Bug 1186463 (CVE-2021-0129) - VUL-0: CVE-2021-0129,CVE-2020-26558: kernel-source, bluez: vulnerabilities with bluetooth subsystem (INTEL-SA-00517)
Summary: VUL-0: CVE-2021-0129,CVE-2020-26558: kernel-source, bluez: vulnerabilities wi...
Status: RESOLVED FIXED
Alias: CVE-2021-0129
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Joey Lee
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/300782/
Whiteboard: CVSSv3.1:SUSE:CVE-2021-0129:6.4:(AV:A...
Keywords:
Depends on:
Blocks:
 
Reported: 2021-05-26 08:39 UTC by Robert Frohl
Modified: 2024-06-25 16:03 UTC (History)
9 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 7 Marcus Meissner 2021-06-10 13:33:41 UTC 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html


Summary: 

Potential security vulnerabilities in BlueZ may allow information disclosure.  BlueZ is releasing Linux kernel Bluetooth subsystem updates to mitigate these potential vulnerabilities.
Vulnerability Details:

CVEID:  CVE-2021-0129

Description: Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.

CVSS Base Score: 6.4 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N

 

CVEID:  CVE-2020-26558 (Non-Intel issued)

Description: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.

CVSS Base Score: 4.2 Medium

CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products:

All Linux kernel versions prior to 5.13 that support BlueZ.
Recommendations:

Intel recommends installing the following kernel fix and BlueZ update to address these issues:

https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/commit/net/bluetooth/smp.c?id=6d19628f539fccf899298ff02ee4c73e4bf6df3f

 

https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=00da0fb4972cf59e1c075f313da81ea549cb8738

Or use the following BlueZ releases which already incorporate the fixes:

·         kernel: 5.13

·         userspace:  http://www.bluez.org/release-of-bluez-5-58-and-5-57/
Acknowledgements:

Intel would like to thank Agence Nationale de Securite des Systemes d'Information (ANSSI) for reporting CVE-2021-0129.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.
Comment 8 Al Cho 2021-06-11 10:41:11 UTC 
(In reply to Marcus Meissner from comment #7)
> https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-
> 00517.html
> 
> 
> Summary: 
> 
> Potential security vulnerabilities in BlueZ may allow information
> disclosure.  BlueZ is releasing Linux kernel Bluetooth subsystem updates to
> mitigate these potential vulnerabilities.
> Vulnerability Details:
> 
> CVEID:  CVE-2021-0129
> 
> Description: Improper access control in BlueZ may allow an authenticated
> user to potentially enable information disclosure via adjacent access.
> 
> CVSS Base Score: 6.4 Medium
> 
> CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
> 
>  
> 
> CVEID:  CVE-2020-26558 (Non-Intel issued)
> 
> Description: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core
> Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker
> to identify the Passkey used during pairing (in the Passkey authentication
> procedure) by reflection of the public key and the authentication evidence
> of the initiating device, potentially permitting this attacker to complete
> authenticated pairing with the responding device using the correct Passkey
> for the pairing session. The attack methodology determines the Passkey value
> one bit at a time.
> 
> CVSS Base Score: 4.2 Medium
> 
> CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
> Affected Products:
> 
> All Linux kernel versions prior to 5.13 that support BlueZ.
> Recommendations:
> 
> Intel recommends installing the following kernel fix and BlueZ update to
> address these issues:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/
> commit/net/bluetooth/smp.c?id=6d19628f539fccf899298ff02ee4c73e4bf6df3f
> 
>  
> 
> https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/
> ?id=00da0fb4972cf59e1c075f313da81ea549cb8738
> 
> Or use the following BlueZ releases which already incorporate the fixes:
> 
> ·         kernel: 5.13
> 
> ·         userspace:  http://www.bluez.org/release-of-bluez-5-58-and-5-57/
> Acknowledgements:
> 
> Intel would like to thank Agence Nationale de Securite des Systemes
> d'Information (ANSSI) for reporting CVE-2021-0129.
> 
> Intel, and nearly the entire technology industry, follows a disclosure
> practice called Coordinated Disclosure, under which a cybersecurity
> vulnerability is generally publicly disclosed only after mitigations are
> available.

Kernel:
 master: has it
 SLE15-SP2: has it (update References)
 cve/linux-4.12: submitted
 cve/linux-4.4: has it (update References)
 cve/linux-3.0: affected
 cve/linux-2.6.32: affected

BlueZ:
5.13
SUSE:SLE-12:Update
  - SUSE:SLE-12-SP1:Update/bluez
SUSE:SLE-12-SP2:Update/bluez
  - SUSE:SLE-12-SP3:Update
  - SUSE:SLE-12-SP4:Update
  - SUSE:SLE-12-SP5:Update
5.48
SUSE:SLE-15:Update
    SUSE:SLE-15-SP1:Update
SUSE:SLE-15-SP2:Update

5.55
SUSE:SLE-15-SP3:Update Submitted : sr:243022

In kernel:
kernel version before 3.19 we can't apply because there are no function support for the patch:
6d19628f539f Bluetooth: SMP: Fail if remote and local public keys are identical (v5.13-rc1)
(6d19628f539f depends on d8f8edbe9397 Bluetooth: Add handler function for receiving LE SC public key (v3.19-rc1))

