1177470 – (CVE-2020-16120) VUL-0: CVE-2020-16120: kernel-source: incorrect unprivileged overlayfs permission checking

Bug 1177470 (CVE-2020-16120) - VUL-0: CVE-2020-16120: kernel-source: incorrect unprivileged overlayfs permission checking

Summary: VUL-0: CVE-2020-16120: kernel-source: incorrect unprivileged overlayfs permis...

Status:	RESOLVED FIXED

Alias:	CVE-2020-16120

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/268975/
Whiteboard:	CVSSv3.1:SUSE:CVE-2020-16120:6.2:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2020-10-08 08:14 UTC by Wolfgang Frisch
Modified:	2024-06-25 15:17 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Comment 3 Wolfgang Frisch 2020-10-13 20:52:07 UTC

via oss-security:



Hello,

CVE-2020-16120 - incorrect unprivileged overlayfs permission checking

Giuseppe Scrivano discovered that overlayfs did not properly perform
permission checking when copying up files in an overlayfs, and can be
exploited from within a user namespace, if, for example, unprivileged
user namespaces are allowed.

An attacker can abuse this to get read access to files on the system
that they would not normally be permitted to access.

This likely only has an impact on Ubuntu kernels, where unprivileged
user namespaces are enabled by default.

The following upstream commits address the issue:

  48bd024b8a40d73ad6b086de2615738da0c7004f ("ovl: switch to mounter creds in readdir")
  56230d956739b9cb1cbde439d76227d77979a04d ("ovl: verify permissions in ovl_path_open()")
  05acefb4872dae89e772729efb194af754c877e8 ("ovl: check permission to open real file")

The following commits also may be desired or necessary:

  130fdbc3d1f9966dd4230709c30f3768bccd3065 ("ovl: pass correct flags for opening real directory")
  292f902a40c11f043a5ca1305a114da0e523eaa3 ("ovl: call secutiry hook in ovl_real_ioctl()")

Mitigation on systems where unprivileged user namespaces are enabled
but not needed is to set the kernel.unprivileged_userns_clone sysctl
to 0. e.g.:

  $ sudo sysctl kernel.unprivileged_userns_clone=0

and across reboots by adding a file in /etc/sysctl.d/ that contains:

  kernel.unprivileged_userns_clone=0

Thanks.

-- 
Steve Beattie
<sbeattie@ubuntu.com>

Comment 4 Takashi Iwai 2020-10-14 07:58:40 UTC

Goldwyn, can your tame take care of this?

Comment 8 Swamp Workflow Management 2020-11-03 14:19:14 UTC

SUSE-SU-2020:3122-1: An update that solves three vulnerabilities and has 31 fixes is now available.

Category: security (important)
Bug References: 1055014,1055186,1061843,1065729,1077428,1129923,1134760,1152489,1174748,1174969,1175052,1175898,1176485,1176713,1177086,1177353,1177410,1177411,1177470,1177739,1177749,1177750,1177754,1177755,1177765,1177814,1177817,1177854,1177855,1177856,1177861,1178002,1178079,1178246
CVE References: CVE-2020-14351,CVE-2020-16120,CVE-2020-25285
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.34.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.34.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.34.1, kernel-obs-build-5.3.18-24.34.1, kernel-preempt-5.3.18-24.34.1, kernel-source-5.3.18-24.34.1, kernel-syms-5.3.18-24.34.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.34.1, kernel-default-base-5.3.18-24.34.1.9.11.2, kernel-preempt-5.3.18-24.34.1, kernel-source-5.3.18-24.34.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 9 Swamp Workflow Management 2020-11-03 14:33:27 UTC

SUSE-SU-2020:3122-1: An update that solves three vulnerabilities and has 31 fixes is now available.

Category: security (important)
Bug References: 1055014,1055186,1061843,1065729,1077428,1129923,1134760,1152489,1174748,1174969,1175052,1175898,1176485,1176713,1177086,1177353,1177410,1177411,1177470,1177739,1177749,1177750,1177754,1177755,1177765,1177814,1177817,1177854,1177855,1177856,1177861,1178002,1178079,1178246
CVE References: CVE-2020-14351,CVE-2020-16120,CVE-2020-25285
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.34.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.34.1, kernel-livepatch-SLE15-SP2_Update_6-1-5.3.2
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.34.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.34.1, kernel-obs-build-5.3.18-24.34.1, kernel-preempt-5.3.18-24.34.1, kernel-source-5.3.18-24.34.1, kernel-syms-5.3.18-24.34.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.34.1, kernel-default-base-5.3.18-24.34.1.9.11.2, kernel-preempt-5.3.18-24.34.1, kernel-source-5.3.18-24.34.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 Swamp Workflow Management 2020-11-10 23:27:30 UTC

