Bug 1196018 (CVE-2022-28748) - VUL-0: CVE-2022-28748: kernel-source: malicious hardware can cause a leak of kernel memory over the network by ax88179_178a devices
Summary: VUL-0: CVE-2022-28748: kernel-source: malicious hardware can cause a leak of ...
Status: RESOLVED FIXED
Alias: CVE-2022-28748
Product: SUSE Security Incidents
Classification: Novell Products
Component: General (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/323937/
Whiteboard: CVSSv3.1:SUSE:CVE-2022-28748:3.7:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2022-02-16 10:55 UTC by Oliver Neukum
Modified: 2024-06-25 16:38 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Oliver Neukum 2022-02-16 10:55:54 UTC 
This is from upstream:

commit 57bc3d3ae8c14df3ceb4e17d26ddf9eeab304581
Author: Jann Horn <jannh@google.com>
Date:   Wed Jan 26 14:14:52 2022 +0100

    net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
    
    ax88179_rx_fixup() contains several out-of-bounds accesses that can be
    triggered by a malicious (or defective) USB device, in particular:
    
     - The metadata array (hdr_off..hdr_off+2*pkt_cnt) can be out of bounds,
       causing OOB reads and (on big-endian systems) OOB endianness flips.
     - A packet can overlap the metadata array, causing a later OOB
       endianness flip to corrupt data used by a cloned SKB that has already
       been handed off into the network stack.
     - A packet SKB can be constructed whose tail is far beyond its end,
       causing out-of-bounds heap data to be considered part of the SKB's
       data.
    
    I have tested that this can be used by a malicious USB device to send a
    bogus ICMPv6 Echo Request and receive an ICMPv6 Echo Reply in response
    that contains random kernel heap data.
    It's probably also possible to get OOB writes from this on a
    little-endian system somehow - maybe by triggering skb_cow() via IP
    options processing -, but I haven't tested that.

Kernel from v3.9 onwards are vulnerable. As this can lead to a leak over networks this may be worth a CVE. At the very least it needs to go into LTSS kernels.
Comment 1 Gianluca Gabrielli 2022-03-08 16:14:43 UTC 
Affected security-related branches:
 - SLE12-SP5
 - SLE15-SP3
 - SLE15-SP4-GA
 - cve/linux-4.12
 - cve/linux-4.4
 - cve/linux-5.3

Already fixed:
 - stable
 - SLE15-SP4
Comment 2 Gianluca Gabrielli 2022-03-08 16:17:29 UTC 
@Oliver, I guess that what we discussed in bsc#1196836 [0] is true for this issue too. Please correct me if I'm wrong.

[0] https://bugzilla.suse.com/show_bug.cgi?id=1196836#c2
Comment 3 Oliver Neukum 2022-03-17 12:33:01 UTC 
(In reply to Gianluca Gabrielli from comment #2)
> @Oliver, I guess that what we discussed in bsc#1196836 [0] is true for this
> issue too. Please correct me if I'm wrong.
> 
> [0] https://bugzilla.suse.com/show_bug.cgi?id=1196836#c2

Yes, this also needs a CVE.
Comment 4 Gianluca Gabrielli 2022-03-21 09:24:17 UTC 
Do you think I should increase the severity/priority of this one as well? Moreover, could you please share a sum up description of this security bug as you did for the other one [0]?

[0] https://bugzilla.suse.com/show_bug.cgi?id=1196836#c14
Comment 8 Oliver Neukum 2022-04-05 11:08:47 UTC 
(In reply to Gianluca Gabrielli from comment #4)
> Do you think I should increase the severity/priority of this one as well?
> Moreover, could you please share a sum up description of this security bug
> as you did for the other one [0]?
> 
> [0] https://bugzilla.suse.com/show_bug.cgi?id=1196836#c14

Xes, this bug needs its severity increased and we need a CVE
Comment 9 Gianluca Gabrielli 2022-04-05 11:40:35 UTC 
CVE requested to MITRE
Comment 23 Gianluca Gabrielli 2022-04-07 11:48:46 UTC 
CVE-2022-28748 assigned
Comment 29 Swamp Workflow Management 2022-04-12 16:25:15 UTC 
SUSE-SU-2022:1163-1: An update that solves 25 vulnerabilities and has 33 fixes is now available.

Category: security (important)
Bug References: 1065729,1156395,1175667,1177028,1178134,1179639,1180153,1189562,1194589,1194625,1194649,1194943,1195051,1195353,1195640,1195926,1196018,1196130,1196196,1196478,1196488,1196761,1196823,1196956,1197227,1197243,1197245,1197300,1197302,1197331,1197343,1197366,1197389,1197460,1197462,1197501,1197534,1197661,1197675,1197677,1197702,1197811,1197812,1197815,1197817,1197819,1197820,1197888,1197889,1197894,1198027,1198028,1198029,1198030,1198031,1198032,1198033,1198077
CVE References: CVE-2021-39698,CVE-2021-45402,CVE-2021-45868,CVE-2022-0850,CVE-2022-0854,CVE-2022-1011,CVE-2022-1016,CVE-2022-1048,CVE-2022-1055,CVE-2022-1195,CVE-2022-1198,CVE-2022-1199,CVE-2022-1205,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-27223,CVE-2022-27666,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.53.1, kernel-source-azure-5.3.18-150300.38.53.1, kernel-syms-azure-5.3.18-150300.38.53.1
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.53.1, kernel-source-azure-5.3.18-150300.38.53.1, kernel-syms-azure-5.3.18-150300.38.53.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2022-04-13 19:21:39 UTC 
SUSE-SU-2022:1183-1: An update that solves 15 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 1065729,1156395,1175667,1177028,1178134,1179639,1180153,1189562,1194649,1195640,1195926,1196018,1196196,1196478,1196761,1196823,1197227,1197243,1197300,1197302,1197331,1197343,1197366,1197389,1197462,1197501,1197534,1197661,1197675,1197702,1197811,1197812,1197815,1197817,1197819,1197820,1197888,1197889,1197894,1197914,1198027,1198028,1198029,1198030,1198031,1198032,1198033
CVE References: CVE-2021-45868,CVE-2022-0850,CVE-2022-0854,CVE-2022-1011,CVE-2022-1016,CVE-2022-1048,CVE-2022-1055,CVE-2022-1195,CVE-2022-1198,CVE-2022-1199,CVE-2022-1205,CVE-2022-27666,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.63.1, kernel-preempt-5.3.18-150300.59.63.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.63.1, kernel-64kb-5.3.18-150300.59.63.1, kernel-debug-5.3.18-150300.59.63.1, kernel-default-5.3.18-150300.59.63.1, kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1, kernel-docs-5.3.18-150300.59.63.1, kernel-kvmsmall-5.3.18-150300.59.63.1, kernel-obs-build-5.3.18-150300.59.63.1, kernel-obs-qa-5.3.18-150300.59.63.1, kernel-preempt-5.3.18-150300.59.63.1, kernel-source-5.3.18-150300.59.63.1, kernel-syms-5.3.18-150300.59.63.1, kernel-zfcpdump-5.3.18-150300.59.63.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.63.1, kernel-preempt-5.3.18-150300.59.63.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.63.1, kernel-livepatch-SLE15-SP3_Update_17-1-150300.7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.63.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.63.1, kernel-obs-build-5.3.18-150300.59.63.1, kernel-preempt-5.3.18-150300.59.63.1, kernel-source-5.3.18-150300.59.63.1, kernel-syms-5.3.18-150300.59.63.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.63.1, kernel-default-5.3.18-150300.59.63.1, kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1, kernel-preempt-5.3.18-150300.59.63.1, kernel-source-5.3.18-150300.59.63.1, kernel-zfcpdump-5.3.18-150300.59.63.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.63.1, kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.63.1, kernel-default-base-5.3.18-150300.59.63.1.150300.18.39.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.63.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2022-04-14 10:22:12 UTC 
SUSE-SU-2022:1196-1: An update that solves 22 vulnerabilities, contains three features and has 39 fixes is now available.

