rf for ramfs-style filesystems

Amir Goldstein has other contextual changes, however it is just introducing some new fsnotify calls, which we don't need to port, however the simplification is a worthy port candidate to avoid having to carry the parent pointer in remove callers.

Nicolai Stange's per-file removal protection patch set however cannot be backported as-is as it would break kabi. This patch set was previously already evaluated by Jeff Mahoney on bsc#1109911, and it was decided that the gains are not worthy for a work around.

It *may* be possible to address the backport of Al Viro's changes using the old debugfs_use_start/finish calls, however since Nicolai is with us now, it would be prudent to have his feedback on this.

Comment 12 Michal Hocko 2020-03-27 17:03:02 UTC

Btw. do we have any potential exploit scenario? What would need to happen for the use-after-free to happen?

Comment 13 Luis Chamberlain 2020-03-27 17:18:24 UTC

(In reply to Michal Hocko from comment #12)
> Btw. do we have any potential exploit scenario? What would need to happen
> for the use-after-free to happen?

The context of the original cve was just debugfs, however my code analysis revealed tracefs was also implicated, and further review is questioning if other filesystems may be implicated as well. The risk of an issue with debugfs is minor as it requires root, and for the user to do something absurd.

With tracefs its different and requires someone to come up with a proof of concept. Likewise implications if the races being observed in patterns of code implicated affect other filesystems, like securityfs.

Comment 15 Luis Chamberlain 2020-04-02 21:36:07 UTC

After much review with Nicolai we have decided instead to contest this CVE. The bug report is worthy, but only to find its root cause. In finding the root cause we have found that the issue is not the core debugfs code the kernel, given that the implications would have meant that parent dentries can sometimes not be positive. Instead we have root caused this issue to a sloppy way to use debugfs within blktreace.

Patches have been posted for public review to fix the blktrace issue, present also on linux-next as of today [0], a reproducer has been provided [1], and the CVE is being disputed [3].

The effort to roll in put into older releases simple_recursive_removal() is being kept where already merged, as we are in a better place with the changes. Once a proper patch for this for blktrace is reviewed and accepted upstream we can merge a fix for this for the latest release, however since the severity of the real issue is only exposed if you are root, using blktrace incorrectly on a block device which appears / disappears, it does not make sense at this time to backport this to all supported releases as a security fix.

This bug report will be closed once a fix for blktrace is merged to our latest release.

[0] https://lkml.kernel.org/r/20200402000002.7442-1-mcgrof@kernel.org               
[1] https://github.com/mcgrof/break-blktrace
[3] https://github.com/CVEProject/cvelist/pull/3521

Comment 18 Swamp Workflow Management 2020-04-17 15:51:47 UTC

This is an autogenerated message for OBS integration:
This bug (1159198) was mentioned in
https://build.opensuse.org/request/show/794946 15.1 / kernel-source

Comment 21 Michal Hocko 2020-04-20 08:30:22 UTC

It is clear the CVE is bogus. Can we dispute it finally please?

Comment 22 Alexandros Toptsoglou 2020-04-20 08:40:48 UTC

(In reply to Michal Hocko from comment #21)
> It is clear the CVE is bogus. Can we dispute it finally please?

it is already disputed [1]

[1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19770

Comment 23 Alexandros Toptsoglou 2020-04-20 08:45:04 UTC

closing since it is disputed

Comment 25 Luis Chamberlain 2020-04-20 17:28:24 UTC

(In reply to Alexandros Toptsoglou from comment #22)
> (In reply to Michal Hocko from comment #21)
> > It is clear the CVE is bogus. Can we dispute it finally please?
> 
> it is already disputed [1]
> 
> [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19770

Yes, I submitted that dispute, one of the links in the dispute is to my first iteration of RFC patches to fix this.

Comment 26 Luis Chamberlain 2020-04-20 17:30:26 UTC

(In reply to Alexandros Toptsoglou from comment #23)
> closing since it is disputed

So although this is disputed and at this point I am certain the issue is not what the CVE reports, the bug report *does* however reveal a regression in the kernel in the block layer which helped to trigger this bug in an easier way.

Should I open up another bug report for that issue, as we will need to merge those fixes for the block layer for SLE15-SP2 and SLE12-SP5. Older releases are not affected.

Comment 27 Michal Hocko 2020-04-21 07:28:59 UTC

(In reply to Luis Chamberlain from comment #26)
[...]
> Should I open up another bug report for that issue, as we will need to merge
> those fixes for the block layer for SLE15-SP2 and SLE12-SP5. Older releases
> are not affected.

Yes please! This one is closed as invalid for future reference.

Thanks for pushing this through. The CVE sounded really fishy from very beginning.