SUSE-SU-2020:3272-1: An update that solves 8 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1055014,1061843,1065600,1065729,1066382,1077428,1112178,1131277,1134760,1170415,1171558,1173432,1174748,1176354,1176485,1176560,1176713,1176723,1177086,1177101,1177271,1177281,1177410,1177411,1177470,1177687,1177719,1177740,1177749,1177750,1177753,1177754,1177755,1177766,1177855,1177856,1177861,1178003,1178027,1178166,1178185,1178187,1178188,1178202,1178234,1178330
CVE References: CVE-2020-0430,CVE-2020-14351,CVE-2020-16120,CVE-2020-25285,CVE-2020-25656,CVE-2020-27673,CVE-2020-27675,CVE-2020-8694
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.67.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.67.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.67.1, kernel-obs-build-4.12.14-197.67.1, kernel-source-4.12.14-197.67.1, kernel-syms-4.12.14-197.67.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.67.1, kernel-source-4.12.14-197.67.1, kernel-zfcpdump-4.12.14-197.67.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.67.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Swamp Workflow Management 2020-11-10 23:35:45 UTC

SUSE-SU-2020:3272-1: An update that solves 8 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1055014,1061843,1065600,1065729,1066382,1077428,1112178,1131277,1134760,1170415,1171558,1173432,1174748,1176354,1176485,1176560,1176713,1176723,1177086,1177101,1177271,1177281,1177410,1177411,1177470,1177687,1177719,1177740,1177749,1177750,1177753,1177754,1177755,1177766,1177855,1177856,1177861,1178003,1178027,1178166,1178185,1178187,1178188,1178202,1178234,1178330
CVE References: CVE-2020-0430,CVE-2020-14351,CVE-2020-16120,CVE-2020-25285,CVE-2020-25656,CVE-2020-27673,CVE-2020-27675,CVE-2020-8694
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.67.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.67.1, kernel-livepatch-SLE15-SP1_Update_18-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.67.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.67.1, kernel-obs-build-4.12.14-197.67.1, kernel-source-4.12.14-197.67.1, kernel-syms-4.12.14-197.67.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.67.1, kernel-source-4.12.14-197.67.1, kernel-zfcpdump-4.12.14-197.67.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.67.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2020-11-11 14:22:49 UTC

SUSE-SU-2020:3281-1: An update that solves 11 vulnerabilities and has 58 fixes is now available.

Category: security (important)
Bug References: 1055014,1061843,1065600,1065729,1066382,1077428,1112178,1114648,1131277,1134760,1140683,1152624,1157424,1163592,1168468,1171558,1171675,1172538,1172757,1173432,1174748,1175520,1175716,1176354,1176381,1176395,1176400,1176410,1176485,1176560,1176713,1176723,1176946,1177027,1177086,1177101,1177258,1177271,1177281,1177340,1177359,1177410,1177411,1177470,1177511,1177685,1177687,1177719,1177724,1177725,1177740,1177749,1177750,1177753,1177754,1177755,1177766,1177855,1177856,1177861,1178027,1178166,1178185,1178187,1178188,1178202,1178234,1178330,936888
CVE References: CVE-2020-0430,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-16120,CVE-2020-25212,CVE-2020-25285,CVE-2020-25645,CVE-2020-25656,CVE-2020-27673,CVE-2020-27675
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.34.1, kernel-source-azure-4.12.14-16.34.1, kernel-syms-azure-4.12.14-16.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 21 OBSbugzilla Bot 2020-11-11 14:53:03 UTC

This is an autogenerated message for OBS integration:
This bug (1177470) was mentioned in
https://build.opensuse.org/request/show/847816 15.1 / kernel-source

Comment 22 OBSbugzilla Bot 2020-11-11 16:43:02 UTC

This is an autogenerated message for OBS integration:
This bug (1177470) was mentioned in
https://build.opensuse.org/request/show/847899 15.2 / kernel-source

Comment 23 Swamp Workflow Management 2020-11-12 17:33:08 UTC

openSUSE-SU-2020:1901-1: An update that solves 7 vulnerabilities and has 44 fixes is now available.

Category: security (important)
Bug References: 1055014,1058115,1061843,1065600,1065729,1066382,1077428,1112178,1131277,1134760,1163592,1167030,1170415,1171558,1173432,1174748,1176354,1176485,1176560,1176713,1176723,1176907,1177086,1177101,1177271,1177281,1177410,1177411,1177470,1177687,1177719,1177740,1177749,1177750,1177753,1177754,1177755,1177766,1177855,1177856,1177861,1178027,1178123,1178166,1178185,1178187,1178188,1178202,1178234,1178330,936888
CVE References: CVE-2020-0430,CVE-2020-14351,CVE-2020-16120,CVE-2020-25285,CVE-2020-25656,CVE-2020-25668,CVE-2020-8694
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.79.1, kernel-default-4.12.14-lp151.28.79.1, kernel-docs-4.12.14-lp151.28.79.2, kernel-kvmsmall-4.12.14-lp151.28.79.1, kernel-obs-build-4.12.14-lp151.28.79.1, kernel-obs-qa-4.12.14-lp151.28.79.1, kernel-source-4.12.14-lp151.28.79.1, kernel-syms-4.12.14-lp151.28.79.1, kernel-vanilla-4.12.14-lp151.28.79.1

Comment 24 Swamp Workflow Management 2020-11-13 14:18:08 UTC

openSUSE-SU-2020:1906-1: An update that solves 7 vulnerabilities and has 65 fixes is now available.

