Bug 1199665 (CVE-2022-29581) - VUL-0: CVE-2022-29581: kernel-source,kernel-source-rt,kernel-source-azure: Improper Update of Reference Count vulnerability in net/sched
Summary: VUL-0: CVE-2022-29581: kernel-source,kernel-source-rt,kernel-source-azure: Im...
Status: RESOLVED FIXED
Alias: CVE-2022-29581
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Major
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/332127/
Whiteboard: CVSSv3.1:SUSE:CVE-2022-29581:7.8:(AV:...
Keywords:
Depends on:
Blocks: 1199695
  Show dependency treegraph
 
Reported: 2022-05-18 11:43 UTC by Thomas Leroy
Modified: 2024-06-25 16:52 UTC (History)
8 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Thomas Leroy 2022-05-18 11:48:10 UTC 
The following branches don't contain fixing commit:
- SLE15-SP3
- SLE15-SP4
- cve/linux-5.3

We have 7.8 CVSS, so I guess we should also backport to SLE15-SP4-GA
Comment 16 Michal Kubeček 2022-08-05 15:19:55 UTC 
The fix has been submitted to all relevant branches:

  stable          5.18-rc4
  SLE15-SP4       6f81977bee4b (merged)
  cve/linux-5.3   e1d69920a75b (merged)
  SLE12-SP5       944805bf9e0e
  SLE15-SP1-LTSS  ad4e35cfea75

Reassigning back to security team.
Comment 19 Swamp Workflow Management 2022-08-09 16:27:59 UTC 
SUSE-SU-2022:2722-1: An update that solves 5 vulnerabilities, contains 9 features and has 31 fixes is now available.

Category: security (important)
Bug References: 1190256,1190497,1198410,1198829,1199086,1199291,1199364,1199665,1199670,1200015,1200465,1200494,1200644,1200651,1201258,1201323,1201381,1201391,1201427,1201458,1201471,1201524,1201592,1201593,1201595,1201596,1201635,1201651,1201675,1201691,1201705,1201725,1201846,1201930,1201954,1201958
CVE References: CVE-2021-33655,CVE-2022-1462,CVE-2022-21505,CVE-2022-29581,CVE-2022-32250
JIRA References: SLE-18130,SLE-20183,SLE-21132,SLE-24569,SLE-24570,SLE-24571,SLE-24578,SLE-24635,SLE-24682
Sources used:
openSUSE Leap 15.4 (src):    kernel-azure-5.14.21-150400.14.10.1, kernel-source-azure-5.14.21-150400.14.10.1, kernel-syms-azure-5.14.21-150400.14.10.1
SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src):    kernel-azure-5.14.21-150400.14.10.1, kernel-source-azure-5.14.21-150400.14.10.1, kernel-syms-azure-5.14.21-150400.14.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2022-08-10 13:17:29 UTC 
SUSE-SU-2022:2741-1: An update that solves 16 vulnerabilities, contains one feature and has 15 fixes is now available.

Category: security (important)
Bug References: 1178134,1198829,1199364,1199647,1199665,1199670,1200521,1200598,1200644,1200651,1200762,1200910,1201196,1201206,1201251,1201381,1201429,1201458,1201635,1201636,1201644,1201664,1201672,1201673,1201676,1201846,1201930,1201940,1201954,1201956,1201958
CVE References: CVE-2020-36557,CVE-2020-36558,CVE-2021-33655,CVE-2021-33656,CVE-2022-1116,CVE-2022-1462,CVE-2022-20166,CVE-2022-21505,CVE-2022-2318,CVE-2022-26365,CVE-2022-29581,CVE-2022-32250,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-36946
JIRA References: SLE-24559
Sources used:
openSUSE Leap 15.3 (src):    kernel-azure-5.3.18-150300.38.75.1, kernel-source-azure-5.3.18-150300.38.75.1, kernel-syms-azure-5.3.18-150300.38.75.1
SUSE Linux Enterprise Module for Public Cloud 15-SP3 (src):    kernel-azure-5.3.18-150300.38.75.1, kernel-source-azure-5.3.18-150300.38.75.1, kernel-syms-azure-5.3.18-150300.38.75.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Simon Logan 2022-08-11 14:16:20 UTC 
Guys, fixes are only listed for the azure kernels. Are the regular leap 15.3 kernel-default packages unaffected? In particualr I'm interested in kernel-default-5.3.18-150300.59.63.1.x86_64

Thanks,
Simon
Comment 23 Swamp Workflow Management 2022-08-12 19:16:50 UTC 
SUSE-SU-2022:2803-1: An update that solves 5 vulnerabilities, contains 7 features and has 16 fixes is now available.