Comment 28 Swamp Workflow Management 2020-04-23 13:19:03 UTC

SUSE-SU-2020:1085-1: An update that solves 11 vulnerabilities and has 91 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.18.1, kernel-rt_debug-4.12.14-8.18.1, kernel-source-rt-4.12.14-8.18.1, kernel-syms-rt-4.12.14-8.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2020-04-23 13:34:27 UTC

openSUSE-SU-2020:0543-1: An update that solves 7 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 1051510,1065600,1065729,1083647,1085030,1109911,1111666,1113956,1114279,1118338,1120386,1137325,1142685,1145051,1145929,1148868,1157424,1158983,1159037,1159198,1159199,1161561,1161951,1162171,1163403,1163897,1164284,1164777,1164780,1164893,1165019,1165182,1165185,1165211,1165823,1165949,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8834
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.48.1, kernel-default-4.12.14-lp151.28.48.1, kernel-docs-4.12.14-lp151.28.48.1, kernel-kvmsmall-4.12.14-lp151.28.48.1, kernel-obs-build-4.12.14-lp151.28.48.1, kernel-obs-qa-4.12.14-lp151.28.48.1, kernel-source-4.12.14-lp151.28.48.1, kernel-syms-4.12.14-lp151.28.48.1, kernel-vanilla-4.12.14-lp151.28.48.1

Comment 30 Swamp Workflow Management 2020-04-23 13:52:42 UTC

SUSE-SU-2020:1084-1: An update that solves 11 vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1141895,1142685,1144333,1145051,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159142,1159198,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163508,1163762,1164078,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166982,1167005,1167216,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168273,1168276,1168295,1168367,1168424,1168443,1168552,1168829,1168854,1169013,1169307,1169308
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.8.1, kernel-rt_debug-4.12.14-10.8.1, kernel-source-rt-4.12.14-10.8.1, kernel-syms-rt-4.12.14-10.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2020-04-23 19:19:32 UTC

SUSE-SU-2020:1087-1: An update that solves 12 vulnerabilities and has 139 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1051858,1056686,1060463,1065600,1065729,1071995,1083647,1085030,1103990,1103992,1104353,1104745,1109837,1109911,1111666,1111974,1112178,1112374,1113956,1114279,1114685,1118338,1119680,1120386,1127611,1133021,1134090,1136157,1136333,1137325,1141895,1142685,1144333,1145051,1145929,1146539,1148868,1156510,1157424,1158187,1158983,1159037,1159198,1159199,1159285,1160659,1161561,1161951,1162171,1162929,1162931,1163403,1163897,1163971,1164078,1164284,1164507,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.30.1, kernel-source-azure-4.12.14-8.30.1, kernel-syms-azure-4.12.14-8.30.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2020-04-27 13:20:49 UTC

SUSE-SU-2020:1118-1: An update that solves 12 vulnerabilities and has 139 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1164078,1164284,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.13.1, kernel-source-azure-4.12.14-16.13.1, kernel-syms-azure-4.12.14-16.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2020-04-27 13:38:18 UTC

SUSE-SU-2020:1119-1: An update that solves 11 vulnerabilities and has 96 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1071995,1083647,1085030,1104967,1109911,1111666,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.40.1, kernel-source-azure-4.12.14-6.40.1, kernel-syms-azure-4.12.14-6.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Swamp Workflow Management 2020-04-28 10:27:36 UTC

SUSE-SU-2020:1123-1: An update that solves 10 vulnerabilities and has 89 fixes is now available.

Category: security (important)
Bug References: 1044231,1051510,1051858,1056686,1060463,1065729,1083647,1085030,1103990,1103992,1104353,1104745,1109837,1109911,1111666,1111974,1112178,1112374,1113956,1114279,1114685,1119680,1120386,1127611,1133021,1134090,1136157,1141895,1144333,1145051,1146539,1157424,1158187,1158983,1159198,1159285,1160659,1161561,1161951,1162171,1162929,1162931,1164078,1164507,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166982,1167005,1167216,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168273,1168276,1168295,1168367,1168424,1168443,1168552,1168829,1168854,1169013,1169307,1169308
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.23.1, kernel-rt_debug-4.12.14-14.23.1, kernel-source-rt-4.12.14-14.23.1, kernel-syms-rt-4.12.14-14.23.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.23.1, kernel-rt_debug-4.12.14-14.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Swamp Workflow Management 2020-04-29 16:18:13 UTC

SUSE-SU-2020:1141-1: An update that solves 11 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kgraft-patch-SLE12-SP4_Update_13-1-6.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Swamp Workflow Management 2020-04-29 16:34:33 UTC

SUSE-SU-2020:1141-1: An update that solves 11 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1104967,1109911,1114279,1118338,1120386,1133021,1136157,1137325,1144333,1145051,1145929,1146539,1148868,1154385,1157424,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161951,1162929,1162931,1163403,1163508,1163897,1164078,1164284,1164507,1164893,1165019,1165111,1165182,1165404,1165488,1165527,1165741,1165813,1165873,1165949,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1167005,1167288,1167290,1167316,1167421,1167423,1167629,1168075,1168202,1168276,1168295,1168424,1168443,1168486,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169057,1169390,1169514,1169625
CVE References: CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.51.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.51.1, kernel-obs-build-4.12.14-95.51.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kernel-source-4.12.14-95.51.1, kernel-syms-4.12.14-95.51.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.51.1, kgraft-patch-SLE12-SP4_Update_13-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.51.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 37 Swamp Workflow Management 2020-04-29 16:50:12 UTC