Category: security (important)
Bug References: 1055014,1055186,1061843,1065600,1065729,1066382,1077428,1129923,1134760,1149032,1152489,1163592,1164648,1166146,1166166,1167030,1170415,1174748,1174969,1175052,1175306,1175749,1175898,1176354,1176485,1176713,1177086,1177281,1177353,1177410,1177411,1177470,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177854,1177855,1177856,1177861,1178002,1178079,1178123,1178166,1178173,1178175,1178176,1178177,1178183,1178184,1178185,1178186,1178190,1178191,1178246,1178255,1178307,1178330,1178393,1178395,1178461,1178579,1178581,1178584,1178585
CVE References: CVE-2020-14351,CVE-2020-16120,CVE-2020-25285,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-8694
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.50.1, kernel-default-5.3.18-lp152.50.1, kernel-docs-5.3.18-lp152.50.1, kernel-kvmsmall-5.3.18-lp152.50.1, kernel-obs-build-5.3.18-lp152.50.1, kernel-obs-qa-5.3.18-lp152.50.1, kernel-preempt-5.3.18-lp152.50.1, kernel-source-5.3.18-lp152.50.1, kernel-syms-5.3.18-lp152.50.1

Comment 25 Swamp Workflow Management 2020-11-13 20:18:43 UTC

SUSE-SU-2020:3326-1: An update that solves 7 vulnerabilities, contains one feature and has 47 fixes is now available.

Category: security (moderate)
Bug References: 1055014,1058115,1061843,1065600,1065729,1066382,1077428,1112178,1114648,1131277,1134760,1157424,1163592,1167030,1170415,1171558,1172538,1173432,1174748,1175520,1175721,1176354,1176485,1176560,1176723,1176907,1176946,1177086,1177101,1177271,1177281,1177410,1177411,1177470,1177719,1177740,1177749,1177750,1177753,1177754,1177755,1177766,1177855,1177856,1177861,1178003,1178027,1178166,1178185,1178187,1178188,1178202,1178234,1178330
CVE References: CVE-2020-0430,CVE-2020-14351,CVE-2020-16120,CVE-2020-25285,CVE-2020-25656,CVE-2020-25705,CVE-2020-8694
JIRA References: SLE-10886
Sources used:
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.51.2, kgraft-patch-SLE12-SP5_Update_12-1-8.5.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 26 Swamp Workflow Management 2020-11-13 20:25:08 UTC

SUSE-SU-2020:3326-1: An update that solves 7 vulnerabilities, contains one feature and has 47 fixes is now available.

Category: security (moderate)
Bug References: 1055014,1058115,1061843,1065600,1065729,1066382,1077428,1112178,1114648,1131277,1134760,1157424,1163592,1167030,1170415,1171558,1172538,1173432,1174748,1175520,1175721,1176354,1176485,1176560,1176723,1176907,1176946,1177086,1177101,1177271,1177281,1177410,1177411,1177470,1177719,1177740,1177749,1177750,1177753,1177754,1177755,1177766,1177855,1177856,1177861,1178003,1178027,1178166,1178185,1178187,1178188,1178202,1178234,1178330
CVE References: CVE-2020-0430,CVE-2020-14351,CVE-2020-16120,CVE-2020-25285,CVE-2020-25656,CVE-2020-25705,CVE-2020-8694
JIRA References: SLE-10886
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.51.2
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.51.2, kernel-obs-build-4.12.14-122.51.2
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.51.2, kernel-source-4.12.14-122.51.2, kernel-syms-4.12.14-122.51.2
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.51.2, kgraft-patch-SLE12-SP5_Update_12-1-8.5.2
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.51.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2020-11-23 17:22:31 UTC

SUSE-SU-2020:3484-1: An update that solves 15 vulnerabilities and has 75 fixes is now available.