In BlueZ:
It need huge backporting work for the version before 5.55.
Comment 16 Swamp Workflow Management 2021-06-28 19:26:57 UTC 
openSUSE-SU-2021:2184-1: An update that solves four vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1087082,1152489,1154353,1174978,1176447,1176771,1177666,1178134,1178378,1178612,1179610,1182999,1183712,1184259,1184436,1184631,1185195,1185428,1185497,1185570,1185589,1185675,1185701,1186155,1186286,1186460,1186463,1186472,1186501,1186672,1186677,1186681,1186752,1186885,1186928,1186949,1186950,1186951,1186952,1186953,1186954,1186955,1186956,1186957,1186958,1186959,1186960,1186961,1186962,1186963,1186964,1186965,1186966,1186967,1186968,1186969,1186970,1186971,1186972,1186973,1186974,1186976,1186977,1186978,1186979,1186980,1186981,1186982,1186983,1186984,1186985,1186986,1186987,1186988,1186989,1186990,1186991,1186992,1186993,1186994,1186995,1186996,1186997,1186998,1186999,1187000,1187001,1187002,1187003,1187038,1187039,1187050,1187052,1187067,1187068,1187069,1187072,1187143,1187144,1187167,1187334,1187344,1187345,1187346,1187347,1187348,1187349,1187350,1187351,1187357,1187711
CVE References: CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-64kb-5.3.18-59.10.1, kernel-debug-5.3.18-59.10.1, kernel-default-5.3.18-59.10.1, kernel-default-base-5.3.18-59.10.1.18.4.2, kernel-docs-5.3.18-59.10.1, kernel-kvmsmall-5.3.18-59.10.1, kernel-obs-build-5.3.18-59.10.1, kernel-obs-qa-5.3.18-59.10.1, kernel-preempt-5.3.18-59.10.1, kernel-source-5.3.18-59.10.1, kernel-syms-5.3.18-59.10.1, kernel-zfcpdump-5.3.18-59.10.1
Comment 17 Swamp Workflow Management 2021-06-28 19:59:24 UTC 
SUSE-SU-2021:2184-1: An update that solves four vulnerabilities and has 107 fixes is now available.

Category: security (important)
Bug References: 1087082,1152489,1154353,1174978,1176447,1176771,1177666,1178134,1178378,1178612,1179610,1182999,1183712,1184259,1184436,1184631,1185195,1185428,1185497,1185570,1185589,1185675,1185701,1186155,1186286,1186460,1186463,1186472,1186501,1186672,1186677,1186681,1186752,1186885,1186928,1186949,1186950,1186951,1186952,1186953,1186954,1186955,1186956,1186957,1186958,1186959,1186960,1186961,1186962,1186963,1186964,1186965,1186966,1186967,1186968,1186969,1186970,1186971,1186972,1186973,1186974,1186976,1186977,1186978,1186979,1186980,1186981,1186982,1186983,1186984,1186985,1186986,1186987,1186988,1186989,1186990,1186991,1186992,1186993,1186994,1186995,1186996,1186997,1186998,1186999,1187000,1187001,1187002,1187003,1187038,1187039,1187050,1187052,1187067,1187068,1187069,1187072,1187143,1187144,1187167,1187334,1187344,1187345,1187346,1187347,1187348,1187349,1187350,1187351,1187357,1187711
CVE References: CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.10.1, kernel-preempt-5.3.18-59.10.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.10.1, kernel-livepatch-SLE15-SP3_Update_2-1-7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.10.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.10.1, kernel-obs-build-5.3.18-59.10.1, kernel-preempt-5.3.18-59.10.1, kernel-source-5.3.18-59.10.1, kernel-syms-5.3.18-59.10.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.10.1, kernel-default-5.3.18-59.10.1, kernel-default-base-5.3.18-59.10.1.18.4.2, kernel-preempt-5.3.18-59.10.1, kernel-source-5.3.18-59.10.1, kernel-zfcpdump-5.3.18-59.10.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2021-06-30 13:32:26 UTC 
SUSE-SU-2021:2202-1: An update that solves four vulnerabilities and has 98 fixes is now available.

Category: security (important)
Bug References: 1152489,1154353,1174978,1176447,1176771,1178134,1178612,1179610,1183712,1184259,1184436,1184631,1185195,1185570,1185589,1185675,1185701,1186155,1186286,1186463,1186472,1186672,1186677,1186752,1186885,1186928,1186949,1186950,1186951,1186952,1186953,1186954,1186955,1186956,1186957,1186958,1186959,1186960,1186961,1186962,1186963,1186964,1186965,1186966,1186967,1186968,1186969,1186970,1186971,1186972,1186973,1186974,1186976,1186977,1186978,1186979,1186980,1186981,1186982,1186983,1186984,1186985,1186986,1186987,1186988,1186989,1186990,1186991,1186992,1186993,1186994,1186995,1186996,1186997,1186998,1186999,1187000,1187001,1187002,1187003,1187038,1187039,1187050,1187052,1187067,1187068,1187069,1187072,1187143,1187144,1187167,1187334,1187344,1187345,1187346,1187347,1187348,1187349,1187350,1187351,1187357,1187711
CVE References: CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.8.1, kernel-source-azure-5.3.18-38.8.1, kernel-syms-azure-5.3.18-38.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2021-06-30 14:06:58 UTC 
openSUSE-SU-2021:2202-1: An update that solves four vulnerabilities and has 98 fixes is now available.

