1170901 – (CVE-2020-12464) VUL-1: CVE-2020-12464: kernel-source: race condition might lead to use after free in usb_sg_cancel

Bug 1170901 (CVE-2020-12464) - VUL-1: CVE-2020-12464: kernel-source: race condition might lead to use after free in usb_sg_cancel

Summary: VUL-1: CVE-2020-12464: kernel-source: race condition might lead to use after ...

Status:	RESOLVED FIXED

Alias:	CVE-2020-12464

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/258832/
Whiteboard:	CVSSv3.1:SUSE:CVE-2020-12464:1.8:(AV...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2020-04-30 08:38 UTC by Alexandros Toptsoglou
Modified:	2024-06-25 14:46 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexandros Toptsoglou 2020-04-30 08:38:28 UTC

CVE-2020-12464

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has
a use-after-free because a transfer occurs without a reference, aka
CID-056ad39ee925.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-12464
https://github.com/torvalds/linux/commit/056ad39ee9253873522f6469c3364964a322912b
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12464
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=056ad39ee9253873522f6469c3364964a322912b
https://lkml.org/lkml/2020/3/23/52
https://patchwork.kernel.org/patch/11463781/

Comment 1 Alexandros Toptsoglou 2020-04-30 09:18:10 UTC

Seems that kernels as back as 4.7 are affected, commit [1] 

[1]https://github.com/torvalds/linux/commit/5f2e5fb873e269fcb806165715d237f0de4ecf1d

Comment 2 Takashi Iwai 2020-04-30 11:47:58 UTC

Already fixed in SLE15-SP2 branch via git-fixes.  I'll update the tag.
The remaining branches need the backport.

Comment 3 Takashi Iwai 2020-04-30 11:54:32 UTC

The fix is backported to cve/linux-4.12 branch now, too.
The older branches look unaffected.

Adding Oliver to Cc to make sure.

Comment 4 Oliver Neukum 2020-04-30 12:24:49 UTC

(In reply to Takashi Iwai from comment #3)
> The fix is backported to cve/linux-4.12 branch now, too.
> The older branches look unaffected.
> 
> Adding Oliver to Cc to make sure.

Yes, the older kernels hold the lock all the time.

Comment 5 Takashi Iwai 2020-04-30 12:31:56 UTC

Thanks for confirmation.  Let's reassign back to security team.

Comment 14 Swamp Workflow Management 2020-06-09 22:23:02 UTC

SUSE-SU-2020:1587-1: An update that solves 24 vulnerabilities and has 133 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1141558,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168503,1168670,1168789,1169005,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171761,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172249,1172251,1172253,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.16.1, kernel-source-azure-4.12.14-16.16.1, kernel-syms-azure-4.12.14-16.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 16 Swamp Workflow Management 2020-06-10 13:31:12 UTC

SUSE-SU-2020:1599-1: An update that solves 24 vulnerabilities and has 126 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168670,1168789,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172249,1172251,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.45.1, kernel-livepatch-SLE15-SP1_Update_12-1-3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 17 Swamp Workflow Management 2020-06-10 13:52:35 UTC

SUSE-SU-2020:1599-1: An update that solves 24 vulnerabilities and has 126 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168670,1168789,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172249,1172251,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.45.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.45.1, kernel-livepatch-SLE15-SP1_Update_12-1-3.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.45.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.45.1, kernel-obs-build-4.12.14-197.45.1, kernel-source-4.12.14-197.45.1, kernel-syms-4.12.14-197.45.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.45.1, kernel-source-4.12.14-197.45.1, kernel-zfcpdump-4.12.14-197.45.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.45.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 OBSbugzilla Bot 2020-06-10 18:45:41 UTC

This is an autogenerated message for OBS integration:
This bug (1170901) was mentioned in
https://build.opensuse.org/request/show/813298 15.1 / kernel-source

Comment 19 Swamp Workflow Management 2020-06-10 19:16:58 UTC

SUSE-SU-2020:1603-1: An update that solves 23 vulnerabilities and has 92 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1082555,1089895,1114279,1133021,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1165183,1165741,1166969,1167574,1167851,1168503,1168670,1169020,1169514,1169525,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171679,1171691,1171694,1171695,1171736,1171761,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.43.1, kernel-source-azure-4.12.14-6.43.1, kernel-syms-azure-4.12.14-6.43.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2020-06-10 19:33:21 UTC