Category: security (important)
Bug References: 1055014,1058115,1061843,1065600,1065729,1066382,1077428,1112178,1131277,1134760,1140683,1163592,1167030,1168468,1170415,1170446,1170630,1171558,1171675,1172538,1172873,1173432,1174748,1175306,1175520,1175721,1176354,1176381,1176382,1176400,1176485,1176560,1176713,1176723,1176855,1176907,1176946,1176983,1177027,1177086,1177101,1177258,1177271,1177281,1177340,1177410,1177411,1177470,1177511,1177513,1177685,1177687,1177703,1177719,1177724,1177725,1177740,1177749,1177750,1177753,1177754,1177755,1177766,1177819,1177820,1177855,1177856,1177861,1178003,1178027,1178123,1178166,1178182,1178185,1178187,1178188,1178202,1178234,1178330,1178393,1178589,1178591,1178622,1178686,1178700,1178765,1178782,1178838,1178878,927455
CVE References: CVE-2020-0430,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-16120,CVE-2020-2521,CVE-2020-25212,CVE-2020-25285,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25669,CVE-2020-25704,CVE-2020-25705,CVE-2020-8694
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.52.1, kernel-source-azure-4.12.14-8.52.1, kernel-syms-azure-4.12.14-8.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2020-11-23 20:23:35 UTC

SUSE-SU-2020:3491-1: An update that solves 14 vulnerabilities and has 90 fixes is now available.

Category: security (important)
Bug References: 1055014,1055186,1061843,1065600,1065729,1066382,1077428,1129923,1134760,1149032,1152489,1155798,1163592,1164648,1165692,1168468,1171675,1171688,1174003,1174098,1174748,1174969,1175052,1175599,1175621,1175718,1175721,1175749,1175807,1175898,1176019,1176354,1176381,1176400,1176485,1176588,1176713,1176907,1176979,1177027,1177086,1177090,1177109,1177121,1177193,1177194,1177206,1177258,1177271,1177281,1177283,1177284,1177285,1177286,1177297,1177353,1177384,1177410,1177411,1177470,1177511,1177617,1177681,1177683,1177687,1177694,1177697,1177719,1177724,1177725,1177726,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177854,1177855,1177856,1177861,1178002,1178079,1178166,1178173,1178175,1178176,1178177,1178183,1178184,1178185,1178186,1178190,1178191,1178246,1178255,1178307,1178330,1178395
CVE References: CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-16120,CVE-2020-24490,CVE-2020-25212,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25705,CVE-2020-27673,CVE-2020-27675
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.24.1, kernel-source-azure-5.3.18-18.24.1, kernel-syms-azure-5.3.18-18.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2020-11-25 14:20:43 UTC

SUSE-SU-2020:3512-1: An update that solves 11 vulnerabilities and has 74 fixes is now available.

Category: security (important)
Bug References: 1055014,1058115,1061843,1065600,1065729,1066382,1077428,1112178,1114648,1131277,1134760,1140683,1152624,1157424,1163592,1167030,1170415,1170446,1171558,1172538,1172757,1173432,1174748,1175306,1175520,1175721,1176354,1176400,1176485,1176560,1176713,1176723,1176855,1176907,1176946,1176983,1177086,1177101,1177271,1177281,1177359,1177410,1177411,1177470,1177685,1177687,1177703,1177719,1177724,1177725,1177729,1177740,1177749,1177750,1177753,1177754,1177755,1177762,1177766,1177819,1177820,1177855,1177856,1177861,1178003,1178027,1178123,1178166,1178185,1178187,1178188,1178202,1178234,1178330,1178393,1178589,1178591,1178607,1178622,1178686,1178700,1178765,1178782,927455,936888
CVE References: CVE-2020-0430,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-16120,CVE-2020-25285,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-25705,CVE-2020-8694
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.22.1, kernel-rt_debug-4.12.14-10.22.1, kernel-source-rt-4.12.14-10.22.1, kernel-syms-rt-4.12.14-10.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2020-11-25 14:30:26 UTC

SUSE-SU-2020:3513-1: An update that solves 11 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1055014,1058115,1061843,1065600,1065729,1066382,1077428,1112178,1131277,1134760,1163592,1167030,1170415,1170446,1171558,1172873,1173432,1174748,1175306,1175721,1176354,1176485,1176560,1176713,1176723,1176855,1176907,1176983,1177086,1177101,1177271,1177281,1177410,1177411,1177470,1177685,1177687,1177703,1177719,1177724,1177725,1177740,1177749,1177750,1177753,1177754,1177755,1177762,1177766,1177819,1177820,1177855,1177856,1177861,1178003,1178027,1178123,1178166,1178185,1178187,1178188,1178202,1178234,1178330,1178393,1178589,1178591,1178622,1178686,1178765,1178782,1178838,927455
CVE References: CVE-2020-0430,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-16120,CVE-2020-25285,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-25705,CVE-2020-8694
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.41.2, kernel-rt_debug-4.12.14-14.41.2, kernel-source-rt-4.12.14-14.41.2, kernel-syms-rt-4.12.14-14.41.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Swamp Workflow Management 2020-11-25 17:23:05 UTC

SUSE-SU-2020:3522-1: An update that solves 12 vulnerabilities and has 103 fixes is now available.