Category: security (important)
Bug References: 1152489,1154353,1174978,1176447,1176771,1178134,1178612,1179610,1183712,1184259,1184436,1184631,1185195,1185570,1185589,1185675,1185701,1186155,1186286,1186463,1186472,1186672,1186677,1186752,1186885,1186928,1186949,1186950,1186951,1186952,1186953,1186954,1186955,1186956,1186957,1186958,1186959,1186960,1186961,1186962,1186963,1186964,1186965,1186966,1186967,1186968,1186969,1186970,1186971,1186972,1186973,1186974,1186976,1186977,1186978,1186979,1186980,1186981,1186982,1186983,1186984,1186985,1186986,1186987,1186988,1186989,1186990,1186991,1186992,1186993,1186994,1186995,1186996,1186997,1186998,1186999,1187000,1187001,1187002,1187003,1187038,1187039,1187050,1187052,1187067,1187068,1187069,1187072,1187143,1187144,1187167,1187334,1187344,1187345,1187346,1187347,1187348,1187349,1187350,1187351,1187357,1187711
CVE References: CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.8.1, kernel-source-azure-5.3.18-38.8.1, kernel-syms-azure-5.3.18-38.8.1
Comment 25 OBSbugzilla Bot 2021-07-07 10:51:47 UTC 
This is an autogenerated message for OBS integration:
This bug (1186463) was mentioned in
https://build.opensuse.org/request/show/904571 15.2 / kernel-source
Comment 28 Swamp Workflow Management 2021-07-08 13:24:33 UTC 
openSUSE-SU-2021:0985-1: An update that solves 10 vulnerabilities and has 103 fixes is now available.

Category: security (important)
Bug References: 1152489,1153274,1154353,1155518,1164648,1174978,1176771,1179610,1182470,1183712,1184212,1184436,1184685,1185195,1185486,1185589,1185675,1185677,1185701,1185861,1185863,1186206,1186286,1186463,1186666,1186672,1186752,1186949,1186950,1186951,1186952,1186953,1186954,1186955,1186956,1186957,1186958,1186959,1186960,1186961,1186962,1186963,1186964,1186965,1186966,1186967,1186968,1186969,1186970,1186971,1186972,1186973,1186974,1186976,1186977,1186978,1186979,1186980,1186981,1186982,1186983,1186984,1186985,1186986,1186987,1186988,1186989,1186990,1186991,1186992,1186993,1186994,1186995,1186996,1186997,1186998,1186999,1187000,1187001,1187002,1187003,1187038,1187050,1187067,1187068,1187069,1187072,1187143,1187144,1187171,1187263,1187356,1187402,1187403,1187404,1187407,1187408,1187409,1187410,1187411,1187412,1187413,1187452,1187554,1187595,1187601,1187795,1187867,1187883,1187886,1187927,1187972,1187980
CVE References: CVE-2020-24588,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693,CVE-2021-3573
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.81.1, kernel-default-5.3.18-lp152.81.1, kernel-default-base-5.3.18-lp152.81.1.lp152.8.36.1, kernel-docs-5.3.18-lp152.81.1, kernel-kvmsmall-5.3.18-lp152.81.1, kernel-obs-build-5.3.18-lp152.81.1, kernel-obs-qa-5.3.18-lp152.81.1, kernel-preempt-5.3.18-lp152.81.1, kernel-source-5.3.18-lp152.81.1, kernel-syms-5.3.18-lp152.81.1
Comment 29 Swamp Workflow Management 2021-07-12 10:23:07 UTC 
SUSE-SU-2021:2291-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1186463
CVE References: CVE-2020-26558,CVE-2021-0129
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    bluez-5.55-3.3.1
SUSE Linux Enterprise Module for Desktop Applications 15-SP3 (src):    bluez-5.55-3.3.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    bluez-5.55-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2021-07-12 19:22:11 UTC 
openSUSE-SU-2021:2291-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1186463
CVE References: CVE-2020-26558,CVE-2021-0129
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    bluez-5.55-3.3.1
Comment 33 Swamp Workflow Management 2021-07-13 13:18:54 UTC 
SUSE-SU-2021:2303-1: An update that solves 9 vulnerabilities, contains 8 features and has 100 fixes is now available.

Category: security (important)
Bug References: 1152489,1153274,1154353,1155518,1164648,1174978,1176771,1179610,1182470,1183712,1184212,1184685,1185195,1185486,1185589,1185675,1185677,1185701,1186206,1186463,1186666,1186672,1186752,1186949,1186950,1186951,1186952,1186953,1186954,1186955,1186956,1186957,1186958,1186959,1186960,1186961,1186962,1186963,1186964,1186965,1186966,1186967,1186968,1186969,1186970,1186971,1186972,1186973,1186974,1186976,1186977,1186978,1186979,1186980,1186981,1186982,1186983,1186984,1186985,1186986,1186987,1186988,1186989,1186990,1186991,1186992,1186993,1186994,1186995,1186996,1186997,1186998,1186999,1187000,1187001,1187002,1187003,1187038,1187050,1187067,1187068,1187069,1187072,1187143,1187144,1187171,1187263,1187356,1187402,1187403,1187404,1187407,1187408,1187409,1187410,1187411,1187412,1187413,1187452,1187554,1187595,1187601,1187795,1187867,1187883,1187886,1187927,1187972,1187980
CVE References: CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693,CVE-2021-3573
JIRA References: ECO-3691,SLE-11493,SLE-11796,SLE-17882,SLE-7926,SLE-8371,SLE-8389,SLE-8464
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.53.1, kernel-source-azure-5.3.18-18.53.1, kernel-syms-azure-5.3.18-18.53.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2021-07-14 19:19:33 UTC 
SUSE-SU-2021:2325-1: An update that solves 9 vulnerabilities, contains 8 features and has 100 fixes is now available.

