1188116 – (CVE-2021-22555) VUL-0: CVE-2021-22555: kernel-source-azure,kernel-source-rt,kernel-source: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c

Bug 1188116 (CVE-2021-22555) - VUL-0: CVE-2021-22555: kernel-source-azure,kernel-source-rt,kernel-source: out-of-bounds write in xt_compat_target_from_user() in net/netfilter/x_tables.c

Summary: VUL-0: CVE-2021-22555: kernel-source-azure,kernel-source-rt,kernel-source: ou...

Status:	RESOLVED FIXED

Alias:	CVE-2021-22555

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Major
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/303620/
Whiteboard:	CVSSv3.1:SUSE:CVE-2021-22555:7.8:(AV:...
Keywords:

Depends on:
Blocks:	1188117
	Show dependency tree / graph

Clone This Bug

Reported:	2021-07-08 11:53 UTC by Robert Frohl
Modified:	2024-06-25 16:11 UTC (History)
CC List:	10 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Robert Frohl 2021-07-08 11:53:57 UTC

rh#1980101

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space.

References:
https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1980101
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22555
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22555
https://github.com/google/security-research/security/advisories/GHSA-xxx5-8mvq-3528
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=9fa492cdc160cd27ce1046cb36f47d3b2b1efa21
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter/x_tables.c?id=b29c457a6511435960115c0f548c4360d5f4801d

Comment 5 Marcus Meissner 2021-07-15 10:02:33 UTC

As this issue requires unprivileged user namespace, SLE11 3.0 and older kernels are not affected, there it would only exploitable by the root user.

Comment 18 Swamp Workflow Management 2021-07-20 16:21:01 UTC

SUSE-SU-2021:2408-1: An update that solves 5 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1152472,1152489,1170511,1179243,1183871,1184114,1184804,1185308,1185791,1187215,1187585,1188036,1188062,1188080,1188116,1188121,1188176,1188267,1188268,1188269
CVE References: CVE-2021-22555,CVE-2021-33909,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP2 (src):    kernel-azure-5.3.18-18.58.1, kernel-source-azure-5.3.18-18.58.1, kernel-syms-azure-5.3.18-18.58.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 19 Swamp Workflow Management 2021-07-20 16:23:26 UTC

openSUSE-SU-2021:2409-1: An update that solves two vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 1152489,1182470,1185486,1187927,1187972,1187980,1188062,1188116
CVE References: CVE-2021-22555,CVE-2021-33909
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-38.14.1, kernel-source-azure-5.3.18-38.14.1, kernel-syms-azure-5.3.18-38.14.1

Comment 20 Swamp Workflow Management 2021-07-20 16:33:36 UTC

SUSE-SU-2021:2409-1: An update that solves two vulnerabilities and has 6 fixes is now available.

Category: security (important)
Bug References: 1152489,1182470,1185486,1187927,1187972,1187980,1188062,1188116
CVE References: CVE-2021-22555,CVE-2021-33909
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-38.14.1, kernel-source-azure-5.3.18-38.14.1, kernel-syms-azure-5.3.18-38.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 21 Swamp Workflow Management 2021-07-20 16:39:01 UTC

SUSE-SU-2021:2406-1: An update that solves 20 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1179610,1180846,1184611,1185859,1185860,1185861,1185862,1185863,1185898,1185987,1186060,1186062,1186111,1186390,1186463,1187038,1187050,1187215,1187452,1187595,1187601,1187934,1188062,1188116
CVE References: CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-23134,CVE-2021-32399,CVE-2021-33034,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.158.1, kernel-source-4.4.121-92.158.1, kernel-syms-4.4.121-92.158.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 22 Swamp Workflow Management 2021-07-20 16:42:22 UTC

SUSE-SU-2021:2407-1: An update that solves 5 vulnerabilities and has 15 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1153720,1170511,1183871,1184114,1185032,1185308,1185791,1185995,1187050,1187215,1187585,1187934,1188010,1188062,1188116,1188273,1188274
CVE References: CVE-2020-36385,CVE-2021-22555,CVE-2021-33909,CVE-2021-3609,CVE-2021-3612
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.65.1, kernel-source-azure-4.12.14-16.65.1, kernel-syms-azure-4.12.14-16.65.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Swamp Workflow Management 2021-07-20 19:19:54 UTC