Category: security (important)
Bug References: 1055014,1055186,1061843,1065600,1065729,1066382,1077428,1129923,1134760,1149032,1152489,1162702,1163592,1164648,1165692,1166146,1166166,1167030,1170415,1170446,1171073,1171688,1172873,1174003,1174098,1174748,1174969,1175052,1175306,1175621,1175721,1175749,1175807,1175898,1176180,1176354,1176400,1176485,1176564,1176713,1176907,1176983,1177086,1177090,1177109,1177271,1177281,1177353,1177410,1177411,1177470,1177617,1177681,1177683,1177687,1177694,1177697,1177698,1177703,1177719,1177724,1177725,1177726,1177727,1177729,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177820,1177854,1177855,1177856,1177861,1178002,1178079,1178123,1178166,1178173,1178175,1178176,1178177,1178183,1178184,1178185,1178186,1178190,1178191,1178246,1178255,1178304,1178307,1178330,1178393,1178395,1178461,1178579,1178581,1178584,1178585,1178589,1178591,1178622,1178659,1178661,1178686,1178700,1178782
CVE References: CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-16120,CVE-2020-24490,CVE-2020-25285,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-25705,CVE-2020-28974,CVE-2020-8694
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-16.1, kernel-rt_debug-5.3.18-16.1, kernel-source-rt-5.3.18-16.1, kernel-syms-rt-5.3.18-16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Swamp Workflow Management 2020-11-26 17:23:13 UTC

SUSE-SU-2020:3532-1: An update that solves 26 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1131277,1160947,1161360,1163524,1166965,1170232,1170415,1171417,1172073,1172366,1173115,1173233,1175306,1175721,1175749,1175882,1176011,1176235,1176278,1176381,1176423,1176482,1176485,1176698,1176721,1176722,1176723,1176725,1176732,1176877,1176907,1176922,1176990,1177027,1177086,1177121,1177165,1177206,1177226,1177410,1177411,1177470,1177511,1177513,1177724,1177725,1177766,1178003,1178123,1178330,1178393,1178622,1178765,1178782,1178838
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0430,CVE-2020-0431,CVE-2020-0432,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-14381,CVE-2020-14390,CVE-2020-16120,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27673,CVE-2020-27675,CVE-2020-8694
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.63.1, kernel-livepatch-SLE15_Update_21-1-1.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Swamp Workflow Management 2020-11-26 17:35:20 UTC

SUSE-SU-2020:3532-1: An update that solves 26 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1131277,1160947,1161360,1163524,1166965,1170232,1170415,1171417,1172073,1172366,1173115,1173233,1175306,1175721,1175749,1175882,1176011,1176235,1176278,1176381,1176423,1176482,1176485,1176698,1176721,1176722,1176723,1176725,1176732,1176877,1176907,1176922,1176990,1177027,1177086,1177121,1177165,1177206,1177226,1177410,1177411,1177470,1177511,1177513,1177724,1177725,1177766,1178003,1178123,1178330,1178393,1178622,1178765,1178782,1178838
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0430,CVE-2020-0431,CVE-2020-0432,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-14381,CVE-2020-14390,CVE-2020-16120,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27673,CVE-2020-27675,CVE-2020-8694
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.63.1, kernel-docs-4.12.14-150.63.1, kernel-obs-build-4.12.14-150.63.1, kernel-source-4.12.14-150.63.1, kernel-syms-4.12.14-150.63.1, kernel-vanilla-4.12.14-150.63.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.63.1, kernel-docs-4.12.14-150.63.1, kernel-obs-build-4.12.14-150.63.1, kernel-source-4.12.14-150.63.1, kernel-syms-4.12.14-150.63.1, kernel-vanilla-4.12.14-150.63.1, kernel-zfcpdump-4.12.14-150.63.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.63.1, kernel-livepatch-SLE15_Update_21-1-1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.63.1, kernel-docs-4.12.14-150.63.1, kernel-obs-build-4.12.14-150.63.1, kernel-source-4.12.14-150.63.1, kernel-syms-4.12.14-150.63.1, kernel-vanilla-4.12.14-150.63.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.63.1, kernel-docs-4.12.14-150.63.1, kernel-obs-build-4.12.14-150.63.1, kernel-source-4.12.14-150.63.1, kernel-syms-4.12.14-150.63.1, kernel-vanilla-4.12.14-150.63.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.63.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 37 Swamp Workflow Management 2020-11-26 20:30:14 UTC