Category: security (important)
Bug References: 1152489,1153274,1154353,1155518,1164648,1174978,1176771,1179610,1182470,1183712,1184212,1184685,1185195,1185486,1185589,1185675,1185677,1185701,1186206,1186463,1186666,1186672,1186752,1186949,1186950,1186951,1186952,1186953,1186954,1186955,1186956,1186957,1186958,1186959,1186960,1186961,1186962,1186963,1186964,1186965,1186966,1186967,1186968,1186969,1186970,1186971,1186972,1186973,1186974,1186976,1186977,1186978,1186979,1186980,1186981,1186982,1186983,1186984,1186985,1186986,1186987,1186988,1186989,1186990,1186991,1186992,1186993,1186994,1186995,1186996,1186997,1186998,1186999,1187000,1187001,1187002,1187003,1187038,1187050,1187067,1187068,1187069,1187072,1187143,1187144,1187171,1187263,1187356,1187402,1187403,1187404,1187407,1187408,1187409,1187410,1187411,1187412,1187413,1187452,1187554,1187595,1187601,1187795,1187867,1187883,1187886,1187927,1187972,1187980
CVE References: CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693,CVE-2021-3573
JIRA References: ECO-3691,SLE-11493,SLE-11796,SLE-17882,SLE-7926,SLE-8371,SLE-8389,SLE-8464
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.70.1, kernel-default-base-5.3.18-24.70.1.9.32.1
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.70.1, kernel-preempt-5.3.18-24.70.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.70.1, kernel-livepatch-SLE15-SP2_Update_16-1-5.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.70.1
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.70.1, kernel-obs-build-5.3.18-24.70.1, kernel-preempt-5.3.18-24.70.1, kernel-source-5.3.18-24.70.1, kernel-syms-5.3.18-24.70.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.70.1, kernel-default-base-5.3.18-24.70.1.9.32.1, kernel-preempt-5.3.18-24.70.1, kernel-source-5.3.18-24.70.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.70.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2021-07-14 19:32:27 UTC 
SUSE-SU-2021:2321-1: An update that solves 9 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 1103990,1103991,1104353,1113994,1114648,1129770,1135481,1136345,1174978,1179610,1182470,1185486,1185677,1185701,1185861,1185863,1186206,1186264,1186463,1186515,1186516,1186517,1186518,1186519,1186520,1186521,1186522,1186523,1186524,1186525,1186526,1186527,1186528,1186529,1186530,1186531,1186532,1186533,1186534,1186535,1186537,1186538,1186539,1186540,1186541,1186542,1186543,1186545,1186546,1186547,1186548,1186549,1186550,1186551,1186552,1186554,1186555,1186556,1186627,1186635,1186638,1186698,1186699,1186700,1186701,1187038,1187049,1187402,1187404,1187407,1187408,1187409,1187411,1187412,1187452,1187453,1187455,1187554,1187595,1187601,1187630,1187631,1187833,1187867,1187972
CVE References: CVE-2019-25045,CVE-2020-24588,CVE-2020-26558,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.62.1, kernel-source-azure-4.12.14-16.62.1, kernel-syms-azure-4.12.14-16.62.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2021-07-14 19:42:57 UTC 
SUSE-SU-2021:2349-1: An update that solves 9 vulnerabilities and has 79 fixes is now available.

Category: security (important)
Bug References: 1103990,1103991,1104353,1113994,1114648,1129770,1135481,1136345,1174978,1179610,1182470,1184040,1185428,1185486,1185677,1185701,1185861,1185863,1186206,1186264,1186463,1186515,1186516,1186517,1186518,1186519,1186520,1186521,1186522,1186523,1186524,1186525,1186526,1186527,1186528,1186529,1186530,1186531,1186532,1186533,1186534,1186535,1186537,1186538,1186539,1186540,1186541,1186542,1186543,1186545,1186546,1186547,1186548,1186549,1186550,1186551,1186552,1186554,1186555,1186556,1186627,1186635,1186638,1186698,1186699,1186700,1186701,1187038,1187049,1187402,1187404,1187407,1187408,1187409,1187411,1187412,1187452,1187453,1187455,1187554,1187595,1187601,1187630,1187631,1187833,1187867,1187972,1188010
CVE References: CVE-2019-25045,CVE-2020-24588,CVE-2020-26558,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-rt-4.12.14-10.49.1
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.49.1, kernel-rt_debug-4.12.14-10.49.1, kernel-source-rt-4.12.14-10.49.1, kernel-syms-rt-4.12.14-10.49.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2021-07-14 20:20:51 UTC 
SUSE-SU-2021:2324-1: An update that solves 9 vulnerabilities and has 77 fixes is now available.

