Bug 1175213 (CVE-2020-14356) - VUL-1: CVE-2020-14356: kernel-source: Use After Free vulnerability in cgroup BPF component
Summary: VUL-1: CVE-2020-14356: kernel-source: Use After Free vulnerability in cgroup ...
Status: RESOLVED FIXED
: 1175503 (view as bug list)
Alias: CVE-2020-14356
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P4 - Low : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/265138/
Whiteboard: CVSSv3.1:SUSE:CVE-2020-14356:5.5:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2020-08-13 07:22 UTC by Alexander Bergmann
Modified: 2024-06-25 15:06 UTC (History)
7 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2020-08-13 07:22:42 UTC 
rh#1868453

It was found that the Linux kernel's NULL pointer dereference could happen during the usage of cgroupv2 (usually when reboot and more likely if virtual machine or docker being used).
After recent commit 090e28b ("netprio_cgroup: Fix unlimited memory leak of v2 cgroups") was merged, the problem could be reproduced much simpler starting with 5.7.x kernels.
The problem introduced with 4.5 kernel, but there is no known way to trigger it, so it was not known until 5.7 kernel.
It could be possible to reproduce the bug by the user without privileges and without reboot if user has an ability to create/close cgroupv2 or this user create a process which is attached to already existing cgroupv2 BPF (but still the user will have to wait till root manually closes cgroupv2 or system is being rebooted).

This commit fixes the problem:
https://github.com/torvalds/linux/commit/94886c86e833dbc8995202b6c6aaff592b7abd24

References:
https://bugzilla.kernel.org/show_bug.cgi?id=208003
https://lore.kernel.org/netdev/CAM_iQpUKQJrj8wE+Qa8NGR3P0L+5Uz=qo-O5+k_P60HzTde6aw%40mail.gmail.com/t/
https://bugzilla.redhat.com/show_bug.cgi?id=1868453
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-14356
Comment 1 Takashi Iwai 2020-08-13 09:39:02 UTC 
The upstream commit ad0f75e5f57ccbcee
    cgroup: fix cgroup_sk_alloc() for sk_clone_lock()

The Fixes tag suggests 4.5 and later, so our 4.12-based and 5.3-based branches are affected.
Comment 2 Michal Koutný 2020-08-13 16:56:39 UTC 
The scenario that can happen:
1) a socket is created by a task inside a v2 (non-root) cgroup c
2) the disabling switch*) happens
3) the socket is cloned (e.g. accept(2)), but not the reference to the cgroup c
4) the clone must be moved to another cgroup d (all tasks in cgroup c must terminate)
5) cgroup c is removed
6) once the cloned socket attempts to access the cgroup, it's use-after-free
   (NULL pointer dereference is consequence of this)

The patch makes sense generally (post 4.5). I didn't examine how the individual steps could be performed by an unpriviliged user. I'll prepare backports:
- SLE15-SP2
- cve/linux-4.12 (this doen't have 090e28b)
- 'master' has the fix already,
- 'stable' ditto.

*) The switch is either modification of attributes of net_cls or net_prio cgroups OR mere migration within net_prio hierarchy (effect of 090e28b).
Comment 3 Michal Koutný 2020-08-14 11:25:53 UTC 
Bummer, KABI break (since we're embedded in `struct sock`). The layout change itself is conservative

  struct sock_cgroup_data {
  	union {
                  {
                          u32     classid;
                          u16     prioidx;
                          u8      padding;
  -                       u8      is_data;
  +                       u8      no_refcnt : 1;
  +                       u8      is_data : 1;
                  } __packed;
  		u64 val;
  	};
  };

However, there can be users checking .is_data == 0 or .val == 0. 
Those would see invalid results if .no_refcnt=1, .is_data=0. This is a reachable combination after the switch (comment 2).

Idea 1) -- ignore this (__GENKSYMS__) since sock_cgroup_data should only be used by cgroup core and net_cls+net_prio controllers.