SUSE-SU-2020:3544-1: An update that solves 26 vulnerabilities and has 34 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1131277,1160947,1163524,1166965,1168468,1170139,1170232,1170415,1171417,1171675,1172073,1172366,1173115,1173233,1175228,1175306,1175721,1175882,1176011,1176235,1176278,1176381,1176423,1176482,1176485,1176698,1176721,1176722,1176723,1176725,1176732,1176869,1176907,1176922,1176935,1176950,1176990,1177027,1177086,1177121,1177206,1177340,1177410,1177411,1177470,1177511,1177724,1177725,1177766,1177816,1178123,1178330,1178393,1178669,1178765,1178782,1178838
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0430,CVE-2020-0431,CVE-2020-0432,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-14381,CVE-2020-14390,CVE-2020-16120,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27673,CVE-2020-27675,CVE-2020-8694
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.65.1, kernel-source-4.12.14-95.65.1, kernel-syms-4.12.14-95.65.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.65.1, kernel-source-4.12.14-95.65.1, kernel-syms-4.12.14-95.65.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.65.1, kernel-source-4.12.14-95.65.1, kernel-syms-4.12.14-95.65.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.65.1, kernel-source-4.12.14-95.65.1, kernel-syms-4.12.14-95.65.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.65.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Swamp Workflow Management 2020-11-26 20:52:45 UTC

SUSE-SU-2020:3544-1: An update that solves 26 vulnerabilities and has 34 fixes is now available.

Category: security (important)
Bug References: 1051510,1058115,1065600,1131277,1160947,1163524,1166965,1168468,1170139,1170232,1170415,1171417,1171675,1172073,1172366,1173115,1173233,1175228,1175306,1175721,1175882,1176011,1176235,1176278,1176381,1176423,1176482,1176485,1176698,1176721,1176722,1176723,1176725,1176732,1176869,1176907,1176922,1176935,1176950,1176990,1177027,1177086,1177121,1177206,1177340,1177410,1177411,1177470,1177511,1177724,1177725,1177766,1177816,1178123,1178330,1178393,1178669,1178765,1178782,1178838
CVE References: CVE-2020-0404,CVE-2020-0427,CVE-2020-0430,CVE-2020-0431,CVE-2020-0432,CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-14381,CVE-2020-14390,CVE-2020-16120,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27673,CVE-2020-27675,CVE-2020-8694
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.65.1, kernel-source-4.12.14-95.65.1, kernel-syms-4.12.14-95.65.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.65.1, kernel-source-4.12.14-95.65.1, kernel-syms-4.12.14-95.65.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.65.1, kernel-source-4.12.14-95.65.1, kernel-syms-4.12.14-95.65.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.65.1, kernel-source-4.12.14-95.65.1, kernel-syms-4.12.14-95.65.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.65.1, kgraft-patch-SLE12-SP4_Update_17-1-6.5.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.65.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 Swamp Workflow Management 2020-11-29 20:23:10 UTC

openSUSE-SU-2020:2112-1: An update that solves 15 vulnerabilities and has 102 fixes is now available.

Category: security (important)
Bug References: 1055014,1055186,1061843,1065600,1065729,1066382,1077428,1129923,1134760,1149032,1152489,1155798,1163592,1164648,1165692,1166146,1166166,1167030,1168468,1170415,1171675,1171688,1174003,1174098,1174748,1174969,1175052,1175306,1175599,1175621,1175718,1175721,1175749,1175807,1175898,1176019,1176354,1176381,1176400,1176485,1176588,1176713,1176907,1176979,1177086,1177090,1177109,1177121,1177193,1177194,1177206,1177258,1177271,1177281,1177283,1177284,1177285,1177286,1177297,1177353,1177384,1177410,1177411,1177470,1177511,1177617,1177681,1177683,1177687,1177694,1177697,1177719,1177724,1177725,1177726,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177854,1177855,1177856,1177861,1178002,1178079,1178123,1178166,1178173,1178175,1178176,1178177,1178183,1178184,1178185,1178186,1178190,1178191,1178246,1178255,1178307,1178330,1178393,1178395,1178461,1178579,1178581,1178584,1178585,802154,954532
CVE References: CVE-2020-12351,CVE-2020-12352,CVE-2020-14351,CVE-2020-16120,CVE-2020-24490,CVE-2020-25212,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25704,CVE-2020-25705,CVE-2020-8694
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-default-base-5.3.18-lp152.50.1.lp152.8.10.1

Comment 40 Wolfgang Frisch 2020-12-09 17:23:27 UTC

Released.

Comment 42 Swamp Workflow Management 2021-02-05 21:29:10 UTC

openSUSE-SU-2021:0242-1: An update that solves 79 vulnerabilities and has 676 fixes is now available.