Category: security (important)
Bug References: 1065729,1114648,1180153,1184207,1189562,1191428,1191451,1191580,1192273,1193738,1194163,1194541,1194580,1194586,1194590,1194591,1194943,1195051,1195353,1195403,1195480,1195482,1196018,1196114,1196339,1196367,1196468,1196478,1196488,1196514,1196639,1196657,1196723,1196761,1196830,1196836,1196901,1196942,1196973,1196999,1197099,1197227,1197331,1197366,1197462,1197531,1197661,1197675,1197754,1197755,1197756,1197757,1197758,1197760,1197763,1197806,1197894,1197914,1198031,1198032,1198033
CVE References: CVE-2021-39713,CVE-2021-45868,CVE-2022-0001,CVE-2022-0002,CVE-2022-0812,CVE-2022-0850,CVE-2022-1016,CVE-2022-1048,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-23960,CVE-2022-26490,CVE-2022-26966,CVE-2022-27666,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: SLE-15288,SLE-18234,SLE-24125
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.116.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.116.1, kernel-obs-build-4.12.14-122.116.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.116.1, kernel-source-4.12.14-122.116.1, kernel-syms-4.12.14-122.116.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.116.1, kgraft-patch-SLE12-SP5_Update_30-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.116.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 32 Swamp Workflow Management 2022-04-14 13:21:23 UTC 
SUSE-SU-2022:1197-1: An update that solves 21 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 1179639,1189562,1193731,1194943,1195051,1195254,1195353,1195403,1195939,1196018,1196196,1196468,1196488,1196761,1196823,1196830,1196836,1196956,1197227,1197331,1197366,1197389,1197462,1197702,1197914,1198031,1198032,1198033
CVE References: CVE-2021-0920,CVE-2021-39698,CVE-2021-45868,CVE-2022-0850,CVE-2022-0854,CVE-2022-1016,CVE-2022-1048,CVE-2022-1055,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-26490,CVE-2022-26966,CVE-2022-27666,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-obs-build-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-obs-build-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-obs-build-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Linux Enterprise Realtime Extension 15-SP2 (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.112.1, kernel-livepatch-SLE15-SP2_Update_26-1-150200.5.5.1
SUSE Linux Enterprise Micro 5.0 (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-obs-build-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-obs-build-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.112.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.112.1, kernel-default-base-5.3.18-150200.24.112.1.150200.9.52.2, kernel-docs-5.3.18-150200.24.112.1, kernel-obs-build-5.3.18-150200.24.112.1, kernel-preempt-5.3.18-150200.24.112.1, kernel-source-5.3.18-150200.24.112.1, kernel-syms-5.3.18-150200.24.112.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 34 Swamp Workflow Management 2022-04-19 13:24:02 UTC 
SUSE-SU-2022:1257-1: An update that solves 33 vulnerabilities, contains one feature and has 9 fixes is now available.

Category: security (important)
Bug References: 1179639,1189126,1189562,1193731,1194516,1194943,1195051,1195254,1195286,1195353,1195403,1195516,1195543,1195612,1195897,1195905,1195939,1195987,1196018,1196079,1196095,1196155,1196196,1196235,1196468,1196488,1196612,1196761,1196776,1196823,1196830,1196836,1196956,1197227,1197331,1197366,1197389,1197462,1197702,1198031,1198032,1198033
CVE References: CVE-2021-0920,CVE-2021-39698,CVE-2021-44879,CVE-2021-45868,CVE-2022-0487,CVE-2022-0492,CVE-2022-0516,CVE-2022-0617,CVE-2022-0644,CVE-2022-0850,CVE-2022-0854,CVE-2022-1016,CVE-2022-1048,CVE-2022-1055,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-24448,CVE-2022-24958,CVE-2022-24959,CVE-2022-25258,CVE-2022-25375,CVE-2022-26490,CVE-2022-26966,CVE-2022-27666,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390,CVE-2022-28748
JIRA References: SLE-23652
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP2 (src):    kernel-rt-5.3.18-150200.79.2, kernel-rt_debug-5.3.18-150200.79.2, kernel-source-rt-5.3.18-150200.79.2, kernel-syms-rt-5.3.18-150200.79.1
SUSE Linux Enterprise Micro 5.0 (src):    kernel-rt-5.3.18-150200.79.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 35 Swamp Workflow Management 2022-04-19 13:29:10 UTC 
SUSE-SU-2022:1255-1: An update that solves 20 vulnerabilities, contains one feature and has three fixes is now available.