Idea 2)
#define skcd.no_refcnt (skcd.is_data || !skcd.val) 
-- i.e. implement the new behavior without introducing the additional bitfield.

Although the latter may make future backports more difficult, it's KABI clean. I need to review (the next week) the relevant code once more to check the predicate equality really holds.
Comment 4 Michal Koutný 2020-08-17 17:09:01 UTC 
(In reply to Michal Koutný from comment #3)
> Idea 1) -- ignore this (__GENKSYMS__) since sock_cgroup_data should only be
> used by cgroup core and net_cls+net_prio controllers.
This is preferred solution after discussion on the kernel ML (reasoning is in patches.kabi/sock_cgroup_data-kabi-fix.patch).

I've prepared the following branches:

- users/mkoutny/SLE15-SP2/for-next
- users/mkoutny/cve/linux-4.12/for-next
  - this merges easily only into SLE15-LTSS [1]
- users/mkoutny/SLE15-SP1/for-next, users/mkoutny/SLE12-SP4-LTSS/for-next
  - because patches from CVE need some massaging, these are respective backports

[1] There's no fix for bug 1167290 and the memcg late binding d752a4986532 in SLE15-LTSS, so a similar bug as this one may theoretically occur -- the justification why it doesn't happen is as follows. mem_cgroup_sockets_enabled would disable taking a reference to memcg when cloning a socket (step 3) in comment 2). However, mem_cgroup_sockets_enabled serves as a counter of existing memcgs. Because the original socket is pinning the cloned memcg already, mem_cgroup_sockets_enabled will never be zero when cloning a socket and the reference won't be lost.
Comment 7 OBSbugzilla Bot 2020-08-19 15:48:39 UTC 
This is an autogenerated message for OBS integration:
This bug (1175213) was mentioned in
https://build.opensuse.org/request/show/827918 15.2 / kernel-source
Comment 8 Takashi Iwai 2020-08-20 07:24:17 UTC 
*** Bug 1175503 has been marked as a duplicate of this bug. ***
Comment 9 Swamp Workflow Management 2020-08-21 04:24:27 UTC 
openSUSE-SU-2020:1236-1: An update that solves 7 vulnerabilities and has 109 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1120163,1133021,1149032,1152472,1152489,1153274,1154353,1154488,1155518,1155798,1165933,1167773,1168959,1169771,1171857,1171988,1172197,1172201,1172247,1172963,1173074,1173468,1173573,1173813,1173849,1173941,1173954,1174002,1174072,1174116,1174126,1174127,1174128,1174129,1174185,1174205,1174263,1174264,1174331,1174332,1174333,1174356,1174362,1174396,1174398,1174407,1174409,1174411,1174438,1174462,1174484,1174513,1174527,1174543,1174625,1174627,1174645,1174689,1174737,1174757,1174762,1174770,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175112,1175116,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175213,1175263,1175284,1175296,1175344,1175345,1175346,1175347,1175367,1175377
CVE References: CVE-2020-0305,CVE-2020-10135,CVE-2020-10781,CVE-2020-14331,CVE-2020-14356,CVE-2020-15780,CVE-2020-16166
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    bbswitch-0.8-lp152.6.2.1, crash-7.2.8-lp152.3.2.1, dpdk-19.11.1-lp152.2.5.1, drbd-9.0.22~1+git.fe2b5983-lp152.2.2.1, hdjmod-1.28-lp152.6.2.1, kernel-debug-5.3.18-lp152.36.1, kernel-default-5.3.18-lp152.36.1, kernel-docs-5.3.18-lp152.36.1, kernel-kvmsmall-5.3.18-lp152.36.1, kernel-obs-build-5.3.18-lp152.36.1, kernel-obs-qa-5.3.18-lp152.36.1, kernel-preempt-5.3.18-lp152.36.1, kernel-source-5.3.18-lp152.36.1, kernel-syms-5.3.18-lp152.36.1, mhvtl-1.62-lp152.2.2.1, openafs-1.8.5-lp152.2.2.1, pcfclock-0.44-lp152.4.2.1, rtl8812au-5.6.4.2+git20200318.49e98ff-lp152.2.2.1, sysdig-0.26.5-lp152.3.2.1, v4l2loopback-0.12.5-lp152.2.2.1, vhba-kmp-20200106-lp152.2.2.1, virtualbox-6.1.10-lp152.2.2.1, xtables-addons-3.9-lp152.2.2.1
Comment 13 OBSbugzilla Bot 2020-09-01 14:15:23 UTC 
This is an autogenerated message for OBS integration:
This bug (1175213) was mentioned in
https://build.opensuse.org/request/show/831128 15.1 / kernel-source
Comment 15 Swamp Workflow Management 2020-09-02 19:23:36 UTC 
openSUSE-SU-2020:1325-1: An update that solves 6 vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1083548,1085030,1085308,1087082,1111666,1112178,1113956,1133021,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171688,1172073,1172108,1172418,1172428,1172783,1172871,1172872,1172873,1172963,1173485,1173798,1173954,1174003,1174026,1174205,1174387,1174484,1174547,1174550,1174625,1174689,1174699,1174734,1174771,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873