Category: security (moderate)
Bug References: 1034995,1040855,1043347,1044120,1044767,1055014,1055117,1055186,1058115,1061843,1065600,1065729,1066382,1071995,1077428,1085030,1094244,1094840,1109695,1115431,1120163,1129923,1133021,1134760,1136666,1138374,1139944,1148868,1149032,1152148,1152457,1152472,1152489,1153274,1154353,1154488,1154492,1154824,1155518,1155798,1156315,1156395,1157169,1158050,1158242,1158265,1158748,1158765,1158775,1158983,1159058,1159781,1159867,1159886,1160388,1160634,1160947,1161099,1161495,1162002,1162063,1162209,1162400,1162702,1163592,1163727,1164648,1164777,1164780,1165211,1165455,1165629,1165692,1165933,1165975,1166146,1166166,1166340,1166965,1166985,1167030,1167104,1167527,1167651,1167657,1167773,1167851,1168230,1168461,1168468,1168779,1168838,1168952,1168959,1169021,1169094,1169194,1169263,1169514,1169681,1169763,1169771,1169790,1169795,1170011,1170139,1170232,1170284,1170415,1170442,1170617,1170621,1170774,1170879,1170891,1170895,1171000,1171068,1171073,1171078,1171117,1171150,1171156,1171189,1171191,1171218,1171219,1171220,1171236,1171242,1171246,1171285,1171293,1171374,1171390,1171391,1171392,1171417,1171426,1171507,1171513,1171514,1171529,1171530,1171558,1171634,1171644,1171662,1171675,1171688,1171699,1171709,1171730,1171732,1171736,1171739,1171742,1171743,1171759,1171773,1171774,1171775,1171776,1171777,1171778,1171779,1171780,1171781,1171782,1171783,1171784,1171785,1171786,1171787,1171788,1171789,1171790,1171791,1171792,1171793,1171794,1171795,1171796,1171797,1171798,1171799,1171810,1171827,1171828,1171832,1171833,1171834,1171835,1171839,1171840,1171841,1171842,1171843,1171844,1171849,1171857,1171868,1171904,1171915,1171982,1171983,1171988,1172017,1172046,1172061,1172062,1172063,1172064,1172065,1172066,1172067,1172068,1172069,1172073,1172086,1172095,1172108,1172145,1172169,1172170,1172197,1172201,1172208,1172223,1172247,1172317,1172342,1172343,1172344,1172365,1172366,1172374,1172391,1172393,1172394,1172418,1172419,1172453,1172458,1172467,1172484,1172537,1172543,1172687,1172719,1172733,1172739,1172751,1172757,1172759,1172775,1172781,1172782,1172783,1172814,1172823,1172841,1172871,1172873,1172938,1172939,1172940,1172956,1172963,1172983,1172984,1172985,1172986,1172987,1172988,1172989,1172990,1172999,1173017,1173068,1173074,1173085,1173115,1173139,1173206,1173267,1173271,1173280,1173284,1173428,1173438,1173461,1173468,1173485,1173514,1173552,1173573,1173625,1173746,1173776,1173798,1173813,1173817,1173818,1173820,1173822,1173823,1173824,1173825,1173826,1173827,1173828,1173830,1173831,1173832,1173833,1173834,1173836,1173837,1173838,1173839,1173841,1173843,1173844,1173845,1173847,1173849,1173860,1173894,1173941,1173954,1174002,1174003,1174018,1174026,1174029,1174072,1174098,1174110,1174111,1174116,1174126,1174127,1174128,1174129,1174146,1174185,1174205,1174244,1174263,1174264,1174331,1174332,1174333,1174345,1174356,1174358,1174362,1174387,1174396,1174398,1174407,1174409,1174411,1174438,1174462,1174484,1174486,1174513,1174527,1174625,1174627,1174645,1174689,1174699,1174737,1174748,1174757,1174762,1174770,1174771,1174777,1174805,1174824,1174825,1174852,1174865,1174880,1174897,1174899,1174906,1174969,1175009,1175010,1175011,1175012,1175013,1175014,1175015,1175016,1175017,1175018,1175019,1175020,1175021,1175052,1175079,1175112,1175116,1175128,1175149,1175175,1175176,1175180,1175181,1175182,1175183,1175184,1175185,1175186,1175187,1175188,1175189,1175190,1175191,1175192,1175195,1175199,1175213,1175232,1175263,1175284,1175296,1175306,1175344,1175345,1175346,1175347,1175367,1175377,1175440,1175480,1175493,1175546,1175550,1175599,1175621,1175654,1175667,1175691,1175718,1175721,1175749,1175768,1175769,1175770,1175771,1175772,1175774,1175775,