Category: security (important)
Bug References: 1189562,1194943,1195051,1195353,1196018,1196114,1196468,1196488,1196514,1196639,1196761,1196830,1196836,1196942,1196973,1197131,1197227,1197331,1197366,1197391,1198031,1198032,1198033
CVE References: CVE-2021-39713,CVE-2021-45868,CVE-2022-0812,CVE-2022-0850,CVE-2022-0886,CVE-2022-1016,CVE-2022-1048,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-26490,CVE-2022-26966,CVE-2022-28356,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: SLE-18234
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150000.150.89.1, kernel-docs-4.12.14-150000.150.89.1, kernel-obs-build-4.12.14-150000.150.89.1, kernel-source-4.12.14-150000.150.89.1, kernel-syms-4.12.14-150000.150.89.1, kernel-vanilla-4.12.14-150000.150.89.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150000.150.89.1, kernel-docs-4.12.14-150000.150.89.1, kernel-obs-build-4.12.14-150000.150.89.1, kernel-source-4.12.14-150000.150.89.1, kernel-syms-4.12.14-150000.150.89.1, kernel-vanilla-4.12.14-150000.150.89.1, kernel-zfcpdump-4.12.14-150000.150.89.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150000.150.89.1, kernel-livepatch-SLE15_Update_29-1-150000.1.3.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150000.150.89.1, kernel-docs-4.12.14-150000.150.89.1, kernel-obs-build-4.12.14-150000.150.89.1, kernel-source-4.12.14-150000.150.89.1, kernel-syms-4.12.14-150000.150.89.1, kernel-vanilla-4.12.14-150000.150.89.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150000.150.89.1, kernel-docs-4.12.14-150000.150.89.1, kernel-obs-build-4.12.14-150000.150.89.1, kernel-source-4.12.14-150000.150.89.1, kernel-syms-4.12.14-150000.150.89.1, kernel-vanilla-4.12.14-150000.150.89.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150000.150.89.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2022-04-19 13:33:52 UTC 
SUSE-SU-2022:1256-1: An update that solves 19 vulnerabilities, contains two features and has 6 fixes is now available.

Category: security (important)
Bug References: 1189562,1193738,1194943,1195051,1195254,1195353,1196018,1196114,1196433,1196468,1196488,1196514,1196639,1196761,1196830,1196836,1196942,1196973,1197227,1197331,1197366,1197391,1198031,1198032,1198033
CVE References: CVE-2021-39713,CVE-2021-45868,CVE-2022-0812,CVE-2022-0850,CVE-2022-1016,CVE-2022-1048,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-26490,CVE-2022-26966,CVE-2022-28356,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: SLE-18234,SLE-23652
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-150100.197.111.1, kernel-default-4.12.14-150100.197.111.1, kernel-kvmsmall-4.12.14-150100.197.111.1, kernel-vanilla-4.12.14-150100.197.111.1, kernel-zfcpdump-4.12.14-150100.197.111.1
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-150100.197.111.1, kernel-default-4.12.14-150100.197.111.1, kernel-kvmsmall-4.12.14-150100.197.111.1, kernel-vanilla-4.12.14-150100.197.111.1, kernel-zfcpdump-4.12.14-150100.197.111.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-150100.197.111.1, kernel-docs-4.12.14-150100.197.111.1, kernel-obs-build-4.12.14-150100.197.111.1, kernel-source-4.12.14-150100.197.111.1, kernel-syms-4.12.14-150100.197.111.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.111.1, kernel-docs-4.12.14-150100.197.111.1, kernel-obs-build-4.12.14-150100.197.111.1, kernel-source-4.12.14-150100.197.111.1, kernel-syms-4.12.14-150100.197.111.1, kernel-zfcpdump-4.12.14-150100.197.111.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-150100.197.111.1, kernel-docs-4.12.14-150100.197.111.1, kernel-obs-build-4.12.14-150100.197.111.1, kernel-source-4.12.14-150100.197.111.1, kernel-syms-4.12.14-150100.197.111.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-150100.197.111.1, kernel-livepatch-SLE15-SP1_Update_30-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.111.1, kernel-docs-4.12.14-150100.197.111.1, kernel-obs-build-4.12.14-150100.197.111.1, kernel-source-4.12.14-150100.197.111.1, kernel-syms-4.12.14-150100.197.111.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-150100.197.111.1, kernel-docs-4.12.14-150100.197.111.1, kernel-obs-build-4.12.14-150100.197.111.1, kernel-source-4.12.14-150100.197.111.1, kernel-syms-4.12.14-150100.197.111.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-150100.197.111.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-150100.197.111.1, kernel-docs-4.12.14-150100.197.111.1, kernel-obs-build-4.12.14-150100.197.111.1, kernel-source-4.12.14-150100.197.111.1, kernel-syms-4.12.14-150100.197.111.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-150100.197.111.1, kernel-docs-4.12.14-150100.197.111.1, kernel-obs-build-4.12.14-150100.197.111.1, kernel-source-4.12.14-150100.197.111.1, kernel-syms-4.12.14-150100.197.111.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 37 Swamp Workflow Management 2022-04-19 16:28:12 UTC 
SUSE-SU-2022:1266-1: An update that solves 20 vulnerabilities, contains three features and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1114648,1180153,1184207,1189562,1191428,1191451,1192273,1193738,1194163,1194541,1194580,1194586,1194590,1194591,1194943,1195051,1195353,1195403,1195480,1195482,1196018,1196114,1196339,1196367,1196468,1196478,1196488,1196514,1196639,1196723,1196761,1196830,1196836,1196942,1196973,1196999,1197099,1197227,1197331,1197366,1197391,1197462,1197531,1197661,1197675,1197754,1197755,1197756,1197757,1197758,1197760,1197763,1197806,1197894,1198031,1198032,1198033
CVE References: CVE-2021-39713,CVE-2021-45868,CVE-2022-0812,CVE-2022-0850,CVE-2022-1016,CVE-2022-1048,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-26490,CVE-2022-26966,CVE-2022-27666,CVE-2022-28356,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: SLE-15288,SLE-18234,SLE-24125
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.94.1, kernel-source-azure-4.12.14-16.94.1, kernel-syms-azure-4.12.14-16.94.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2022-04-19 16:32:40 UTC 
SUSE-SU-2022:1267-1: An update that solves 20 vulnerabilities, contains one feature and has 7 fixes is now available.

Category: security (important)
Bug References: 1180153,1189562,1193738,1194943,1195051,1195353,1196018,1196114,1196468,1196488,1196514,1196573,1196639,1196761,1196830,1196836,1196942,1196973,1197211,1197227,1197331,1197366,1197391,1197462,1198031,1198032,1198033
CVE References: CVE-2021-39713,CVE-2021-45868,CVE-2022-0812,CVE-2022-0850,CVE-2022-1016,CVE-2022-1048,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-26490,CVE-2022-26966,CVE-2022-27666,CVE-2022-28356,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: SLE-18234
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.96.1, kernel-source-4.12.14-95.96.1, kernel-syms-4.12.14-95.96.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.96.1, kernel-source-4.12.14-95.96.1, kernel-syms-4.12.14-95.96.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.96.1, kernel-source-4.12.14-95.96.1, kernel-syms-4.12.14-95.96.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.96.1, kernel-source-4.12.14-95.96.1, kernel-syms-4.12.14-95.96.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.96.1, kgraft-patch-SLE12-SP4_Update_26-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.96.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 Swamp Workflow Management 2022-04-20 10:22:35 UTC 
SUSE-SU-2022:1270-1: An update that fixes 13 vulnerabilities is now available.