CVE References: CVE-2018-3639,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.63.1, kernel-default-4.12.14-lp151.28.63.1, kernel-docs-4.12.14-lp151.28.63.1, kernel-kvmsmall-4.12.14-lp151.28.63.1, kernel-obs-build-4.12.14-lp151.28.63.1, kernel-obs-qa-4.12.14-lp151.28.63.1, kernel-source-4.12.14-lp151.28.63.1, kernel-syms-4.12.14-lp151.28.63.1, kernel-vanilla-4.12.14-lp151.28.63.1
Comment 16 Swamp Workflow Management 2020-09-03 19:24:12 UTC 
SUSE-SU-2020:2485-1: An update that solves three vulnerabilities and has 112 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1085030,1120163,1133021,1149032,1152472,1152489,1154353,1154492,1155518,1156395,1159058,1160634,1167773,1169790,1171634,1171688,1172108,1172197,1172247,1172418,1172871,1172963,1173468,1173485,1173798,1173813,1173954,1174002,1174003,1174026,1174387,1174484,1174625,1174645,1174689,1174699,1174737,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175493,1175546,1175550,1175654,1175691,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175834,1175873
CVE References: CVE-2020-14314,CVE-2020-14356,CVE-2020-16166
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.15.1, kernel-source-azure-5.3.18-18.15.1, kernel-syms-azure-5.3.18-18.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2020-09-03 22:22:33 UTC 
SUSE-SU-2020:2486-1: An update that solves four vulnerabilities and has 116 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1085030,1120163,1133021,1149032,1152472,1152489,1153274,1154353,1154488,1154492,1155518,1156395,1159058,1160634,1167773,1169790,1171634,1171688,1172108,1172197,1172247,1172418,1172871,1172963,1173468,1173485,1173798,1173813,1173954,1174002,1174003,1174026,1174205,1174247,1174362,1174387,1174484,1174625,1174645,1174689,1174699,1174737,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175493,1175546,1175550,1175654,1175691,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175834,1175873
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.12.1, kernel-livepatch-SLE15-SP2_Update_2-1-5.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2020-09-03 22:34:47 UTC 
SUSE-SU-2020:2486-1: An update that solves four vulnerabilities and has 116 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1085030,1120163,1133021,1149032,1152472,1152489,1153274,1154353,1154488,1154492,1155518,1156395,1159058,1160634,1167773,1169790,1171634,1171688,1172108,1172197,1172247,1172418,1172871,1172963,1173468,1173485,1173798,1173813,1173954,1174002,1174003,1174026,1174205,1174247,1174362,1174387,1174484,1174625,1174645,1174689,1174699,1174737,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175493,1175546,1175550,1175654,1175691,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175834,1175873
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.12.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.12.1, kernel-livepatch-SLE15-SP2_Update_2-1-5.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.12.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.12.1, kernel-obs-build-5.3.18-24.12.1, kernel-preempt-5.3.18-24.12.1, kernel-source-5.3.18-24.12.1, kernel-syms-5.3.18-24.12.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.12.1, kernel-default-base-5.3.18-24.12.1.9.4.1, kernel-preempt-5.3.18-24.12.1, kernel-source-5.3.18-24.12.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.12.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2020-09-04 19:27:03 UTC 
SUSE-SU-2020:2541-1: An update that solves 7 vulnerabilities and has 130 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171688,1171988,1172073,1172108,1172247,1172418,1172428,1172781,1172782,1172783,1172871,1172872,1172873,1172963,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174887,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.41.1, kernel-source-azure-4.12.14-8.41.1, kernel-syms-azure-4.12.14-8.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2020-09-04 19:46:28 UTC 
SUSE-SU-2020:2540-1: An update that solves 7 vulnerabilities and has 129 fixes is now available.