SUSE-SU-2020:1602-1: An update that solves 24 vulnerabilities and has 133 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1141558,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168503,1168670,1168789,1169005,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171761,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172249,1172251,1172253,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.23.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.23.1, kernel-obs-build-4.12.14-122.23.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.23.1, kernel-source-4.12.14-122.23.1, kernel-syms-4.12.14-122.23.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 21 Swamp Workflow Management 2020-06-10 19:48:29 UTC

SUSE-SU-2020:1605-1: An update that solves 23 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1089895,1111666,1114279,1133021,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1165183,1165741,1166969,1167574,1167851,1168503,1168670,1169020,1169514,1169525,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171679,1171691,1171694,1171695,1171736,1171761,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.54.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.54.1, kernel-obs-build-4.12.14-95.54.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.54.1, kernel-source-4.12.14-95.54.1, kernel-syms-4.12.14-95.54.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.54.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 22 Swamp Workflow Management 2020-06-10 20:02:12 UTC

SUSE-SU-2020:1605-1: An update that solves 23 vulnerabilities and has 94 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1089895,1111666,1114279,1133021,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1165183,1165741,1166969,1167574,1167851,1168503,1168670,1169020,1169514,1169525,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171679,1171691,1171694,1171695,1171736,1171761,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.54.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.54.1, kernel-obs-build-4.12.14-95.54.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.54.1, kernel-source-4.12.14-95.54.1, kernel-syms-4.12.14-95.54.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.54.1, kgraft-patch-SLE12-SP4_Update_14-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.54.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Swamp Workflow Management 2020-06-10 20:17:59 UTC

SUSE-SU-2020:1604-1: An update that solves 24 vulnerabilities and has 126 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168670,1168789,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172249,1172251,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.33.1, kernel-source-azure-4.12.14-8.33.1, kernel-syms-azure-4.12.14-8.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Swamp Workflow Management 2020-06-10 20:35:58 UTC

SUSE-SU-2020:1602-1: An update that solves 24 vulnerabilities and has 133 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1083647,1089895,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1141558,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168503,1168670,1168789,1169005,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171761,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172249,1172251,1172253,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12768,CVE-2020-12769,CVE-2020-13143
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.23.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.23.1, kernel-obs-build-4.12.14-122.23.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.23.1, kernel-source-4.12.14-122.23.1, kernel-syms-4.12.14-122.23.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.23.1, kgraft-patch-SLE12-SP5_Update_5-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 25 Swamp Workflow Management 2020-06-13 07:27:17 UTC

openSUSE-SU-2020:0801-1: An update that solves 25 vulnerabilities and has 132 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1083647,1089895,1090036,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1142685,1144333,1151794,1152489,1154824,1157169,1158265,1160388,1160947,1164780,1164871,1165183,1165478,1165741,1166969,1166978,1167574,1167851,1167867,1168332,1168670,1168789,1168829,1168854,1169020,1169514,1169525,1169762,1170056,1170125,1170145,1170284,1170345,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170740,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171252,1171254,1171293,1171417,1171527,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171736,1171817,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172249,1172251,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-11608,CVE-2020-11609,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12769,CVE-2020-13143
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.52.1, kernel-default-4.12.14-lp151.28.52.1, kernel-docs-4.12.14-lp151.28.52.2, kernel-kvmsmall-4.12.14-lp151.28.52.1, kernel-obs-build-4.12.14-lp151.28.52.3, kernel-obs-qa-4.12.14-lp151.28.52.3, kernel-source-4.12.14-lp151.28.52.1, kernel-syms-4.12.14-lp151.28.52.1, kernel-vanilla-4.12.14-lp151.28.52.1

Comment 27 Swamp Workflow Management 2020-06-18 13:32:33 UTC

SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Swamp Workflow Management 2020-06-18 13:53:10 UTC