Category: security (important)
Bug References: 1103990,1103991,1104353,1113994,1114648,1129770,1135481,1136345,1174978,1179610,1182470,1185486,1185677,1185701,1185861,1185863,1186206,1186264,1186463,1186515,1186516,1186517,1186518,1186519,1186520,1186521,1186522,1186523,1186524,1186525,1186526,1186527,1186528,1186529,1186530,1186531,1186532,1186533,1186534,1186535,1186537,1186538,1186539,1186540,1186541,1186542,1186543,1186545,1186546,1186547,1186548,1186549,1186550,1186551,1186552,1186554,1186555,1186556,1186627,1186635,1186638,1186698,1186699,1186700,1186701,1187038,1187049,1187402,1187404,1187407,1187408,1187409,1187411,1187412,1187452,1187453,1187455,1187554,1187595,1187601,1187630,1187631,1187833,1187867,1187972,1188010
CVE References: CVE-2019-25045,CVE-2020-24588,CVE-2020-26558,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.77.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.77.1, kernel-obs-build-4.12.14-122.77.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.77.1, kernel-source-4.12.14-122.77.1, kernel-syms-4.12.14-122.77.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.77.1, kgraft-patch-SLE12-SP5_Update_20-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.77.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 48 Swamp Workflow Management 2021-07-20 16:38:04 UTC 
SUSE-SU-2021:2406-1: An update that solves 20 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1179610,1180846,1184611,1185859,1185860,1185861,1185862,1185863,1185898,1185987,1186060,1186062,1186111,1186390,1186463,1187038,1187050,1187215,1187452,1187595,1187601,1187934,1188062,1188116
CVE References: CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-23134,CVE-2021-32399,CVE-2021-33034,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.158.1, kernel-source-4.4.121-92.158.1, kernel-syms-4.4.121-92.158.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 49 Swamp Workflow Management 2021-07-21 13:23:58 UTC 
SUSE-SU-2021:2421-1: An update that solves 24 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1176081,1179610,1183738,1184611,1184675,1185642,1185725,1185859,1185860,1185861,1185862,1185898,1185987,1186060,1186062,1186111,1186463,1186484,1187038,1187050,1187215,1187452,1187554,1187595,1187601,1188062,1188116
CVE References: CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-23133,CVE-2021-23134,CVE-2021-32399,CVE-2021-33034,CVE-2021-33200,CVE-2021-33624,CVE-2021-33909,CVE-2021-34693,CVE-2021-3491,CVE-2021-3609
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.75.1, kernel-docs-4.12.14-150.75.1, kernel-obs-build-4.12.14-150.75.1, kernel-source-4.12.14-150.75.1, kernel-syms-4.12.14-150.75.1, kernel-vanilla-4.12.14-150.75.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.75.1, kernel-docs-4.12.14-150.75.1, kernel-obs-build-4.12.14-150.75.1, kernel-source-4.12.14-150.75.1, kernel-syms-4.12.14-150.75.1, kernel-vanilla-4.12.14-150.75.1, kernel-zfcpdump-4.12.14-150.75.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.75.1, kernel-livepatch-SLE15_Update_25-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.75.1, kernel-docs-4.12.14-150.75.1, kernel-obs-build-4.12.14-150.75.1, kernel-source-4.12.14-150.75.1, kernel-syms-4.12.14-150.75.1, kernel-vanilla-4.12.14-150.75.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.75.1, kernel-docs-4.12.14-150.75.1, kernel-obs-build-4.12.14-150.75.1, kernel-source-4.12.14-150.75.1, kernel-syms-4.12.14-150.75.1, kernel-vanilla-4.12.14-150.75.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.75.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 50 Swamp Workflow Management 2021-07-21 13:30:38 UTC 
openSUSE-SU-2021:2427-1: An update that solves 13 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1153720,1174978,1179610,1181193,1185428,1185701,1185861,1186463,1186484,1187038,1187050,1187215,1187452,1187554,1187595,1187601,1188062,1188116
CVE References: CVE-2020-24588,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-33200,CVE-2021-33624,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-197.99.1, kernel-default-4.12.14-197.99.1, kernel-kvmsmall-4.12.14-197.99.1, kernel-vanilla-4.12.14-197.99.1, kernel-zfcpdump-4.12.14-197.99.1
Comment 51 Swamp Workflow Management 2021-07-21 13:39:59 UTC 
SUSE-SU-2021:2426-1: An update that solves 9 vulnerabilities, contains 8 features and has 101 fixes is now available.