Category: security (important)
Bug References: 1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171688,1172073,1172108,1172247,1172418,1172428,1172781,1172782,1172783,1172871,1172872,1172873,1172963,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174247,1174387,1174484,1174547,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174887,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873
CVE References: CVE-2018-3639,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.25.1, kernel-source-azure-4.12.14-16.25.1, kernel-syms-azure-4.12.14-16.25.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2020-09-08 19:23:46 UTC 
SUSE-SU-2020:2574-1: An update that solves 7 vulnerabilities and has 131 fixes is now available.

Category: security (important)
Bug References: 1058115,1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.37.1, kgraft-patch-SLE12-SP5_Update_9-1-8.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2020-09-08 19:38:05 UTC 
SUSE-SU-2020:2574-1: An update that solves 7 vulnerabilities and has 131 fixes is now available.

Category: security (important)
Bug References: 1058115,1065600,1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.37.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.37.1, kernel-obs-build-4.12.14-122.37.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.37.1, kernel-source-4.12.14-122.37.1, kernel-syms-4.12.14-122.37.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.37.1, kgraft-patch-SLE12-SP5_Update_9-1-8.5.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.37.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2020-09-09 10:27:36 UTC 
SUSE-SU-2020:2575-1: An update that solves 8 vulnerabilities and has 121 fixes is now available.

Category: security (important)
Bug References: 1058115,1065600,1065729,1071995,1083548,1085030,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1171988,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.56.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.56.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.56.1, kernel-obs-build-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-syms-4.12.14-197.56.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-zfcpdump-4.12.14-197.56.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.56.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2020-09-09 11:09:22 UTC 
SUSE-SU-2020:2575-1: An update that solves 8 vulnerabilities and has 121 fixes is now available.