Category: security (important)
Bug References: 1189562,1196018,1196488,1196761,1196830,1196836,1197227,1197331,1197366
CVE References: CVE-2021-45868,CVE-2022-0850,CVE-2022-1016,CVE-2022-1048,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-26490,CVE-2022-26966
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.161.1, kernel-source-4.4.180-94.161.1, kernel-syms-4.4.180-94.161.1, kgraft-patch-SLE12-SP3_Update_44-1-4.5.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.161.1, kernel-source-4.4.180-94.161.1, kernel-syms-4.4.180-94.161.1, kgraft-patch-SLE12-SP3_Update_44-1-4.5.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.161.1, kernel-source-4.4.180-94.161.1, kernel-syms-4.4.180-94.161.1, kgraft-patch-SLE12-SP3_Update_44-1-4.5.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.161.1, kernel-source-4.4.180-94.161.1, kernel-syms-4.4.180-94.161.1, kgraft-patch-SLE12-SP3_Update_44-1-4.5.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.161.1, kernel-source-4.4.180-94.161.1, kernel-syms-4.4.180-94.161.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.161.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.161.1, kernel-source-4.4.180-94.161.1, kernel-syms-4.4.180-94.161.1, kgraft-patch-SLE12-SP3_Update_44-1-4.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Swamp Workflow Management 2022-04-20 16:21:14 UTC 
SUSE-SU-2022:1283-1: An update that fixes 13 vulnerabilities is now available.

Category: security (important)
Bug References: 1189562,1196018,1196488,1196761,1196830,1196836,1197227,1197331,1197366
CVE References: CVE-2021-45868,CVE-2022-0850,CVE-2022-1016,CVE-2022-1048,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-26490,CVE-2022-26966
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.172.1, kernel-source-4.4.121-92.172.1, kernel-syms-4.4.121-92.172.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Oliver Neukum 2022-04-26 08:07:27 UTC 
added patches and subsequently cve numbers to affected branches
Comment 44 Swamp Workflow Management 2022-04-26 10:21:16 UTC 
SUSE-SU-2022:1402-1: An update that solves 20 vulnerabilities, contains three features and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1114648,1180153,1184207,1189562,1191428,1191451,1192273,1193738,1194163,1194541,1194580,1194586,1194590,1194591,1194943,1195051,1195353,1195403,1195480,1195482,1196018,1196114,1196339,1196367,1196468,1196478,1196488,1196514,1196639,1196723,1196761,1196830,1196836,1196942,1196973,1196999,1197099,1197227,1197331,1197366,1197391,1197462,1197531,1197661,1197675,1197754,1197755,1197756,1197757,1197758,1197760,1197763,1197806,1197894,1198031,1198032,1198033
CVE References: CVE-2021-39713,CVE-2021-45868,CVE-2022-0812,CVE-2022-0850,CVE-2022-1016,CVE-2022-1048,CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042,CVE-2022-26490,CVE-2022-26966,CVE-2022-27666,CVE-2022-28356,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: SLE-15288,SLE-18234,SLE-24125
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.84.1, kernel-rt_debug-4.12.14-10.84.1, kernel-source-rt-4.12.14-10.84.1, kernel-syms-rt-4.12.14-10.84.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Swamp Workflow Management 2022-04-26 16:20:46 UTC 
SUSE-SU-2022:1407-1: An update that solves 15 vulnerabilities and has 34 fixes is now available.

Category: security (important)
Bug References: 1065729,1156395,1175667,1177028,1178134,1179639,1180153,1189562,1194625,1194649,1195640,1195926,1196018,1196196,1196478,1196761,1196823,1197227,1197243,1197300,1197302,1197331,1197343,1197366,1197389,1197462,1197501,1197534,1197661,1197675,1197677,1197702,1197811,1197812,1197815,1197817,1197819,1197820,1197888,1197889,1197894,1198027,1198028,1198029,1198030,1198031,1198032,1198033,1198077
CVE References: CVE-2021-45868,CVE-2022-0850,CVE-2022-0854,CVE-2022-1011,CVE-2022-1016,CVE-2022-1048,CVE-2022-1055,CVE-2022-1195,CVE-2022-1198,CVE-2022-1199,CVE-2022-1205,CVE-2022-27666,CVE-2022-28388,CVE-2022-28389,CVE-2022-28390
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.85.1, kernel-rt_debug-5.3.18-150300.85.1, kernel-source-rt-5.3.18-150300.85.1, kernel-syms-rt-5.3.18-150300.85.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.85.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.85.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 58 Gabriele Sonnu 2022-05-11 12:59:45 UTC 
Done
Comment 59 Swamp Workflow Management 2022-05-12 19:17:43 UTC 
SUSE-SU-2022:1651-1: An update that solves 13 vulnerabilities and has 20 fixes is now available.

Category: security (important)
Bug References: 1028340,1065729,1071995,1084513,1114648,1121726,1129770,1137728,1172456,1183723,1187055,1191647,1191958,1194625,1196018,1196247,1196657,1196901,1197075,1197343,1197663,1197888,1197914,1198217,1198228,1198400,1198413,1198516,1198660,1198687,1198742,1198825,1199012
CVE References: CVE-2018-7755,CVE-2019-20811,CVE-2021-20292,CVE-2021-20321,CVE-2021-38208,CVE-2021-43389,CVE-2022-1011,CVE-2022-1280,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-23960,CVE-2022-28748
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.97.1, kernel-source-azure-4.12.14-16.97.1, kernel-syms-azure-4.12.14-16.97.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 60 Swamp Workflow Management 2022-05-16 13:22:53 UTC 
SUSE-SU-2022:1669-1: An update that solves 16 vulnerabilities, contains 6 features and has 29 fixes is now available.