Category: security (important)
Bug References: 1190256,1190497,1199291,1199356,1199665,1201258,1201323,1201391,1201458,1201592,1201593,1201595,1201596,1201635,1201651,1201691,1201705,1201726,1201846,1201930,1202094
CVE References: CVE-2021-33655,CVE-2022-21505,CVE-2022-2585,CVE-2022-26373,CVE-2022-29581
JIRA References: SLE-21132,SLE-24569,SLE-24570,SLE-24571,SLE-24578,SLE-24635,SLE-24682
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.18.1, kernel-64kb-5.14.21-150400.24.18.1, kernel-debug-5.14.21-150400.24.18.1, kernel-default-5.14.21-150400.24.18.1, kernel-default-base-5.14.21-150400.24.18.1.150400.24.5.4, kernel-docs-5.14.21-150400.24.18.1, kernel-kvmsmall-5.14.21-150400.24.18.1, kernel-obs-build-5.14.21-150400.24.18.1, kernel-obs-qa-5.14.21-150400.24.18.1, kernel-source-5.14.21-150400.24.18.1, kernel-syms-5.14.21-150400.24.18.1, kernel-zfcpdump-5.14.21-150400.24.18.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.18.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.18.1, kernel-livepatch-SLE15-SP4_Update_2-1-150400.9.5.2
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.18.1
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.18.1, kernel-obs-build-5.14.21-150400.24.18.1, kernel-source-5.14.21-150400.24.18.1, kernel-syms-5.14.21-150400.24.18.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.18.1, kernel-default-5.14.21-150400.24.18.1, kernel-default-base-5.14.21-150400.24.18.1.150400.24.5.4, kernel-source-5.14.21-150400.24.18.1, kernel-zfcpdump-5.14.21-150400.24.18.1
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.18.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2022-08-23 16:20:34 UTC 
SUSE-SU-2022:2875-1: An update that solves 18 vulnerabilities, contains one feature and has 18 fixes is now available.

Category: security (important)
Bug References: 1178134,1196616,1198829,1199364,1199647,1199665,1199670,1200015,1200521,1200598,1200644,1200651,1200762,1200910,1201196,1201206,1201251,1201381,1201429,1201442,1201458,1201635,1201636,1201644,1201645,1201664,1201672,1201673,1201676,1201846,1201930,1201940,1201954,1201956,1201958,1202154
CVE References: CVE-2020-36516,CVE-2020-36557,CVE-2020-36558,CVE-2021-33655,CVE-2021-33656,CVE-2022-1116,CVE-2022-1462,CVE-2022-20166,CVE-2022-21505,CVE-2022-2318,CVE-2022-26365,CVE-2022-2639,CVE-2022-29581,CVE-2022-32250,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-36946
JIRA References: SLE-24559
Sources used:
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.90.1
openSUSE Leap 15.3 (src):    dtb-aarch64-5.3.18-150300.59.90.1, kernel-64kb-5.3.18-150300.59.90.1, kernel-debug-5.3.18-150300.59.90.1, kernel-default-5.3.18-150300.59.90.1, kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1, kernel-docs-5.3.18-150300.59.90.1, kernel-kvmsmall-5.3.18-150300.59.90.1, kernel-obs-build-5.3.18-150300.59.90.1, kernel-obs-qa-5.3.18-150300.59.90.1, kernel-preempt-5.3.18-150300.59.90.1, kernel-source-5.3.18-150300.59.90.1, kernel-syms-5.3.18-150300.59.90.1, kernel-zfcpdump-5.3.18-150300.59.90.1
SUSE Linux Enterprise Workstation Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.90.1, kernel-preempt-5.3.18-150300.59.90.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.90.1, kernel-livepatch-SLE15-SP3_Update_23-1-150300.7.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP3 (src):    kernel-default-5.3.18-150300.59.90.1
SUSE Linux Enterprise Module for Development Tools 15-SP3 (src):    kernel-docs-5.3.18-150300.59.90.1, kernel-obs-build-5.3.18-150300.59.90.1, kernel-preempt-5.3.18-150300.59.90.1, kernel-source-5.3.18-150300.59.90.1, kernel-syms-5.3.18-150300.59.90.1
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    kernel-64kb-5.3.18-150300.59.90.1, kernel-default-5.3.18-150300.59.90.1, kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1, kernel-preempt-5.3.18-150300.59.90.1, kernel-source-5.3.18-150300.59.90.1, kernel-zfcpdump-5.3.18-150300.59.90.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.90.1, kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.90.1, kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.90.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 27 Swamp Workflow Management 2022-08-25 13:20:53 UTC 
SUSE-SU-2022:2892-1: An update that solves 17 vulnerabilities, contains one feature and has 26 fixes is now available.