Category: security (important)
Bug References: 1058115,1065600,1065729,1071995,1083548,1085030,1111666,1112178,1113956,1120163,1133021,1136666,1144333,1152148,1163524,1165629,1166965,1169790,1170232,1171558,1171688,1171988,1172073,1172108,1172247,1172418,1172428,1172871,1172872,1172873,1172963,1173060,1173485,1173798,1173954,1174003,1174026,1174070,1174205,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175667,1175668,1175669,1175670,1175691,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.56.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.56.1, kernel-livepatch-SLE15-SP1_Update_15-1-3.3.2
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.56.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.56.1, kernel-obs-build-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-syms-4.12.14-197.56.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.56.1, kernel-source-4.12.14-197.56.1, kernel-zfcpdump-4.12.14-197.56.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.56.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2020-09-11 10:25:15 UTC 
SUSE-SU-2020:2605-1: An update that solves 8 vulnerabilities and has 122 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1087082,1094912,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1144333,1171988,1172108,1172247,1172418,1172428,1172781,1172782,1172783,1172871,1172872,1172963,1173485,1173798,1173954,1174026,1174070,1174161,1174205,1174247,1174343,1174356,1174387,1174409,1174438,1174462,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174887,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175518,1175526,1175550,1175654,1175666,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175992
CVE References: CVE-2018-3639,CVE-2020-0305,CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.16.1, kernel-rt_debug-4.12.14-10.16.1, kernel-source-rt-4.12.14-10.16.1, kernel-syms-rt-4.12.14-10.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2020-09-11 13:16:13 UTC 
SUSE-SU-2020:2610-1: An update that solves 8 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1058115,1071995,1154366,1165629,1165631,1171988,1172428,1173798,1174205,1174757,1175112,1175122,1175128,1175204,1175213,1175515,1175518,1175691,1175992,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1, kernel-zfcpdump-4.12.14-150.58.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.58.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2020-09-11 13:23:09 UTC 
SUSE-SU-2020:2610-1: An update that solves 8 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1058115,1071995,1154366,1165629,1165631,1171988,1172428,1173798,1174205,1174757,1175112,1175122,1175128,1175204,1175213,1175515,1175518,1175691,1175992,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1, kernel-zfcpdump-4.12.14-150.58.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.58.1, kernel-livepatch-SLE15_Update_20-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.58.1, kernel-docs-4.12.14-150.58.1, kernel-obs-build-4.12.14-150.58.1, kernel-source-4.12.14-150.58.1, kernel-syms-4.12.14-150.58.1, kernel-vanilla-4.12.14-150.58.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.58.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 33 Swamp Workflow Management 2020-09-14 16:16:29 UTC 
SUSE-SU-2020:2623-1: An update that solves 8 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1058115,1071995,1144333,1154366,1165629,1171988,1172428,1172963,1173798,1173954,1174205,1174689,1174699,1174757,1174784,1174978,1175112,1175127,1175213,1175228,1175515,1175518,1175691,1175749,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.60.1, kgraft-patch-SLE12-SP4_Update_16-1-6.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2020-09-14 16:19:43 UTC 
SUSE-SU-2020:2623-1: An update that solves 8 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1058115,1071995,1144333,1154366,1165629,1171988,1172428,1172963,1173798,1173954,1174205,1174689,1174699,1174757,1174784,1174978,1175112,1175127,1175213,1175228,1175515,1175518,1175691,1175749,1176069
CVE References: CVE-2020-10135,CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-14386,CVE-2020-16166,CVE-2020-1749,CVE-2020-24394
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.60.1, kernel-source-4.12.14-95.60.1, kernel-syms-4.12.14-95.60.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.60.1, kgraft-patch-SLE12-SP4_Update_16-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.60.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2020-09-14 22:23:45 UTC 
SUSE-SU-2020:2631-1: An update that solves 5 vulnerabilities and has 124 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1074701,1083548,1085030,1085235,1085308,1087078,1100394,1102640,1105412,1111666,1112178,1113956,1120163,1133021,1144333,1169790,1171688,1172108,1172247,1172418,1172428,1172781,1172782,1172783,1172871,1172872,1172963,1173485,1173798,1173954,1174003,1174026,1174070,1174161,1174205,1174247,1174298,1174299,1174387,1174484,1174547,1174549,1174550,1174625,1174658,1174685,1174689,1174699,1174734,1174757,1174771,1174840,1174841,1174843,1174844,1174845,1174852,1174873,1174887,1174904,1174926,1174968,1175062,1175063,1175064,1175065,1175066,1175067,1175112,1175127,1175128,1175149,1175199,1175213,1175228,1175232,1175284,1175393,1175394,1175396,1175397,1175398,1175399,1175400,1175401,1175402,1175403,1175404,1175405,1175406,1175407,1175408,1175409,1175410,1175411,1175412,1175413,1175414,1175415,1175416,1175417,1175418,1175419,1175420,1175421,1175422,1175423,1175440,1175493,1175515,1175518,1175526,1175550,1175654,1175666,1175668,1175669,1175670,1175767,1175768,1175769,1175770,1175771,1175772,1175786,1175873,1175992
CVE References: CVE-2020-14314,CVE-2020-14331,CVE-2020-14356,CVE-2020-16166,CVE-2020-24394
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.31.1, kernel-rt_debug-4.12.14-14.31.1, kernel-source-rt-4.12.14-14.31.1, kernel-syms-rt-4.12.14-14.31.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Alexandros Toptsoglou 2020-10-27 15:26:25 UTC 
DONE
Comment 38 Swamp Workflow Management 2021-02-05 21:13:00 UTC 
openSUSE-SU-2021:0242-1: An update that solves 79 vulnerabilities and has 676 fixes is now available.