Category: security (important)
Bug References: 1028340,1071995,1137728,1152472,1152489,1177028,1179878,1182073,1183723,1187055,1191647,1193556,1193842,1194625,1195651,1195926,1196018,1196114,1196367,1196514,1196639,1196942,1197157,1197391,1197656,1197660,1197677,1197914,1197926,1198077,1198217,1198330,1198400,1198413,1198437,1198448,1198484,1198515,1198516,1198534,1198742,1198825,1198989,1199012,1199024
CVE References: CVE-2020-27835,CVE-2021-0707,CVE-2021-20292,CVE-2021-20321,CVE-2021-38208,CVE-2021-4154,CVE-2022-0812,CVE-2022-1158,CVE-2022-1280,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-28356,CVE-2022-28748,CVE-2022-28893,CVE-2022-29156
JIRA References: SLE-13208,SLE-13513,SLE-15172,SLE-15175,SLE-18234,SLE-8449
Sources used:
SUSE Linux Enterprise Realtime Extension 15-SP3 (src):    release-notes-sle_rt-15.3.20220422-150300.3.3.2
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.88.2, kernel-rt_debug-5.3.18-150300.88.2, kernel-source-rt-5.3.18-150300.88.2, kernel-syms-rt-5.3.18-150300.88.1, release-notes-sle_rt-15.3.20220422-150300.3.3.2
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.88.2
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.88.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 61 Swamp Workflow Management 2022-05-16 13:27:04 UTC 
SUSE-SU-2022:1668-1: An update that solves 13 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1028340,1071995,1084513,1114648,1121726,1129770,1137728,1172456,1183723,1187055,1191647,1191958,1194625,1195651,1196018,1196247,1197075,1197343,1197391,1197663,1197888,1197914,1198217,1198413,1198516,1198687,1198742,1198825,1198989,1199012
CVE References: CVE-2018-7755,CVE-2019-20811,CVE-2021-20292,CVE-2021-20321,CVE-2021-38208,CVE-2021-43389,CVE-2022-1011,CVE-2022-1280,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-28356,CVE-2022-28748
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.89.1, kernel-rt_debug-4.12.14-10.89.1, kernel-source-rt-4.12.14-10.89.1, kernel-syms-rt-4.12.14-10.89.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 62 Swamp Workflow Management 2022-05-16 13:36:46 UTC 
SUSE-SU-2022:1676-1: An update that solves 16 vulnerabilities, contains 6 features and has 25 fixes is now available.

Category: security (important)
Bug References: 1028340,1065729,1071995,1121726,1137728,1152489,1177028,1179878,1182073,1183723,1187055,1191647,1193556,1193842,1195926,1196018,1196114,1196367,1196514,1196639,1196942,1197157,1197391,1197656,1197660,1197914,1197926,1198217,1198330,1198400,1198413,1198437,1198448,1198484,1198515,1198516,1198660,1198742,1198825,1199012,1199024
CVE References: CVE-2020-27835,CVE-2021-0707,CVE-2021-20292,CVE-2021-20321,CVE-2021-38208,CVE-2021-4154,CVE-2022-0812,CVE-2022-1158,CVE-2022-1280,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-28356,CVE-2022-28748,CVE-2022-28893,CVE-2022-29156
JIRA References: SLE-13208,SLE-13513,SLE-15172,SLE-15175,SLE-15176,SLE-8449
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.56.1, kernel-source-azure-5.3.18-150300.38.56.1, kernel-syms-azure-5.3.18-150300.38.56.1
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.56.1, kernel-source-azure-5.3.18-150300.38.56.1, kernel-syms-azure-5.3.18-150300.38.56.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 63 Swamp Workflow Management 2022-05-16 16:23:06 UTC 
SUSE-SU-2022:1687-1: An update that solves 16 vulnerabilities, contains 6 features and has 29 fixes is now available.

Category: security (important)
Bug References: 1028340,1071995,1137728,1152472,1152489,1177028,1179878,1182073,1183723,1187055,1191647,1193556,1193842,1194625,1195651,1195926,1196018,1196114,1196367,1196514,1196639,1196942,1197157,1197391,1197656,1197660,1197677,1197914,1197926,1198077,1198217,1198330,1198400,1198413,1198437,1198448,1198484,1198515,1198516,1198534,1198742,1198825,1198989,1199012,1199024
CVE References: CVE-2020-27835,CVE-2021-0707,CVE-2021-20292,CVE-2021-20321,CVE-2021-38208,CVE-2021-4154,CVE-2022-0812,CVE-2022-1158,CVE-2022-1280,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-28356,CVE-2022-28748,CVE-2022-28893,CVE-2022-29156
JIRA References: SLE-13208,SLE-13513,SLE-15172,SLE-15175,SLE-18234,SLE-8449
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.68.1, kernel-preempt-5.3.18-150300.59.68.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.68.1, kernel-64kb-5.3.18-150300.59.68.1, kernel-debug-5.3.18-150300.59.68.1, kernel-default-5.3.18-150300.59.68.1, kernel-default-base-5.3.18-150300.59.68.1.150300.18.41.3, kernel-docs-5.3.18-150300.59.68.1, kernel-kvmsmall-5.3.18-150300.59.68.1, kernel-obs-build-5.3.18-150300.59.68.1, kernel-obs-qa-5.3.18-150300.59.68.1, kernel-preempt-5.3.18-150300.59.68.1, kernel-source-5.3.18-150300.59.68.1, kernel-syms-5.3.18-150300.59.68.1, kernel-zfcpdump-5.3.18-150300.59.68.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.68.1, kernel-preempt-5.3.18-150300.59.68.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.68.1, kernel-livepatch-SLE15-SP3_Update_18-1-150300.7.5.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.68.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.68.1, kernel-obs-build-5.3.18-150300.59.68.1, kernel-preempt-5.3.18-150300.59.68.1, kernel-source-5.3.18-150300.59.68.1, kernel-syms-5.3.18-150300.59.68.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.68.1, kernel-default-5.3.18-150300.59.68.1, kernel-default-base-5.3.18-150300.59.68.1.150300.18.41.3, kernel-preempt-5.3.18-150300.59.68.1, kernel-source-5.3.18-150300.59.68.1, kernel-zfcpdump-5.3.18-150300.59.68.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.68.1, kernel-default-base-5.3.18-150300.59.68.1.150300.18.41.3
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.68.1, kernel-default-base-5.3.18-150300.59.68.1.150300.18.41.3
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.68.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 64 Swamp Workflow Management 2022-05-16 16:28:12 UTC 
SUSE-SU-2022:1686-1: An update that solves 13 vulnerabilities and has 16 fixes is now available.