Category: security (important)
Bug References: 1178134,1196616,1196867,1198829,1199364,1199647,1199648,1199665,1199670,1199695,1200521,1200598,1200644,1200651,1200762,1200910,1201196,1201206,1201251,1201381,1201429,1201442,1201458,1201635,1201636,1201644,1201645,1201664,1201672,1201673,1201676,1201742,1201752,1201846,1201930,1201940,1201941,1201954,1201956,1201958,1202087,1202154,1202312
CVE References: CVE-2020-36516,CVE-2020-36557,CVE-2020-36558,CVE-2021-33655,CVE-2021-33656,CVE-2022-1116,CVE-2022-1462,CVE-2022-20166,CVE-2022-21505,CVE-2022-2318,CVE-2022-26365,CVE-2022-2639,CVE-2022-29581,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-36946
JIRA References: SLE-24559
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.99.1, kernel-rt_debug-5.3.18-150300.99.1, kernel-source-rt-5.3.18-150300.99.1, kernel-syms-rt-5.3.18-150300.99.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.99.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.99.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 28 Swamp Workflow Management 2022-08-26 13:17:24 UTC 
SUSE-SU-2022:2910-1: An update that solves 10 vulnerabilities and has 26 fixes is now available.

Category: security (important)
Bug References: 1065729,1103269,1114648,1190812,1195775,1195926,1196616,1196867,1198484,1198829,1199665,1199695,1200442,1200598,1200644,1200651,1200910,1201019,1201196,1201381,1201429,1201635,1201636,1201644,1201651,1201705,1201742,1201752,1201930,1201940,1201941,1201954,1201958,1202087,1202154,1202312
CVE References: CVE-2020-36516,CVE-2020-36557,CVE-2020-36558,CVE-2021-33655,CVE-2021-33656,CVE-2022-1462,CVE-2022-20166,CVE-2022-2639,CVE-2022-29581,CVE-2022-36946
JIRA References: 
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP5 (src):    kernel-rt-4.12.14-10.97.1, kernel-rt_debug-4.12.14-10.97.1, kernel-source-rt-4.12.14-10.97.1, kernel-syms-rt-4.12.14-10.97.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2022-09-01 15:03:47 UTC 
SUSE-SU-2022:2892-2: An update that solves 17 vulnerabilities, contains one feature and has 26 fixes is now available.

Category: security (important)
Bug References: 1178134,1196616,1196867,1198829,1199364,1199647,1199648,1199665,1199670,1199695,1200521,1200598,1200644,1200651,1200762,1200910,1201196,1201206,1201251,1201381,1201429,1201442,1201458,1201635,1201636,1201644,1201645,1201664,1201672,1201673,1201676,1201742,1201752,1201846,1201930,1201940,1201941,1201954,1201956,1201958,1202087,1202154,1202312
CVE References: CVE-2020-36516,CVE-2020-36557,CVE-2020-36558,CVE-2021-33655,CVE-2021-33656,CVE-2022-1116,CVE-2022-1462,CVE-2022-20166,CVE-2022-21505,CVE-2022-2318,CVE-2022-26365,CVE-2022-2639,CVE-2022-29581,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-36946
JIRA References: SLE-24559
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-rt-5.3.18-150300.99.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Swamp Workflow Management 2022-09-01 15:22:37 UTC 
SUSE-SU-2022:2875-2: An update that solves 18 vulnerabilities, contains one feature and has 18 fixes is now available.