Category: security (moderate)
Bug References: 1034995,1040855,1043347,1044120,1044767,1055014,1055117,1055186,1058115,1061843,1065600,1065729,1066382,1071995,1077428,1085030,1094244,1094840,1109695,1115431,1120163,1129923,1133021,1134760,1136666,1138374,1139944,1148868,1149032,1152148,1152457,1152472,1152489,1153274,1154353,1154488,1154492,1154824,1155518,1155798,1156315,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1158775,1158983,1159058,1159781,1159867,1159886,1160388,1160634,1160947,1161099,1161495,1162002,1162063,1162209,1162400,1162702,1163592,1163727,1164648,1164777,1164780,1165211,1165455,1165629,1165692,1165933,1165975,1166146,1166166,1166340,1166965,1166985,1167030,1167104,1167527,1167651,1167657,1167773,1167851,1168230,1168461,1168468,1168779,1168838,1168952,1168959,1169021,1169094,1169194,1169263,1169514,1169681,1169763,1169771,1169790,1169795,1170011,1170139,1170232,1170284,1170415,1170442,1170617,1170621,1170774,1170879,1170891,1170895,1171000,1171068,1171073,1171078,1171117,1171150,1171156,1171189,1171191,1171218,1171219,1171220,1171236,1171242,1171246,1171285,1171293,1171374,1171390,1171391,1171392,1171417,1171426,1171507,1171513,1171514,1171529,1171530,1171558,1171634,1171644,1171662,1171675,1171688,1171699,1171709,1171730,1171732,1171736,1171739,1171742,1171743,1171759,1171773,1171774,1171775,1171776,1171777,1171778,1171779,1171780,1171781,1171782,1171783,1171784,1171785,1171786,1171787,1171788,1171789,1171790,1171791,1171792,1171793,1171794,1171795,1171796,1171797,1171798,1171799,1171810,1171827,1171828,1171832,1171833,1171834,1171835,1171839,1171840,1171841,1171842,1171843,1171844,1171849,1171857,1171868,1171904,1171915,1171982,1171983,1171988,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172108,1172145,1172169,1172170,1172197,1172201,1172208,1172223,1172247,1172317,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172418,1172419,1172453,1172458,1172467,1172484,1172537,1172543,1172687,1172719,1172733,1172739,1172751,1172757,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172871,1172873,1172938,1172939,1172940,1172956,1172963,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173017,1173068,1173074,1173085,1173115,1173139,1173206,1173267,1173271,1173280,1173284,1173428,1173438,1173461,1173468,1173485,1173514,1173552,1173573,1173625,1173746,1173776,1173798,1173813,1173817,1173818,1173820,1173822,1173823,1173824,1173825,1173826,1173827,1173828,1173830,1173831,1173832,1173833,1173834,1173836,1173837,1173838,1173839,1173841,1173843,1173844,1173845,1173847,1173849,1173860,1173894,1173941,1173954,1174002,1174003,1174018,1174026,1174029,1174072,1174098,1174110,1174111,1174116,1174126,1174127,1174128,1174129,1174146,1174185,1174205,1174244,1174263,1174264,1174331,1174332,1174333,1174345,1174356,1174358,1174362,1174387,1174396,1174398,1174407,1174409,1174411,1174438,1174462,1174484,1174486,1174513,1174527,1174625,1174627,1174645,1174689,1174699,1174737,1174748,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174899,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175079,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175306,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175480,1175493,1175546,1175550,1175599,1175621,1175654,1175667,1175691,1175718,1175721,1175749,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175787,1175