Category: security (important)
Bug References: 1028340,1071995,1084513,1114648,1121726,1129770,1137728,1172456,1183723,1187055,1191647,1191958,1194625,1196018,1196247,1197075,1197343,1197391,1197663,1197888,1197914,1198217,1198413,1198516,1198687,1198742,1198825,1198989,1199012
CVE References: CVE-2018-7755,CVE-2019-20811,CVE-2021-20292,CVE-2021-20321,CVE-2021-38208,CVE-2021-43389,CVE-2022-1011,CVE-2022-1280,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-28356,CVE-2022-28748
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.121.2
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.121.2, kernel-obs-build-4.12.14-122.121.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.121.2, kernel-source-4.12.14-122.121.2, kernel-syms-4.12.14-122.121.2
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.121.2, kgraft-patch-SLE12-SP5_Update_31-1-8.5.2
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.121.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 77 Swamp Workflow Management 2022-06-17 13:19:32 UTC 
SUSE-SU-2022:2111-1: An update that solves 30 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1028340,1055710,1065729,1071995,1084513,1087082,1114648,1158266,1172456,1177282,1182171,1183723,1187055,1191647,1191958,1195065,1195651,1196018,1196367,1196426,1196999,1197219,1197343,1197663,1198400,1198516,1198577,1198660,1198687,1198742,1198777,1198825,1199012,1199063,1199314,1199399,1199426,1199505,1199507,1199605,1199650,1200143,1200144,1200249
CVE References: CVE-2017-13695,CVE-2018-7755,CVE-2019-19377,CVE-2019-20811,CVE-2020-26541,CVE-2021-20292,CVE-2021-20321,CVE-2021-33061,CVE-2021-38208,CVE-2021-39711,CVE-2021-43389,CVE-2022-1011,CVE-2022-1184,CVE-2022-1353,CVE-2022-1419,CVE-2022-1516,CVE-2022-1652,CVE-2022-1729,CVE-2022-1734,CVE-2022-1974,CVE-2022-1975,CVE-2022-21123,CVE-2022-21125,CVE-2022-21127,CVE-2022-21166,CVE-2022-21180,CVE-2022-21499,CVE-2022-22942,CVE-2022-28748,CVE-2022-30594
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-150100.197.114.2, kernel-default-4.12.14-150100.197.114.2, kernel-kvmsmall-4.12.14-150100.197.114.2, kernel-vanilla-4.12.14-150100.197.114.2, kernel-zfcpdump-4.12.14-150100.197.114.2
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-150100.197.114.2, kernel-default-4.12.14-150100.197.114.2, kernel-kvmsmall-4.12.14-150100.197.114.2, kernel-vanilla-4.12.14-150100.197.114.2, kernel-zfcpdump-4.12.14-150100.197.114.2
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2, kernel-zfcpdump-4.12.14-150100.197.114.2
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-150100.197.114.2, kernel-livepatch-SLE15-SP1_Update_31-1-150100.3.3.2
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-150100.197.114.2
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-150100.197.114.2, kernel-docs-4.12.14-150100.197.114.2, kernel-obs-build-4.12.14-150100.197.114.2, kernel-source-4.12.14-150100.197.114.2, kernel-syms-4.12.14-150100.197.114.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 97 Swamp Workflow Management 2022-11-08 14:32:14 UTC 
SUSE-SU-2022:3897-1: An update that solves 33 vulnerabilities, contains one feature and has 15 fixes is now available.

Category: security (important)
Bug References: 1032323,1065729,1152489,1196018,1198702,1200465,1200788,1201725,1202638,1202686,1202700,1203066,1203098,1203290,1203387,1203391,1203496,1203514,1203770,1203802,1204051,1204053,1204059,1204060,1204125,1204166,1204168,1204354,1204355,1204382,1204402,1204415,1204417,1204431,1204439,1204470,1204479,1204574,1204575,1204619,1204635,1204637,1204646,1204647,1204653,1204728,1204753,1204754
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-3176,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3623,CVE-2022-3625,CVE-2022-3629,CVE-2022-3640,CVE-2022-3646,CVE-2022-3649,CVE-2022-39189,CVE-2022-40768,CVE-2022-41674,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-43750
JIRA References: PED-1931
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.83.1, kernel-source-azure-5.3.18-150300.38.83.1, kernel-syms-azure-5.3.18-150300.38.83.1
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.83.1, kernel-source-azure-5.3.18-150300.38.83.1, kernel-syms-azure-5.3.18-150300.38.83.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 98 Swamp Workflow Management 2022-11-10 14:25:59 UTC 
SUSE-SU-2022:3929-1: An update that solves 25 vulnerabilities, contains four features and has 13 fixes is now available.