SUSE-SU-2020:1663-1: An update that solves 55 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1050244,1051510,1051858,1058115,1061840,1065600,1065729,1071995,1085030,1086301,1086313,1086314,1089895,1109911,1114279,1118338,1120386,1134973,1143959,1144333,1151910,1151927,1153917,1154243,1154824,1156286,1157155,1157157,1157692,1158013,1158021,1158026,1158265,1158819,1159028,1159198,1159271,1159285,1159394,1159483,1159484,1159569,1159588,1159841,1159908,1159909,1159910,1159911,1159955,1160195,1160210,1160211,1160218,1160433,1160442,1160476,1160560,1160755,1160756,1160784,1160787,1160802,1160803,1160804,1160917,1160966,1161087,1161514,1161518,1161522,1161523,1161549,1161552,1161555,1161674,1161931,1161933,1161934,1161935,1161936,1161937,1161951,1162067,1162109,1162139,1162928,1162929,1162931,1163971,1164051,1164069,1164078,1164705,1164712,1164727,1164728,1164729,1164730,1164731,1164732,1164733,1164734,1164735,1164871,1165111,1165741,1165873,1165881,1165984,1165985,1166969,1167421,1167423,1167629,1168075,1168276,1168295,1168424,1168670,1168829,1168854,1169390,1169514,1169625,1170056,1170345,1170617,1170618,1170621,1170778,1170901,1171098,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171689,1171982,1171983,1172221,1172317,1172453,1172458
CVE References: CVE-2018-1000199,CVE-2019-14615,CVE-2019-14896,CVE-2019-14897,CVE-2019-16994,CVE-2019-19036,CVE-2019-19045,CVE-2019-19054,CVE-2019-19318,CVE-2019-19319,CVE-2019-19447,CVE-2019-19462,CVE-2019-19768,CVE-2019-19770,CVE-2019-19965,CVE-2019-19966,CVE-2019-20054,CVE-2019-20095,CVE-2019-20096,CVE-2019-20810,CVE-2019-20812,CVE-2019-3701,CVE-2019-9455,CVE-2019-9458,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10942,CVE-2020-11494,CVE-2020-11608,CVE-2020-11609,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-13143,CVE-2020-2732,CVE-2020-7053,CVE-2020-8428,CVE-2020-8647,CVE-2020-8648,CVE-2020-8649,CVE-2020-8834,CVE-2020-8992,CVE-2020-9383
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1, kernel-zfcpdump-4.12.14-150.52.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.52.1, kernel-livepatch-SLE15_Update_18-1-1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.52.1, kernel-docs-4.12.14-150.52.1, kernel-obs-build-4.12.14-150.52.1, kernel-source-4.12.14-150.52.1, kernel-syms-4.12.14-150.52.1, kernel-vanilla-4.12.14-150.52.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Alexandros Toptsoglou 2020-07-10 10:31:18 UTC

Done

Comment 31 Swamp Workflow Management 2020-08-06 22:21:37 UTC

SUSE-SU-2020:2156-1: An update that solves 32 vulnerabilities and has 122 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065729,1071995,1082555,1085030,1089895,1104967,1111666,1114279,1133021,1144333,1148868,1150660,1151794,1152107,1152489,1152624,1154824,1157169,1158265,1158983,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1165183,1165741,1166969,1167574,1167851,1168081,1168503,1168670,1169020,1169194,1169514,1169525,1169625,1169795,1170011,1170056,1170125,1170145,1170345,1170457,1170522,1170592,1170618,1170620,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171217,1171218,1171219,1171220,1171293,1171417,1171424,1171527,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171673,1171679,1171691,1171694,1171695,1171736,1171761,1171868,1171904,1171948,1171949,1171951,1171952,1171982,1171983,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172221,1172253,1172257,1172317,1172342,1172343,1172344,1172366,1172391,1172397,1172453,1172458,1172484,1172759,1172775,1172781,1172782,1172783,1172999,1173265,1173280,1173428,1173462,1173659
CVE References: CVE-2018-1000199,CVE-2019-16746,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12769,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.23.1, kernel-rt_debug-4.12.14-8.23.1, kernel-source-rt-4.12.14-8.23.1, kernel-syms-rt-4.12.14-8.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2020-09-03 13:33:28 UTC

SUSE-SU-2020:2478-1: An update that solves 39 vulnerabilities and has 234 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1065729,1071995,1082555,1083647,1085030,1089895,1103990,1103991,1103992,1104745,1104967,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1137325,1141558,1142685,1144333,1145929,1148868,1150660,1151794,1151927,1152107,1152489,1152624,1154824,1157169,1158265,1158983,1159037,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1163309,1163403,1163897,1164284,1164780,1164871,1165183,1165478,1165741,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166969,1166978,1166985,1167104,1167288,1167574,1167851,1167867,1168081,1168202,1168332,1168486,1168503,1168670,1168760,1168762,1168763,1168764,1168765,1168789,1168881,1168884,1168952,1168959,1169005,1169013,1169020,1169057,1169194,1169390,1169514,1169525,1169625,1169762,1169771,1169795,1170011,1170056,1170125,1170145,1170284,1170345,1170442,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171424,1171527,1171529,1171530,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171673,1171679,1171691,1171692,1171694,1171695,1171732,1171736,1171739,1171743,1171753,1171759,1171761,1171817,1171835,1171841,1171868,1171904,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172218,1172221,1172247,1172249,1172251,1172253,1172257,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453,1172458,1172472,1172484,1172537,1172538,1172687,1172719,1172759,1172770,1172775,1172781,1172782,1172783,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173462,1173514,1173567,1173573,1173659,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174130,1174186,1174187,1174296
CVE References: CVE-2018-1000199,CVE-2019-16746,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-20908,CVE-2019-9455,CVE-2020-0543,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.13.1, kernel-rt_debug-4.12.14-10.13.1, kernel-source-rt-4.12.14-10.13.1, kernel-syms-rt-4.12.14-10.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2020-09-04 10:26:30 UTC