807,1175834,1175873,1175882,1175898,1175918,1175952,1175995,1175996,1175997,1175998,1175999,1176000,1176001,1176019,1176022,1176038,1176063,1176069,1176109,1176137,1176180,1176200,1176235,1176236,1176237,1176242,1176354,1176357,1176358,1176359,1176360,1176361,1176362,1176363,1176364,1176365,1176366,1176367,1176381,1176396,1176400,1176423,1176449,1176481,1176485,1176486,1176507,1176536,1176537,1176538,1176539,1176540,1176541,1176542,1176543,1176544,1176545,1176546,1176548,1176558,1176559,1176564,1176586,1176587,1176588,1176659,1176698,1176699,1176700,1176713,1176721,1176722,1176725,1176732,1176763,1176775,1176788,1176789,1176833,1176855,1176869,1176877,1176907,1176925,1176942,1176956,1176962,1176979,1176980,1176983,1176990,1177021,1177030,1177066,1177070,1177086,1177090,1177109,1177121,1177193,1177194,1177206,1177258,1177271,1177281,1177283,1177284,1177285,1177286,1177297,1177326,1177353,1177384,1177397,1177410,1177411,1177470,1177500,1177511,1177617,1177666,1177679,1177681,1177683,1177687,1177694,1177697,1177698,1177703,1177719,1177724,1177725,1177726,1177733,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177820,1177854,1177855,1177856,1177861,1178002,1178049,1178079,1178123,1178166,1178173,1178175,1178176,1178177,1178182,1178183,1178184,1178185,1178186,1178190,1178191,1178203,1178227,1178246,1178255,1178270,1178286,1178307,1178330,1178393,1178395,1178401,1178426,1178461,1178579,1178581,1178584,1178585,1178589,1178590,1178612,1178634,1178635,1178653,1178659,1178660,1178661,1178669,1178686,1178740,1178755,1178756,1178762,1178780,1178838,1178853,1178886,1179001,1179012,1179014,1179015,1179045,1179076,1179082,1179107,1179140,1179141,1179160,1179201,1179204,1179211,1179217,1179419,1179424,1179425,1179426,1179427,1179429,1179432,1179434,1179435,1179442,1179519,1179550,1179575,1179578,1179601,1179604,1179639,1179652,1179656,1179670,1179671,1179672,1179673,1179675,1179676,1179677,1179678,1179679,1179680,1179681,1179682,1179683,1179684,1179685,1179687,1179688,1179689,1179690,1179703,1179704,1179707,1179709,1179710,1179711,1179712,1179713,1179714,1179715,1179716,1179745,1179763,1179887,1179888,1179892,1179896,1179960,1179963,1180027,1180029,1180031,1180052,1180056,1180086,1180117,1180258,1180261,1180349,1180506,1180541,1180559,1180566,173030,744692,789311,954532,995541
CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-0110,CVE-2020-0305,CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-0543,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-10781,CVE-2020-11668,CVE-2020-12351,CVE-2020-12352,CVE-2020-12652,CVE-2020-12656,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14314,CVE-2020-14331,CVE-2020-14351,CVE-2020-14356,CVE-2020-14385,CVE-2020-14386,CVE-2020-14390,CVE-2020-14416,CVE-2020-15393,CVE-2020-15436,CVE-2020-15437,CVE-2020-15780,CVE-2020-16120,CVE-2020-16166,CVE-2020-1749,CVE-2020-24490,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25669,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-27830,CVE-2020-28915,CVE-2020-28941,CVE-2020-28974,CVE-2020-29369,CVE-2020-29370,CVE-2020-29371,CVE-2020-29373,CVE-2020-29660,CVE-2020-29661,CVE-2020-36158,CVE-2020-4788,CVE-2020-8694
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-rt-5.3.18-lp152.3.5.1, kernel-rt_debug-5.3.18-lp152.3.5.1, kernel-source-rt-5.3.18-lp152.3.5.1, kernel-syms-rt-5.3.18-lp152.3.5.1