SUSE-SU-2021:2416-1: An update that solves 5 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1153720,1170511,1183871,1184114,1185032,1185308,1185791,1185995,1187050,1187215,1187585,1187934,1188062,1188116,1188273,1188274
CVE References: CVE-2020-36385,CVE-2021-22555,CVE-2021-33909,CVE-2021-3609,CVE-2021-3612
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.80.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.80.1, kernel-obs-build-4.12.14-122.80.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.80.1, kernel-source-4.12.14-122.80.1, kernel-syms-4.12.14-122.80.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.80.1, kgraft-patch-SLE12-SP5_Update_21-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.80.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Swamp Workflow Management 2021-07-20 19:21:18 UTC

openSUSE-SU-2021:2415-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1188062,1188116
CVE References: CVE-2021-22555,CVE-2021-33909
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-64kb-5.3.18-59.16.1, kernel-debug-5.3.18-59.16.1, kernel-default-5.3.18-59.16.1, kernel-default-base-5.3.18-59.16.1.18.8.1, kernel-docs-5.3.18-59.16.1, kernel-kvmsmall-5.3.18-59.16.1, kernel-obs-build-5.3.18-59.16.1, kernel-obs-qa-5.3.18-59.16.1, kernel-preempt-5.3.18-59.16.1, kernel-source-5.3.18-59.16.1, kernel-syms-5.3.18-59.16.1, kernel-zfcpdump-5.3.18-59.16.1

Comment 25 Swamp Workflow Management 2021-07-20 19:22:45 UTC

SUSE-SU-2021:2415-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1188062,1188116
CVE References: CVE-2021-22555,CVE-2021-33909
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-59.16.1, kernel-preempt-5.3.18-59.16.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-59.16.1, kernel-livepatch-SLE15-SP3_Update_4-1-7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-59.16.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-59.16.1, kernel-obs-build-5.3.18-59.16.1, kernel-preempt-5.3.18-59.16.1, kernel-source-5.3.18-59.16.1, kernel-syms-5.3.18-59.16.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-59.16.1, kernel-default-5.3.18-59.16.1, kernel-default-base-5.3.18-59.16.1.18.8.1, kernel-preempt-5.3.18-59.16.1, kernel-source-5.3.18-59.16.1, kernel-zfcpdump-5.3.18-59.16.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-59.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 27 OBSbugzilla Bot 2021-07-21 11:11:54 UTC

This is an autogenerated message for OBS integration:
This bug (1188116) was mentioned in
https://build.opensuse.org/request/show/907471 15.2 / kernel-source

Comment 28 Swamp Workflow Management 2021-07-21 13:25:05 UTC

SUSE-SU-2021:2421-1: An update that solves 24 vulnerabilities and has three fixes is now available.

Category: security (important)
Bug References: 1176081,1179610,1183738,1184611,1184675,1185642,1185725,1185859,1185860,1185861,1185862,1185898,1185987,1186060,1186062,1186111,1186463,1186484,1187038,1187050,1187215,1187452,1187554,1187595,1187601,1188062,1188116
CVE References: CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-23133,CVE-2021-23134,CVE-2021-32399,CVE-2021-33034,CVE-2021-33200,CVE-2021-33624,CVE-2021-33909,CVE-2021-34693,CVE-2021-3491,CVE-2021-3609
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150.75.1, kernel-docs-4.12.14-150.75.1, kernel-obs-build-4.12.14-150.75.1, kernel-source-4.12.14-150.75.1, kernel-syms-4.12.14-150.75.1, kernel-vanilla-4.12.14-150.75.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150.75.1, kernel-docs-4.12.14-150.75.1, kernel-obs-build-4.12.14-150.75.1, kernel-source-4.12.14-150.75.1, kernel-syms-4.12.14-150.75.1, kernel-vanilla-4.12.14-150.75.1, kernel-zfcpdump-4.12.14-150.75.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.75.1, kernel-livepatch-SLE15_Update_25-1-1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150.75.1, kernel-docs-4.12.14-150.75.1, kernel-obs-build-4.12.14-150.75.1, kernel-source-4.12.14-150.75.1, kernel-syms-4.12.14-150.75.1, kernel-vanilla-4.12.14-150.75.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150.75.1, kernel-docs-4.12.14-150.75.1, kernel-obs-build-4.12.14-150.75.1, kernel-source-4.12.14-150.75.1, kernel-syms-4.12.14-150.75.1, kernel-vanilla-4.12.14-150.75.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.75.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2021-07-21 13:31:54 UTC

openSUSE-SU-2021:2427-1: An update that solves 13 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1153720,1174978,1179610,1181193,1185428,1185701,1185861,1186463,1186484,1187038,1187050,1187215,1187452,1187554,1187595,1187601,1188062,1188116
CVE References: CVE-2020-24588,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-33200,CVE-2021-33624,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-197.99.1, kernel-default-4.12.14-197.99.1, kernel-kvmsmall-4.12.14-197.99.1, kernel-vanilla-4.12.14-197.99.1, kernel-zfcpdump-4.12.14-197.99.1