Category: security (important)
Bug References: 1032323,1065729,1196018,1198702,1200465,1200788,1201725,1202686,1202700,1203066,1203098,1203387,1203391,1203496,1204053,1204166,1204168,1204354,1204355,1204382,1204402,1204415,1204417,1204431,1204439,1204470,1204479,1204574,1204575,1204619,1204635,1204637,1204646,1204647,1204653,1204728,1204753,1204754
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3176,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3625,CVE-2022-3629,CVE-2022-3640,CVE-2022-3646,CVE-2022-3649,CVE-2022-39189,CVE-2022-42703,CVE-2022-43750
JIRA References: PED-1931,SLE-13847,SLE-24559,SLE-9246
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-rt-5.3.18-150300.109.1
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.109.1, kernel-rt_debug-5.3.18-150300.109.1, kernel-source-rt-5.3.18-150300.109.1, kernel-syms-rt-5.3.18-150300.109.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.109.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 99 Swamp Workflow Management 2022-11-15 20:23:13 UTC 
SUSE-SU-2022:3998-1: An update that solves 37 vulnerabilities, contains 25 features and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1152472,1152489,1188238,1194869,1196018,1196632,1199904,1200567,1200692,1200788,1202187,1202686,1202700,1202914,1203098,1203229,1203290,1203435,1203514,1203699,1203701,1203767,1203770,1203802,1203922,1203979,1204017,1204051,1204059,1204060,1204125,1204142,1204166,1204168,1204171,1204241,1204353,1204354,1204355,1204402,1204413,1204415,1204417,1204428,1204431,1204439,1204470,1204479,1204498,1204533,1204569,1204574,1204575,1204619,1204635,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204753,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970
CVE References: CVE-2022-1882,CVE-2022-2153,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3640,CVE-2022-3646,CVE-2022-3649,CVE-2022-40476,CVE-2022-40768,CVE-2022-41674,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-43750
JIRA References: PED-1082,PED-1084,PED-1085,PED-1096,PED-1211,PED-1649,PED-634,PED-676,PED-678,PED-679,PED-707,PED-732,PED-813,PED-817,PED-822,PED-825,PED-833,PED-842,PED-846,PED-850,PED-851,PED-856,PED-857,SLE-13847,SLE-9246
Sources used:
openSUSE Leap 15.4 (src):    kernel-azure-5.14.21-150400.14.21.2, kernel-source-azure-5.14.21-150400.14.21.1, kernel-syms-azure-5.14.21-150400.14.21.1
SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src):    kernel-azure-5.14.21-150400.14.21.2, kernel-source-azure-5.14.21-150400.14.21.1, kernel-syms-azure-5.14.21-150400.14.21.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 100 Swamp Workflow Management 2022-11-18 17:27:36 UTC 
SUSE-SU-2022:4072-1: An update that solves 32 vulnerabilities, contains 25 features and has 36 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1152472,1152489,1188238,1194869,1196018,1196632,1199904,1200567,1200692,1200788,1202187,1202686,1202700,1202914,1203098,1203229,1203290,1203435,1203514,1203699,1203767,1203802,1203922,1204017,1204142,1204166,1204168,1204171,1204241,1204353,1204354,1204355,1204402,1204413,1204415,1204417,1204428,1204431,1204439,1204470,1204479,1204498,1204533,1204569,1204574,1204575,1204619,1204635,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204753,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970
CVE References: CVE-2022-1882,CVE-2022-2153,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3640,CVE-2022-3646,CVE-2022-3649,CVE-2022-40476,CVE-2022-40768,CVE-2022-42703,CVE-2022-43750
JIRA References: PED-1082,PED-1084,PED-1085,PED-1096,PED-1211,PED-1649,PED-634,PED-676,PED-678,PED-679,PED-707,PED-732,PED-813,PED-817,PED-822,PED-825,PED-833,PED-842,PED-846,PED-850,PED-851,PED-856,PED-857,SLE-13847,SLE-9246
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.33.1, kernel-64kb-5.14.21-150400.24.33.2, kernel-debug-5.14.21-150400.24.33.2, kernel-default-5.14.21-150400.24.33.2, kernel-default-base-5.14.21-150400.24.33.2.150400.24.11.4, kernel-docs-5.14.21-150400.24.33.2, kernel-kvmsmall-5.14.21-150400.24.33.2, kernel-obs-build-5.14.21-150400.24.33.1, kernel-obs-qa-5.14.21-150400.24.33.1, kernel-source-5.14.21-150400.24.33.1, kernel-syms-5.14.21-150400.24.33.1, kernel-zfcpdump-5.14.21-150400.24.33.2
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.33.2
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.33.2, kernel-livepatch-SLE15-SP4_Update_5-1-150400.9.3.4
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.33.2
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.33.2, kernel-obs-build-5.14.21-150400.24.33.1, kernel-source-5.14.21-150400.24.33.1, kernel-syms-5.14.21-150400.24.33.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.33.2, kernel-default-5.14.21-150400.24.33.2, kernel-default-base-5.14.21-150400.24.33.2.150400.24.11.4, kernel-source-5.14.21-150400.24.33.1, kernel-zfcpdump-5.14.21-150400.24.33.2
SUSE Linux Enterprise Micro 5.3 (src):    kernel-default-5.14.21-150400.24.33.2, kernel-default-base-5.14.21-150400.24.33.2.150400.24.11.4
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.33.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 101 Swamp Workflow Management 2022-11-29 17:35:19 UTC 
SUSE-SU-2022:4273-1: An update that solves 21 vulnerabilities and has 11 fixes is now available.

Category: security (important)
Bug References: 1032323,1065729,1196018,1198702,1200788,1202686,1202972,1203098,1203142,1203198,1203254,1203290,1203322,1203387,1203514,1203802,1204166,1204168,1204241,1204354,1204355,1204402,1204415,1204431,1204439,1204479,1204574,1204635,1204646,1204647,1204653,1204755
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3629,CVE-2022-3646,CVE-2022-3649,CVE-2022-40307,CVE-2022-40768,CVE-2022-42703,CVE-2022-43750
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.115.1, kernel-source-azure-4.12.14-16.115.1, kernel-syms-azure-4.12.14-16.115.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 119 Swamp Workflow Management 2022-12-19 17:22:10 UTC 
SUSE-SU-2022:4561-1: An update that solves 31 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 1012382,1129898,1177282,1196018,1198702,1202097,1202686,1203008,1203290,1203322,1203514,1203960,1203987,1204166,1204168,1204170,1204354,1204402,1204414,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205128,1205130,1205220,1205514,1205671,1205796,1206091
CVE References: CVE-2019-3874,CVE-2020-26541,CVE-2021-4037,CVE-2022-2663,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3524,CVE-2022-3542,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-42703,CVE-2022-43750,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.196.2, kernel-source-4.4.121-92.196.2, kernel-syms-4.4.121-92.196.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 121 Swamp Workflow Management 2022-12-19 20:31:44 UTC 
SUSE-SU-2022:4573-1: An update that solves 38 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1196018,1198702,1200692,1200788,1201455,1202686,1203008,1203183,1203290,1203322,1203514,1203960,1204166,1204168,1204170,1204354,1204355,1204402,1204414,1204415,1204424,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205006,1205128,1205130,1205220,1205473,1205514,1205671,1205705,1205709,1205796,1206113,1206114,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-33981,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1, kernel-zfcpdump-4.12.14-150000.150.109.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150000.150.109.1, kernel-livepatch-SLE15_Update_35-1-150000.1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150000.150.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 122 Swamp Workflow Management 2022-12-20 17:30:43 UTC 
SUSE-SU-2022:4589-1: An update that solves 44 vulnerabilities and has 23 fixes is now available.

Category: security (important)
Bug References: 1196018,1198702,1199365,1200788,1200845,1201455,1201725,1202686,1202700,1203008,1203066,1203067,1203290,1203322,1203391,1203496,1203511,1203514,1203860,1203960,1204017,1204053,1204166,1204168,1204170,1204228,1204354,1204355,1204402,1204414,1204415,1204417,1204424,1204431,1204432,1204439,1204446,1204470,1204479,1204486,1204574,1204575,1204576,1204631,1204635,1204636,1204637,1204646,1204647,1204653,1204745,1204780,1204850,1204868,1205128,1205130,1205220,1205473,1205514,1205617,1205671,1205700,1205705,1205709,1205711,1205796,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-2602,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-2978,CVE-2022-3169,CVE-2022-3176,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-3707,CVE-2022-3903,CVE-2022-39189,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-livepatch-SLE15-SP2_Update_32-1-150200.5.5.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.139.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.139.1, kernel-default-base-5.3.18-150200.24.139.1.150200.9.65.2, kernel-docs-5.3.18-150200.24.139.1, kernel-obs-build-5.3.18-150200.24.139.1, kernel-preempt-5.3.18-150200.24.139.1, kernel-source-5.3.18-150200.24.139.1, kernel-syms-5.3.18-150200.24.139.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 123 Swamp Workflow Management 2022-12-23 14:30:39 UTC 
SUSE-SU-2022:4615-1: An update that solves 38 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1196018,1198702,1200788,1201455,1202686,1203008,1203183,1203290,1203322,1203514,1203960,1203987,1204166,1204168,1204170,1204354,1204355,1204402,1204414,1204415,1204424,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205006,1205128,1205130,1205220,1205473,1205514,1205671,1205705,1205709,1205796,1206113,1206114,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.114.1, kgraft-patch-SLE12-SP4_Update_32-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.114.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 124 Swamp Workflow Management 2022-12-23 14:50:51 UTC 
SUSE-SU-2022:4611-1: An update that solves 31 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 1129898,1177282,1196018,1198702,1201309,1202097,1202686,1203008,1203290,1203322,1203514,1203960,1203987,1204166,1204168,1204170,1204354,1204402,1204414,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205128,1205130,1205220,1205514,1205671,1205796,1206164
CVE References: CVE-2019-3874,CVE-2020-26541,CVE-2021-4037,CVE-2022-2663,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3524,CVE-2022-3542,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-42703,CVE-2022-43750,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.182.1, kernel-source-4.4.180-94.182.1, kernel-syms-4.4.180-94.182.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 125 Swamp Workflow Management 2022-12-23 15:06:35 UTC 
SUSE-SU-2022:4617-1: An update that solves 96 vulnerabilities, contains 50 features and has 246 fixes is now available.