Category: security (important)
Bug References: 1152489,1153274,1154353,1155518,1164648,1174978,1176771,1179610,1182470,1183712,1184212,1184685,1185195,1185486,1185589,1185675,1185677,1185701,1186206,1186463,1186666,1186672,1186752,1186949,1186950,1186951,1186952,1186953,1186954,1186955,1186956,1186957,1186958,1186959,1186960,1186961,1186962,1186963,1186964,1186965,1186966,1186967,1186968,1186969,1186970,1186971,1186972,1186973,1186974,1186976,1186977,1186978,1186979,1186980,1186981,1186982,1186983,1186984,1186985,1186986,1186987,1186988,1186989,1186990,1186991,1186992,1186993,1186994,1186995,1186996,1186997,1186998,1186999,1187000,1187001,1187002,1187003,1187038,1187050,1187067,1187068,1187069,1187072,1187143,1187144,1187171,1187263,1187356,1187402,1187403,1187404,1187407,1187408,1187409,1187410,1187411,1187412,1187413,1187452,1187554,1187595,1187601,1187795,1187834,1187867,1187883,1187886,1187927,1187972,1187980
CVE References: CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-33624,CVE-2021-34693,CVE-2021-3573
JIRA References: ECO-3691,SLE-11493,SLE-11796,SLE-17882,SLE-7926,SLE-8371,SLE-8389,SLE-8464
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-42.2, kernel-rt_debug-5.3.18-42.2, kernel-source-rt-5.3.18-42.1, kernel-syms-rt-5.3.18-42.1, lttng-modules-2.10.10-1.5.1, oracleasm-2.0.8-1.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 52 Swamp Workflow Management 2021-07-21 13:53:55 UTC 
SUSE-SU-2021:2427-1: An update that solves 13 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1153720,1174978,1179610,1181193,1185428,1185701,1185861,1186463,1186484,1187038,1187050,1187215,1187452,1187554,1187595,1187601,1188062,1188116
CVE References: CVE-2020-24588,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-33200,CVE-2021-33624,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1, kernel-zfcpdump-4.12.14-197.99.1
SUSE Manager Retail Branch Server 4.0 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Manager Proxy 4.0 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1, kernel-zfcpdump-4.12.14-197.99.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.99.1, kernel-livepatch-SLE15-SP1_Update_26-1-3.3.3
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.99.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 53 Swamp Workflow Management 2021-07-21 13:58:08 UTC 
SUSE-SU-2021:2422-1: An update that solves 13 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1104967,1174978,1179610,1185701,1185861,1186463,1186484,1187038,1187050,1187215,1187452,1187554,1187595,1187601,1187934,1188062,1188116
CVE References: CVE-2020-24588,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-33200,CVE-2021-33624,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.80.1, kernel-source-4.12.14-95.80.1, kernel-syms-4.12.14-95.80.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.80.1, kernel-source-4.12.14-95.80.1, kernel-syms-4.12.14-95.80.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.80.1, kernel-source-4.12.14-95.80.1, kernel-syms-4.12.14-95.80.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.80.1, kernel-source-4.12.14-95.80.1, kernel-syms-4.12.14-95.80.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.80.1, kgraft-patch-SLE12-SP4_Update_22-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.80.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 54 Swamp Workflow Management 2021-07-22 16:22:07 UTC 
SUSE-SU-2021:2451-1: An update that solves 20 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 1115026,1175462,1179610,1184611,1185724,1185859,1185860,1185861,1185862,1185863,1185898,1185987,1186060,1186062,1186111,1186235,1186390,1186463,1187038,1187050,1187193,1187215,1187388,1187452,1187595,1187601,1187934,1188062,1188063,1188116
CVE References: CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-23134,CVE-2021-32399,CVE-2021-33034,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.147.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 62 Takashi Iwai 2022-05-27 13:16:38 UTC 
Joey, any update on this?
Comment 64 Jan Kara 2022-08-25 14:51:15 UTC 
Joey, can you please help us unstuck this security bug? It is idle for over an year...
Comment 65 Joey Lee 2022-08-26 05:38:40 UTC 
(In reply to Takashi Iwai from comment #62)
> Joey, any update on this?

(In reply to Jan Kara from comment #64)
> Joey, can you please help us unstuck this security bug? It is idle for over
> an year...

Thanks of Takashi and Jan's reminder. I am looking at the description and will continue to backporting.
Comment 66 Joey Lee 2022-09-02 10:05:21 UTC 
(In reply to Al Cho from comment #8)
> (In reply to Marcus Meissner from comment #7)
> > https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-
> > 00517.html
> > 
> > 
> > Summary: 
> > 
> > Potential security vulnerabilities in BlueZ may allow information
> > disclosure.  BlueZ is releasing Linux kernel Bluetooth subsystem updates to
> > mitigate these potential vulnerabilities.
> > Vulnerability Details:
> > 
> > CVEID:  CVE-2021-0129
> > 
> > Description: Improper access control in BlueZ may allow an authenticated
> > user to potentially enable information disclosure via adjacent access.
> > 
> > CVSS Base Score: 6.4 Medium
> > 
> > CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N
> > 
> >  
> > 
> > CVEID:  CVE-2020-26558 (Non-Intel issued)
> > 
> > Description: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core
> > Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker
> > to identify the Passkey used during pairing (in the Passkey authentication
> > procedure) by reflection of the public key and the authentication evidence
> > of the initiating device, potentially permitting this attacker to complete
> > authenticated pairing with the responding device using the correct Passkey
> > for the pairing session. The attack methodology determines the Passkey value
> > one bit at a time.
> > 
> > CVSS Base Score: 4.2 Medium
> > 
> > CVSS Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
> > Affected Products:
> > 
> > All Linux kernel versions prior to 5.13 that support BlueZ.
> > Recommendations:
> > 
> > Intel recommends installing the following kernel fix and BlueZ update to
> > address these issues:
> > 
> > https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next.git/
> > commit/net/bluetooth/smp.c?id=6d19628f539fccf899298ff02ee4c73e4bf6df3f
> > 
> >  
> > 
> > https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/
> > ?id=00da0fb4972cf59e1c075f313da81ea549cb8738
> > 
> > Or use the following BlueZ releases which already incorporate the fixes:
> > 
> > ·         kernel: 5.13
> > 
> > ·         userspace:  http://www.bluez.org/release-of-bluez-5-58-and-5-57/
> > Acknowledgements:
> > 
> > Intel would like to thank Agence Nationale de Securite des Systemes
> > d'Information (ANSSI) for reporting CVE-2021-0129.
> > 
> > Intel, and nearly the entire technology industry, follows a disclosure
> > practice called Coordinated Disclosure, under which a cybersecurity
> > vulnerability is generally publicly disclosed only after mitigations are
> > available.
> 
> Kernel:
>  master: has it
>  SLE15-SP2: has it (update References)
>  cve/linux-4.12: submitted
>  cve/linux-4.4: has it (update References)
>  cve/linux-3.0: affected
>  cve/linux-2.6.32: affected
> 