SUSE-SU-2020:1142-1: An update that solves 13 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144162,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1163971,1164051,1164078,1164115,1164284,1164388,1164471,1164507,1164598,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kgraft-patch-SLE12-SP5_Update_4-1-8.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Swamp Workflow Management 2020-04-29 17:14:44 UTC

SUSE-SU-2020:1142-1: An update that solves 13 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1044231,1050549,1051510,1051858,1056686,1060463,1065600,1065729,1083647,1085030,1088810,1103990,1103992,1104353,1104745,1104967,1109837,1109911,1111666,1111974,1112178,1112374,1112504,1113956,1114279,1114685,1118338,1119680,1120386,1123328,1127611,1133021,1134090,1134395,1136157,1136333,1137325,1141895,1142685,1144162,1144333,1145051,1145929,1146539,1148868,1154385,1156510,1157424,1158187,1158552,1158983,1159037,1159142,1159198,1159199,1159285,1160659,1161561,1161702,1161951,1162171,1162929,1162931,1163403,1163508,1163762,1163897,1163971,1164051,1164078,1164115,1164284,1164388,1164471,1164507,1164598,1164632,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164777,1164780,1164893,1165019,1165111,1165182,1165185,1165211,1165404,1165488,1165527,1165581,1165741,1165813,1165823,1165873,1165929,1165949,1165950,1165980,1165984,1165985,1166003,1166101,1166102,1166103,1166104,1166632,1166658,1166730,1166731,1166732,1166733,1166734,1166735,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2018-20836,CVE-2019-19768,CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-2732,CVE-2020-8647,CVE-2020-8649,CVE-2020-8834,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.20.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.20.1, kernel-obs-build-4.12.14-122.20.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kernel-source-4.12.14-122.20.1, kernel-syms-4.12.14-122.20.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.20.1, kgraft-patch-SLE12-SP5_Update_4-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.20.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 Swamp Workflow Management 2020-04-29 17:31:20 UTC

SUSE-SU-2020:1146-1: An update that solves 7 vulnerabilities and has 77 fixes is now available.

Category: security (important)
Bug References: 1051510,1065600,1065729,1071995,1083647,1085030,1109911,1111666,1113956,1114279,1118338,1120386,1137325,1142685,1145051,1145929,1148868,1157424,1158983,1159037,1159198,1159199,1161561,1161951,1162171,1163403,1163897,1164284,1164777,1164780,1164893,1165019,1165182,1165185,1165211,1165823,1165949,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8834
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.40.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.40.1, kernel-default-4.12.14-197.40.1, kernel-docs-4.12.14-197.40.1, kernel-kvmsmall-4.12.14-197.40.1, kernel-obs-qa-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-vanilla-4.12.14-197.40.1, kernel-zfcpdump-4.12.14-197.40.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.40.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.40.1, kernel-obs-build-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-syms-4.12.14-197.40.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-zfcpdump-4.12.14-197.40.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Swamp Workflow Management 2020-04-29 17:41:55 UTC

SUSE-SU-2020:1146-1: An update that solves 7 vulnerabilities and has 77 fixes is now available.

Category: security (important)
Bug References: 1051510,1065600,1065729,1071995,1083647,1085030,1109911,1111666,1113956,1114279,1118338,1120386,1137325,1142685,1145051,1145929,1148868,1157424,1158983,1159037,1159198,1159199,1161561,1161951,1162171,1163403,1163897,1164284,1164777,1164780,1164893,1165019,1165182,1165185,1165211,1165823,1165949,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166982,1167005,1167216,1167288,1167290,1167316,1167421,1167423,1167627,1167629,1168075,1168202,1168273,1168276,1168295,1168367,1168424,1168443,1168486,1168552,1168760,1168762,1168763,1168764,1168765,1168829,1168854,1168881,1168884,1168952,1169013,1169057,1169307,1169308,1169390,1169514,1169625
CVE References: CVE-2019-19770,CVE-2019-3701,CVE-2019-9458,CVE-2020-10942,CVE-2020-11494,CVE-2020-11669,CVE-2020-8834
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.40.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-debug-4.12.14-197.40.1, kernel-default-4.12.14-197.40.1, kernel-docs-4.12.14-197.40.1, kernel-kvmsmall-4.12.14-197.40.1, kernel-obs-qa-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-vanilla-4.12.14-197.40.1, kernel-zfcpdump-4.12.14-197.40.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.40.1, kernel-livepatch-SLE15-SP1_Update_11-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.40.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.40.1, kernel-obs-build-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-syms-4.12.14-197.40.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.40.1, kernel-source-4.12.14-197.40.1, kernel-zfcpdump-4.12.14-197.40.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.40.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 43 Swamp Workflow Management 2020-06-18 13:21:44 UTC

SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 44 Swamp Workflow Management 2020-06-18 13:42:16 UTC

SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.52.1, kernel-livepatch-SLE15_Update_18-1-1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.