Comment 30 Swamp Workflow Management 2021-07-21 13:55:08 UTC

SUSE-SU-2021:2427-1: An update that solves 13 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1153720,1174978,1179610,1181193,1185428,1185701,1185861,1186463,1186484,1187038,1187050,1187215,1187452,1187554,1187595,1187601,1188062,1188116
CVE References: CVE-2020-24588,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-33200,CVE-2021-33624,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
SUSE Manager Server 4.0 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1, kernel-zfcpdump-4.12.14-197.99.1
SUSE Manager Retail Branch Server 4.0 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Manager Proxy 4.0 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1, kernel-zfcpdump-4.12.14-197.99.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.99.1, kernel-livepatch-SLE15-SP1_Update_26-1-3.3.3
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.99.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-197.99.1, kernel-docs-4.12.14-197.99.1, kernel-obs-build-4.12.14-197.99.1, kernel-source-4.12.14-197.99.1, kernel-syms-4.12.14-197.99.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2021-07-21 13:59:29 UTC

SUSE-SU-2021:2422-1: An update that solves 13 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1104967,1174978,1179610,1185701,1185861,1186463,1186484,1187038,1187050,1187215,1187452,1187554,1187595,1187601,1187934,1188062,1188116
CVE References: CVE-2020-24588,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-33200,CVE-2021-33624,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.80.1, kernel-source-4.12.14-95.80.1, kernel-syms-4.12.14-95.80.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.80.1, kernel-source-4.12.14-95.80.1, kernel-syms-4.12.14-95.80.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.80.1, kernel-source-4.12.14-95.80.1, kernel-syms-4.12.14-95.80.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.80.1, kernel-source-4.12.14-95.80.1, kernel-syms-4.12.14-95.80.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.80.1, kgraft-patch-SLE12-SP4_Update_22-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.80.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2021-07-21 16:26:37 UTC

SUSE-SU-2021:2438-1: An update that solves 5 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1152472,1152489,1170511,1179243,1183871,1184114,1184804,1185308,1185791,1187215,1187585,1188036,1188062,1188080,1188116,1188121,1188176,1188267,1188268,1188269
CVE References: CVE-2021-22555,CVE-2021-33909,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612
JIRA References: 
Sources used:
SUSE MicroOS 5.0 (src):    kernel-default-5.3.18-24.75.3, kernel-default-base-5.3.18-24.75.3.9.34.3
SUSE Linux Enterprise Workstation Extension 15-SP2 (src):    kernel-default-5.3.18-24.75.3, kernel-preempt-5.3.18-24.75.3
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-24.75.3, kernel-livepatch-SLE15-SP2_Update_17-1-5.3.3
SUSE Linux Enterprise Module for Legacy Software 15-SP2 (src):    kernel-default-5.3.18-24.75.3
SUSE Linux Enterprise Module for Development Tools 15-SP2 (src):    kernel-docs-5.3.18-24.75.2, kernel-obs-build-5.3.18-24.75.3, kernel-preempt-5.3.18-24.75.3, kernel-source-5.3.18-24.75.2, kernel-syms-5.3.18-24.75.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    kernel-default-5.3.18-24.75.3, kernel-default-base-5.3.18-24.75.3.9.34.3, kernel-preempt-5.3.18-24.75.3, kernel-source-5.3.18-24.75.2
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-24.75.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Michal Kubeček 2021-07-21 22:23:35 UTC

As there are no plans to backport into branches based on kernel < 4.4, we are
done. Reassigning back to security team.