SUSE-SU-2020:2487-1: An update that solves 40 vulnerabilities and has 227 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1065729,1071995,1082555,1083647,1085030,1089895,1090036,1103990,1103991,1103992,1104745,1109837,1111666,1112178,1112374,1113956,1114279,1124278,1127354,1127355,1127371,1133021,1137325,1142685,1144333,1145929,1148868,1150660,1151794,1151927,1152489,1152624,1154824,1157169,1158265,1158983,1159037,1159058,1159199,1160388,1160947,1161016,1162002,1162063,1163309,1163403,1163897,1164284,1164780,1164871,1165183,1165478,1165741,1166780,1166860,1166861,1166862,1166864,1166866,1166867,1166868,1166870,1166940,1166969,1166978,1166985,1167104,1167288,1167574,1167851,1167867,1168081,1168202,1168332,1168486,1168670,1168760,1168762,1168763,1168764,1168765,1168789,1168881,1168884,1168952,1168959,1169020,1169057,1169194,1169390,1169514,1169525,1169625,1169762,1169771,1169795,1170011,1170056,1170125,1170145,1170284,1170345,1170442,1170457,1170522,1170592,1170617,1170618,1170620,1170621,1170770,1170778,1170791,1170901,1171078,1171098,1171118,1171124,1171189,1171191,1171195,1171202,1171205,1171214,1171217,1171218,1171219,1171220,1171244,1171293,1171417,1171424,1171527,1171529,1171530,1171558,1171599,1171600,1171601,1171602,1171604,1171605,1171606,1171607,1171608,1171609,1171610,1171611,1171612,1171613,1171614,1171615,1171616,1171617,1171618,1171619,1171620,1171621,1171622,1171623,1171624,1171625,1171626,1171662,1171679,1171691,1171692,1171694,1171695,1171732,1171736,1171739,1171743,1171753,1171759,1171817,1171835,1171841,1171868,1171904,1171948,1171949,1171951,1171952,1171979,1171982,1171983,1171988,1172017,1172096,1172097,1172098,1172099,1172101,1172102,1172103,1172104,1172127,1172130,1172185,1172188,1172199,1172201,1172202,1172221,1172247,1172249,1172251,1172257,1172317,1172342,1172343,1172344,1172366,1172378,1172391,1172397,1172453,1172458,1172484,1172537,1172538,1172687,1172719,1172759,1172775,1172781,1172782,1172783,1172871,1172872,1172999,1173060,1173074,1173146,1173265,1173280,1173284,1173428,1173514,1173567,1173573,1173746,1173818,1173820,1173825,1173826,1173833,1173838,1173839,1173845,1173857,1174113,1174115,1174122,1174123,1174186,1174187,1174296,1174343,1174356,1174409,1174438,1174462
CVE References: CVE-2018-1000199,CVE-2019-19462,CVE-2019-20806,CVE-2019-20810,CVE-2019-20812,CVE-2019-20908,CVE-2019-9455,CVE-2020-0305,CVE-2020-0543,CVE-2020-10135,CVE-2020-10690,CVE-2020-10711,CVE-2020-10720,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10769,CVE-2020-10773,CVE-2020-10781,CVE-2020-11669,CVE-2020-12114,CVE-2020-12464,CVE-2020-12652,CVE-2020-12653,CVE-2020-12654,CVE-2020-12655,CVE-2020-12656,CVE-2020-12657,CVE-2020-12659,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14416,CVE-2020-15393,CVE-2020-15780
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.28.1, kernel-rt_debug-4.12.14-14.28.1, kernel-source-rt-4.12.14-14.28.1, kernel-syms-rt-4.12.14-14.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.