Category: security (important)
Bug References: 1023051,1032323,1065729,1071995,1152472,1152489,1156395,1164051,1177471,1184350,1185032,1188238,1189297,1189999,1190256,1190497,1190969,1192968,1193629,1194023,1194592,1194869,1194904,1195480,1195917,1196018,1196444,1196616,1196632,1196867,1196869,1197158,1197391,1197659,1197755,1197756,1197757,1197763,1198189,1198410,1198577,1198702,1198971,1199086,1199364,1199515,1199670,1199904,1200015,1200058,1200268,1200288,1200301,1200313,1200431,1200465,1200494,1200544,1200567,1200622,1200644,1200651,1200692,1200788,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201308,1201309,1201310,1201361,1201427,1201442,1201455,1201489,1201610,1201675,1201725,1201726,1201768,1201865,1201940,1201941,1201948,1201954,1201956,1201958,1202095,1202096,1202097,1202113,1202131,1202154,1202187,1202262,1202265,1202312,1202341,1202346,1202347,1202385,1202393,1202447,1202471,1202558,1202623,1202636,1202672,1202681,1202685,1202686,1202700,1202710,1202711,1202712,1202713,1202715,1202716,1202757,1202758,1202759,1202761,1202762,1202763,1202764,1202765,1202766,1202767,1202768,1202769,1202770,1202771,1202773,1202774,1202775,1202776,1202778,1202779,1202780,1202781,1202782,1202783,1202822,1202823,1202824,1202860,1202867,1202872,1202874,1202898,1202914,1202960,1202989,1202992,1202993,1203002,1203008,1203036,1203039,1203041,1203063,1203066,1203067,1203098,1203101,1203107,1203116,1203117,1203138,1203139,1203159,1203183,1203197,1203208,1203229,1203263,1203290,1203338,1203360,1203361,1203389,1203391,1203410,1203435,1203505,1203511,1203514,1203552,1203606,1203664,1203693,1203699,1203767,1203769,1203770,1203794,1203798,1203802,1203829,1203893,1203902,1203906,1203908,1203922,1203935,1203939,1203960,1203969,1203987,1203992,1203994,1204017,1204051,1204059,1204060,1204092,1204125,1204132,1204142,1204166,1204168,1204170,1204171,1204183,1204228,1204241,1204289,1204290,1204291,1204292,1204353,1204354,1204355,1204402,1204405,1204413,1204414,1204415,1204417,1204424,1204428,1204431,1204432,1204439,1204470,1204479,1204486,1204498,1204533,1204569,1204574,1204575,1204576,1204619,1204624,1204631,1204635,1204636,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204745,1204753,1204780,1204810,1204850,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970,1205007,1205100,1205111,1205113,1205128,1205130,1205149,1205153,1205220,1205257,1205264,1205282,1205313,1205331,1205332,1205427,1205428,1205473,1205496,1205507,1205514,1205521,1205567,1205616,1205617,1205653,1205671,1205679,1205683,1205700,1205705,1205709,1205711,1205744,1205764,1205796,1205882,1205993,1206035,1206036,1206037,1206045,1206046,1206047,1206048,1206049,1206050,1206051,1206056,1206057,1206113,1206114,1206147,1206149,1206207,1206273,1206391
CVE References: CVE-2016-3695,CVE-2020-16119,CVE-2020-36516,CVE-2021-33135,CVE-2021-4037,CVE-2022-1184,CVE-2022-1263,CVE-2022-1882,CVE-2022-20368,CVE-2022-20369,CVE-2022-2153,CVE-2022-2586,CVE-2022-2588,CVE-2022-2602,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-28356,CVE-2022-28693,CVE-2022-2873,CVE-2022-28748,CVE-2022-2905,CVE-2022-2938,CVE-2022-2959,CVE-2022-2964,CVE-2022-2977,CVE-2022-2978,CVE-2022-3028,CVE-2022-3078,CVE-2022-3114,CVE-2022-3169,CVE-2022-3176,CVE-2022-3202,CVE-2022-32250,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3566,CVE-2022-3567,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3635,CVE-2022-3640,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-36879,CVE-2022-36946,CVE-2022-3707,CVE-2022-3903,CVE-2022-39188,CVE-2022-39189,CVE-2022-39190,CVE-2022-40476,CVE-2022-40768,CVE-2022-4095,CVE-2022-41218,CVE-2022-4129,CVE-2022-4139,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45869,CVE-2022-45888,CVE-2022-45934
JIRA References: PED-1082,PED-1084,PED-1085,PED-1096,PED-1211,PED-1573,PED-1649,PED-1706,PED-1936,PED-2684,PED-387,PED-529,PED-611,PED-634,PED-652,PED-664,PED-676,PED-678,PED-679,PED-682,PED-688,PED-707,PED-720,PED-729,PED-732,PED-755,PED-763,PED-813,PED-817,PED-822,PED-824,PED-825,PED-833,PED-842,PED-846,PED-849,PED-850,PED-851,PED-856,PED-857,SLE-13847,SLE-18130,SLE-19359,SLE-19924,SLE-20183,SLE-23766,SLE-24572,SLE-24682,SLE-24814,SLE-9246
Sources used:
openSUSE Leap Micro 5.3 (src):    kernel-rt-5.14.21-150400.15.5.1
openSUSE Leap 15.4 (src):    kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1
SUSE Linux Enterprise Module for Realtime 15-SP4 (src):    kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-livepatch-SLE15-SP4-RT_Update_1-1-150400.1.3.1
SUSE Linux Enterprise Micro 5.3 (src):    kernel-rt-5.14.21-150400.15.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.