 cve/linux-3.0: not affected       [does not have this function]
 cve/linux-2.6.32: not affected    [does not have this function]

I am checking the bluz part.
Comment 67 Joey Lee 2022-09-07 07:41:59 UTC 
(In reply to Joey Lee from comment #66)
> (In reply to Al Cho from comment #8)
[...]
>
> BlueZ:
> 5.13
> SUSE:SLE-12:Update
>   - SUSE:SLE-12-SP1:Update/bluez
> SUSE:SLE-12-SP2:Update/bluez
>   - SUSE:SLE-12-SP3:Update
>   - SUSE:SLE-12-SP4:Update
>   - SUSE:SLE-12-SP5:Update
> 5.48
> SUSE:SLE-15:Update
>     SUSE:SLE-15-SP1:Update
> SUSE:SLE-15-SP2:Update
> 
> 5.55
> SUSE:SLE-15-SP3:Update Submitted : sr:243022
> 
[...snip]
> 
> In BlueZ:
> It need huge backporting work for the version before 5.55.

Confirmed the 00da0fb4972 patch be merged to 15-SP3. 

In SLE15-SP2 bluz, looks that gatt-server.c needs many patches. I am looking at if I can void to backport too many things.
Comment 69 Joey Lee 2022-09-13 13:32:28 UTC 
(In reply to Joey Lee from comment #67)
> (In reply to Joey Lee from comment #66)
> > (In reply to Al Cho from comment #8)
> [...]
> >
> > BlueZ:
> > 5.13
> > SUSE:SLE-12:Update
> >   - SUSE:SLE-12-SP1:Update/bluez
> > SUSE:SLE-12-SP2:Update/bluez
> >   - SUSE:SLE-12-SP3:Update
> >   - SUSE:SLE-12-SP4:Update
> >   - SUSE:SLE-12-SP5:Update
> > 5.48
> > SUSE:SLE-15:Update
> >     SUSE:SLE-15-SP1:Update
> > SUSE:SLE-15-SP2:Update
> > 
> > 5.55
> > SUSE:SLE-15-SP3:Update Submitted : sr:243022
> > 
> [...snip]
> > 
> > In BlueZ:
> > It need huge backporting work for the version before 5.55.
> 
> Confirmed the 00da0fb4972 patch be merged to 15-SP3. 
> 
> In SLE15-SP2 bluz, looks that gatt-server.c needs many patches. I am looking
> at if I can void to backport too many things.

I have backported 00da0fb4972 patch to SLE15/15-SP1 and 15-SP2. I chose to modify it for bluez-5.48. 

Part of 00da0fb4972 patch modified ee49fb1d13 patch. The ee49fb1d13 patch is not for this bug and it depends on other patches. If we want it then I suggest direct upgrade to bluez-5.55.

commit ee49fb1d13617e7d38fbf8f979206b905aa25345      [5.55~233]
Author: Archie Pusaka <apusaka@chromium.org>
Date:   Thu May 7 14:38:46 2020 +0800

    shared/gatt-server: Fix read multiple charc values

So finally I modified 00da0fb4972 patch to change the parts relate to ee49fb1d1361.
Comment 70 Joey Lee 2022-09-13 13:42:13 UTC 
(In reply to Joey Lee from comment #67)
> (In reply to Joey Lee from comment #66)
> > (In reply to Al Cho from comment #8)
> [...]
> >
> > BlueZ:
> > 5.13
> > SUSE:SLE-12:Update
> >   - SUSE:SLE-12-SP1:Update/bluez
> > SUSE:SLE-12-SP2:Update/bluez
> >   - SUSE:SLE-12-SP3:Update
> >   - SUSE:SLE-12-SP4:Update
> >   - SUSE:SLE-12-SP5:Update

About bluez-5.13, it doesn't have src/shared/gatt-server.c. So the 00da0fb4972 patch can not be applied on bluez-5.13. Which means the patch can not applied on SLE-12 family. The bt_gatt_server be introduced since bluez-5.25:

From c15608a7febfafe36b5a5ecea68746bde878420b Mon Sep 17 00:00:00 2001
From: Arman Uguray <armansito@chromium.org>
Date: Mon, 13 Oct 2014 14:10:00 -0700
Subject: [PATCH 01/48] shared/gatt-server: Introduce bt_gatt-server

It doesn't make sense to backport all patches of bluez from 5.13 to 5.5. So I wan to set WONFIX on SLE-12. Otherwise the bluez must be upgraded to 5.5, but I am not sure that the old kernel can work with it and new bluez can be built on old SLE-12 codebase.
Comment 71 Joey Lee 2022-09-13 13:42:52 UTC 
Set wrong status when put comment. Reopened it.
Comment 72 Gabriele Sonnu 2022-09-14 08:12:23 UTC 
We decided to set WONTFIX on older bluez versions since the CVSS score is below 7 and backporting the fix or updating bluez to a newer version is very complicated and there's a risk of breaking customer environments.

Nothing else to do, closing.
Comment 73 Joey Lee 2022-10-14 07:22:31 UTC 
(In reply to Joey Lee from comment #69)
> (In reply to Joey Lee from comment #67)
> > (In reply to Joey Lee from comment #66)
> > > (In reply to Al Cho from comment #8)
> > [...]
> > >
> > > BlueZ:
> > > 5.13
> > > SUSE:SLE-12:Update
> > >   - SUSE:SLE-12-SP1:Update/bluez
> > > SUSE:SLE-12-SP2:Update/bluez
> > >   - SUSE:SLE-12-SP3:Update
> > >   - SUSE:SLE-12-SP4:Update
> > >   - SUSE:SLE-12-SP5:Update
> > > 5.48
> > > SUSE:SLE-15:Update
> > >     SUSE:SLE-15-SP1:Update
> > > SUSE:SLE-15-SP2:Update
> > > 
> > > 5.55
> > > SUSE:SLE-15-SP3:Update Submitted : sr:243022
> > > 
> > [...snip]
> > > 
> > > In BlueZ:
> > > It need huge backporting work for the version before 5.55.
> > 
> > Confirmed the 00da0fb4972 patch be merged to 15-SP3. 
> > 
> > In SLE15-SP2 bluz, looks that gatt-server.c needs many patches. I am looking
> > at if I can void to backport too many things.
> 
> I have backported 00da0fb4972 patch to SLE15/15-SP1 and 15-SP2. I chose to
> modify it for bluez-5.48. 
> 

Add shared-gatt-server-Fix-not-properly-checking-for-sec.patch(bsc#1186463)(CVE-2021-0129,CVE-2020-26558)
https://build.suse.de/request/show/279501

Submit update from package SUSE:Maintenance:REQUEST:279501 / bluez.SUSE_SLE-15_Update to package SUSE:Main...ce:25900 / bluez.SUS...5_Update
Release in SUSE:SLE-15:Update

Add shared-gatt-server-Fix-not-properly-checking-for-sec.patch (bsc#1186463)(CVE-2021-0129,CVE-2020-26558)
https://build.suse.de/request/show/279499

Submit update from package SUSE:Maintenance:REQUEST:279499 / bluez.SUSE_SLE-15-SP2_Update to package SUSE:Main...ce:25899 / bluez.SUS...2_Update
Release in SUSE:SLE-15-SP2:Update
Comment 79 Swamp Workflow Management 2022-10-21 16:24:51 UTC 
SUSE-SU-2022:3687-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1186463,1188859,1192394,1193227,1193237
CVE References: CVE-2019-8921,CVE-2019-8922,CVE-2020-26558,CVE-2021-0129,CVE-2021-3658,CVE-2021-43400
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    bluez-5.48-150000.5.41.1
SUSE Linux Enterprise Server for SAP 15 (src):    bluez-5.48-150000.5.41.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    bluez-5.48-150000.5.41.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    bluez-5.48-150000.5.41.1
SUSE Linux Enterprise Server 15-LTSS (src):    bluez-5.48-150000.5.41.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    bluez-5.48-150000.5.41.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    bluez-5.48-150000.5.41.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    bluez-5.48-150000.5.41.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    bluez-5.48-150000.5.41.1
SUSE Enterprise Storage 6 (src):    bluez-5.48-150000.5.41.1
SUSE CaaS Platform 4.0 (src):    bluez-5.48-150000.5.41.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 80 Swamp Workflow Management 2022-10-21 16:27:42 UTC 
SUSE-SU-2022:3691-1: An update that fixes 6 vulnerabilities is now available.

Category: security (important)
Bug References: 1186463,1188859,1192394,1193227,1193237
CVE References: CVE-2019-8921,CVE-2019-8922,CVE-2020-26558,CVE-2021-0129,CVE-2021-3658,CVE-2021-43400
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    bluez-5.48-150200.13.17.1
SUSE Manager Retail Branch Server 4.1 (src):    bluez-5.48-150200.13.17.1
SUSE Manager Proxy 4.1 (src):    bluez-5.48-150200.13.17.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    bluez-5.48-150200.13.17.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    bluez-5.48-150200.13.17.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    bluez-5.48-150200.13.17.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    bluez-5.48-150200.13.17.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    bluez-5.48-150200.13.17.1
SUSE Enterprise Storage 7 (src):    bluez-5.48-150200.13.17.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.