Category: security (important)
Bug References: 1178134,1196616,1198829,1199364,1199647,1199665,1199670,1200015,1200521,1200598,1200644,1200651,1200762,1200910,1201196,1201206,1201251,1201381,1201429,1201442,1201458,1201635,1201636,1201644,1201645,1201664,1201672,1201673,1201676,1201846,1201930,1201940,1201954,1201956,1201958,1202154
CVE References: CVE-2020-36516,CVE-2020-36557,CVE-2020-36558,CVE-2021-33655,CVE-2021-33656,CVE-2022-1116,CVE-2022-1462,CVE-2022-20166,CVE-2022-21505,CVE-2022-2318,CVE-2022-26365,CVE-2022-2639,CVE-2022-29581,CVE-2022-32250,CVE-2022-33740,CVE-2022-33741,CVE-2022-33742,CVE-2022-36946
JIRA References: SLE-24559
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-default-5.3.18-150300.59.90.1, kernel-default-base-5.3.18-150300.59.90.1.150300.18.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2022-09-14 10:37:05 UTC 
SUSE-SU-2022:3265-1: An update that solves 12 vulnerabilities and has 31 fixes is now available.

Category: security (important)
Bug References: 1054914,1065729,1078216,1093777,1094120,1107937,1120716,1141488,1179310,1181862,1189904,1190397,1191881,1194535,1196616,1197158,1198388,1199617,1199665,1201019,1201264,1201420,1201442,1201610,1201705,1201726,1201948,1202017,1202096,1202154,1202346,1202347,1202393,1202396,1202528,1202577,1202672,1202830,1202897,1202898,1203013,1203098,1203126
CVE References: CVE-2020-36516,CVE-2021-4203,CVE-2022-20368,CVE-2022-20369,CVE-2022-21385,CVE-2022-2588,CVE-2022-26373,CVE-2022-2639,CVE-2022-29581,CVE-2022-2977,CVE-2022-3028,CVE-2022-36879
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.133.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.133.2, kernel-obs-build-4.12.14-122.133.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.133.1, kernel-source-4.12.14-122.133.1, kernel-syms-4.12.14-122.133.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.133.1, kgraft-patch-SLE12-SP5_Update_35-1-8.3.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.133.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 Swamp Workflow Management 2022-09-15 19:21:39 UTC 
SUSE-SU-2022:3282-1: An update that solves 12 vulnerabilities and has 23 fixes is now available.