Comment 34 Swamp Workflow Management 2021-07-22 10:23:05 UTC

openSUSE-SU-2021:1076-1: An update that solves 5 vulnerabilities and has 24 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1152472,1152489,1155518,1170511,1176940,1179243,1180092,1183871,1184114,1184804,1185308,1185791,1186206,1187215,1187585,1188036,1188062,1188080,1188116,1188121,1188176,1188267,1188268,1188269,1188405,1188445
CVE References: CVE-2021-22555,CVE-2021-33909,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    kernel-debug-5.3.18-lp152.84.1, kernel-default-5.3.18-lp152.84.1, kernel-default-base-5.3.18-lp152.84.1.lp152.8.38.1, kernel-docs-5.3.18-lp152.84.1, kernel-kvmsmall-5.3.18-lp152.84.1, kernel-obs-build-5.3.18-lp152.84.1, kernel-obs-qa-5.3.18-lp152.84.1, kernel-preempt-5.3.18-lp152.84.1, kernel-source-5.3.18-lp152.84.1, kernel-syms-5.3.18-lp152.84.1

Comment 35 Swamp Workflow Management 2021-07-22 16:23:26 UTC

SUSE-SU-2021:2451-1: An update that solves 20 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 1115026,1175462,1179610,1184611,1185724,1185859,1185860,1185861,1185862,1185863,1185898,1185987,1186060,1186062,1186111,1186235,1186390,1186463,1187038,1187050,1187193,1187215,1187388,1187452,1187595,1187601,1187934,1188062,1188063,1188116
CVE References: CVE-2020-24586,CVE-2020-24587,CVE-2020-24588,CVE-2020-26139,CVE-2020-26141,CVE-2020-26145,CVE-2020-26147,CVE-2020-26558,CVE-2020-36385,CVE-2020-36386,CVE-2021-0129,CVE-2021-0512,CVE-2021-0605,CVE-2021-22555,CVE-2021-23134,CVE-2021-32399,CVE-2021-33034,CVE-2021-33909,CVE-2021-34693,CVE-2021-3609
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.147.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.147.1, kernel-source-4.4.180-94.147.1, kernel-syms-4.4.180-94.147.1, kgraft-patch-SLE12-SP3_Update_40-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Swamp Workflow Management 2021-08-03 16:18:27 UTC

SUSE-SU-2021:2599-1: An update that solves four vulnerabilities, contains three features and has 23 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1152472,1152489,1155518,1170511,1179243,1180092,1183871,1184114,1184804,1185308,1185791,1186206,1187215,1187585,1188036,1188080,1188116,1188121,1188176,1188267,1188268,1188269,1188405,1188525
CVE References: CVE-2021-22555,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612
JIRA References: SLE-17042,SLE-17043,SLE-17268
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-45.3, kernel-rt_debug-5.3.18-45.3, kernel-source-rt-5.3.18-45.3, kernel-syms-rt-5.3.18-45.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 46 Swamp Workflow Management 2021-08-05 15:38:13 UTC

SUSE-SU-2021:2599-2: An update that solves four vulnerabilities, contains three features and has 23 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1152472,1152489,1155518,1170511,1179243,1180092,1183871,1184114,1184804,1185308,1185791,1186206,1187215,1187585,1188036,1188080,1188116,1188121,1188176,1188267,1188268,1188269,1188405,1188525
CVE References: CVE-2021-22555,CVE-2021-35039,CVE-2021-3609,CVE-2021-3612
JIRA References: SLE-17042,SLE-17043,SLE-17268
Sources used:
SUSE MicroOS 5.0 (src):    kernel-rt-5.3.18-45.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Swamp Workflow Management 2021-08-10 13:46:23 UTC

SUSE-SU-2021:2643-1: An update that solves 10 vulnerabilities, contains one feature and has 33 fixes is now available.

Category: security (important)
Bug References: 1065729,1085224,1094840,1113295,1153720,1170511,1176724,1176931,1176940,1179195,1181161,1183871,1184114,1184350,1184804,1185032,1185308,1185377,1185791,1185995,1186206,1186482,1186672,1187038,1187050,1187215,1187476,1187585,1187846,1188026,1188062,1188101,1188116,1188273,1188274,1188405,1188620,1188750,1188838,1188842,1188876,1188885,1188973
CVE References: CVE-2020-0429,CVE-2020-36385,CVE-2020-36386,CVE-2021-22543,CVE-2021-22555,CVE-2021-33909,CVE-2021-3609,CVE-2021-3612,CVE-2021-3659,CVE-2021-37576
JIRA References: SLE-10538
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.54.1, kernel-rt_debug-4.12.14-10.54.1, kernel-source-rt-4.12.14-10.54.1, kernel-syms-rt-4.12.14-10.54.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Marcus Meissner 2021-08-16 12:29:18 UTC

released