1175787,1175807,1175834,1175873,1175882,1175898,1175918,1175952,1175995,1175996,1175997,1175998,1175999,1176000,1176001,1176019,1176022,1176038,1176063,1176069,1176109,1176137,1176180,1176200,1176235,1176236,1176237,1176242,1176354,1176357,1176358,1176359,1176360,1176361,1176362,1176363,1176364,1176365,1176366,1176367,1176381,1176396,1176400,1176423,1176449,1176481,1176485,1176486,1176507,1176536,1176537,1176538,1176539,1176540,1176541,1176542,1176543,1176544,1176545,1176546,1176548,1176558,1176559,1176564,1176586,1176587,1176588,1176659,1176698,1176699,1176700,1176713,1176721,1176722,1176725,1176732,1176763,1176775,1176788,1176789,1176833,1176855,1176869,1176877,1176907,1176925,1176942,1176956,1176962,1176979,1176980,1176983,1176990,1177021,1177030,1177066,1177070,1177086,1177090,1177109,1177121,1177193,1177194,1177206,1177258,1177271,1177281,1177283,1177284,1177285,1177286,1177297,1177326,1177353,1177384,1177397,1177410,1177411,1177470,1177500,1177511,1177617,1177666,1177679,1177681,1177683,1177687,1177694,1177697,1177698,1177703,1177719,1177724,1177725,1177726,1177733,1177739,1177749,1177750,1177754,1177755,1177765,1177766,1177799,1177801,1177814,1177817,1177820,1177854,1177855,1177856,1177861,1178002,1178049,1178079,1178123,1178166,1178173,1178175,1178176,1178177,1178182,1178183,1178184,1178185,1178186,1178190,1178191,1178203,1178227,1178246,1178255,1178270,1178286,1178307,1178330,1178393,1178395,1178401,1178426,1178461,1178579,1178581,1178584,1178585,1178589,1178590,1178612,1178634,1178635,1178653,1178659,1178660,1178661,1178669,1178686,1178740,1178755,1178756,1178762,1178780,1178838,1178853,1178886,1179001,1179012,1179014,1179015,1179045,1179076,1179082,1179107,1179140,1179141,1179160,1179201,1179204,1179211,1179217,1179419,1179424,1179425,1179426,1179427,1179429,1179432,1179434,1179435,1179442,1179519,1179550,1179575,1179578,1179601,1179604,1179639,1179652,1179656,1179670,1179671,1179672,1179673,1179675,1179676,1179677,1179678,1179679,1179680,1179681,1179682,1179683,1179684,1179685,1179687,1179688,1179689,1179690,1179703,1179704,1179707,1179709,1179710,1179711,1179712,1179713,1179714,1179715,1179716,1179745,1179763,1179887,1179888,1179892,1179896,1179960,1179963,1180027,1180029,1180031,1180052,1180056,1180086,1180117,1180258,1180261,1180349,1180506,1180541,1180559,1180566,173030,744692,789311,954532,995541
CVE References: CVE-2019-19462,CVE-2019-20810,CVE-2019-20812,CVE-2020-0110,CVE-2020-0305,CVE-2020-0404,CVE-2020-0427,CVE-2020-0431,CVE-2020-0432,CVE-2020-0444,CVE-2020-0465,CVE-2020-0466,CVE-2020-0543,CVE-2020-10135,CVE-2020-10711,CVE-2020-10732,CVE-2020-10751,CVE-2020-10757,CVE-2020-10766,CVE-2020-10767,CVE-2020-10768,CVE-2020-10773,CVE-2020-10781,CVE-2020-11668,CVE-2020-12351,CVE-2020-12352,CVE-2020-12652,CVE-2020-12656,CVE-2020-12769,CVE-2020-12771,CVE-2020-12888,CVE-2020-13143,CVE-2020-13974,CVE-2020-14314,CVE-2020-14331,CVE-2020-14351,CVE-2020-14356,CVE-2020-14385,CVE-2020-14386,CVE-2020-14390,CVE-2020-14416,CVE-2020-15393,CVE-2020-15436,CVE-2020-15437,CVE-2020-15780,CVE-2020-16120,CVE-2020-16166,CVE-2020-1749,CVE-2020-24490,CVE-2020-2521,CVE-2020-25212,CVE-2020-25284,CVE-2020-25285,CVE-2020-25641,CVE-2020-25643,CVE-2020-25645,CVE-2020-25656,CVE-2020-25668,CVE-2020-25669,CVE-2020-25704,CVE-2020-25705,CVE-2020-26088,CVE-2020-27068,CVE-2020-27777,CVE-2020-27786,CVE-2020-27825,CVE-2020-27830,CVE-2020-28915,CVE-2020-28941,CVE-2020-28974,CVE-2020-29369,CVE-2020-29370,CVE-2020-29371,CVE-2020-29373,CVE-2020-29660,CVE-2020-29661,CVE-2020-36158,CVE-2020-4788,CVE-2020-8694
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-rt-5.3.18-lp152.3.5.1, kernel-rt_debug-5.3.18-lp152.3.5.1, kernel-source-rt-5.3.18-lp152.3.5.1, kernel-syms-rt-5.3.18-lp152.3.5.1