Category: security (important)
Bug References: 1054914,1065729,1120716,1179310,1190397,1191881,1194535,1196616,1197158,1199617,1199665,1201019,1201264,1201420,1201442,1201610,1201705,1201726,1201948,1202017,1202096,1202154,1202346,1202347,1202393,1202396,1202528,1202577,1202672,1202830,1202897,1202898,1203013,1203098,1203126
CVE References: CVE-2020-36516,CVE-2021-4203,CVE-2022-20368,CVE-2022-20369,CVE-2022-21385,CVE-2022-2588,CVE-2022-26373,CVE-2022-2639,CVE-2022-29581,CVE-2022-2977,CVE-2022-3028,CVE-2022-36879
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.109.1, kernel-source-azure-4.12.14-16.109.1, kernel-syms-azure-4.12.14-16.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 40 Swamp Workflow Management 2022-09-26 22:23:44 UTC 
SUSE-SU-2022:3408-1: An update that solves 15 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1177440,1180153,1188944,1191881,1194535,1196616,1197158,1199482,1199665,1201019,1201420,1201705,1201726,1201948,1202096,1202097,1202154,1202335,1202346,1202347,1202393,1202396,1202672,1202897,1202898,1203098,1203107
CVE References: CVE-2020-36516,CVE-2021-4203,CVE-2022-1012,CVE-2022-20368,CVE-2022-20369,CVE-2022-21385,CVE-2022-2588,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-29581,CVE-2022-2977,CVE-2022-3028,CVE-2022-36879,CVE-2022-39188
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-150100.197.123.1, kernel-default-4.12.14-150100.197.123.1, kernel-kvmsmall-4.12.14-150100.197.123.1, kernel-vanilla-4.12.14-150100.197.123.1, kernel-zfcpdump-4.12.14-150100.197.123.1
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-150100.197.123.1, kernel-default-4.12.14-150100.197.123.1, kernel-kvmsmall-4.12.14-150100.197.123.1, kernel-vanilla-4.12.14-150100.197.123.1, kernel-zfcpdump-4.12.14-150100.197.123.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-150100.197.123.1, kernel-docs-4.12.14-150100.197.123.1, kernel-obs-build-4.12.14-150100.197.123.1, kernel-source-4.12.14-150100.197.123.1, kernel-syms-4.12.14-150100.197.123.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.123.1, kernel-docs-4.12.14-150100.197.123.1, kernel-obs-build-4.12.14-150100.197.123.1, kernel-source-4.12.14-150100.197.123.1, kernel-syms-4.12.14-150100.197.123.1, kernel-zfcpdump-4.12.14-150100.197.123.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-150100.197.123.1, kernel-docs-4.12.14-150100.197.123.1, kernel-obs-build-4.12.14-150100.197.123.1, kernel-source-4.12.14-150100.197.123.1, kernel-syms-4.12.14-150100.197.123.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-150100.197.123.1, kernel-livepatch-SLE15-SP1_Update_34-1-150100.3.3.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.123.1, kernel-docs-4.12.14-150100.197.123.1, kernel-obs-build-4.12.14-150100.197.123.1, kernel-source-4.12.14-150100.197.123.1, kernel-syms-4.12.14-150100.197.123.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-150100.197.123.1, kernel-docs-4.12.14-150100.197.123.1, kernel-obs-build-4.12.14-150100.197.123.1, kernel-source-4.12.14-150100.197.123.1, kernel-syms-4.12.14-150100.197.123.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-150100.197.123.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-150100.197.123.1, kernel-docs-4.12.14-150100.197.123.1, kernel-obs-build-4.12.14-150100.197.123.1, kernel-source-4.12.14-150100.197.123.1, kernel-syms-4.12.14-150100.197.123.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-150100.197.123.1, kernel-docs-4.12.14-150100.197.123.1, kernel-obs-build-4.12.14-150100.197.123.1, kernel-source-4.12.14-150100.197.123.1, kernel-syms-4.12.14-150100.197.123.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 41 Swamp Workflow Management 2022-09-28 10:23:31 UTC 
SUSE-SU-2022:3450-1: An update that solves 20 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 1023051,1180153,1188944,1191881,1192968,1194272,1194535,1196616,1197158,1199482,1199665,1201726,1201948,1202096,1202097,1202154,1202346,1202347,1202393,1202396,1202564,1202672,1202860,1202895,1202898,1203098,1203107,1203159
CVE References: CVE-2016-3695,CVE-2020-27784,CVE-2020-36516,CVE-2021-4155,CVE-2021-4203,CVE-2022-1012,CVE-2022-20166,CVE-2022-20368,CVE-2022-20369,CVE-2022-2588,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-2905,CVE-2022-29581,CVE-2022-2977,CVE-2022-3028,CVE-2022-32250,CVE-2022-36879,CVE-2022-39188
JIRA References: 
Sources used:
SUSE Manager Server 4.1 (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1
SUSE Manager Retail Branch Server 4.1 (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1
SUSE Manager Proxy 4.1 (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.129.1, kernel-livepatch-SLE15-SP2_Update_30-1-150200.5.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.129.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.129.1, kernel-default-base-5.3.18-150200.24.129.1.150200.9.61.1, kernel-docs-5.3.18-150200.24.129.1, kernel-obs-build-5.3.18-150200.24.129.1, kernel-preempt-5.3.18-150200.24.129.1, kernel-source-5.3.18-150200.24.129.1, kernel-syms-5.3.18-150200.24.129.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 42 Marcus Meissner 2022-11-03 16:53:25 UTC 
done