1206114 – (CVE-2022-42328) VUL-0: CVE-2022-42328, CVE-2022-42329: xen: Guests can trigger deadlock in Linux netback driver (XSA-424)

Bug 1206114 (CVE-2022-42328) - VUL-0: CVE-2022-42328, CVE-2022-42329: xen: Guests can trigger deadlock in Linux netback driver (XSA-424)

Summary: VUL-0: CVE-2022-42328, CVE-2022-42329: xen: Guests can trigger deadlock in Li...

Status:	RESOLVED FIXED

Alias:	CVE-2022-42328

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	CVSSv3.1:SUSE:CVE-2022-42328:5.7:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2022-12-06 15:36 UTC by Alexander Bergmann
Modified:	2024-06-25 17:15 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
xsa424-linux.patch (3.44 KB, patch) 2022-12-06 15:36 UTC, Alexander Bergmann	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexander Bergmann 2022-12-06 15:36:10 UTC

Created attachment 863360 [details]
xsa424-linux.patch

https://xenbits.xen.org/xsa/advisory-424.html

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

     Xen Security Advisory CVE-2022-42328,CVE-2022-42329 / XSA-424

          Guests can trigger deadlock in Linux netback driver

ISSUE DESCRIPTION
=================

The patch for XSA-392 introduced another issue which might result in
a deadlock when trying to free the SKB of a packet dropped due to
the XSA-392 handling (CVE-2022-42328).

Additionally when dropping packages for other reasons the same
deadlock could occur in case of netpoll being active for the interface
the xen-netback driver is connected to (CVE-2022-42329).

IMPACT
======

A malicious guest could cause Denial of Service (DoS) of the host via
the paravirtualized network interface.

VULNERABLE SYSTEMS
==================

All systems using the Linux kernel based network backend xen-netback
are vulnerable.

MITIGATION
==========

Using another PV network backend (e.g. the qemu based "qnic" backend)
will mitigate the problem.

Using a dedicated network driver domain per guest will mitigate the
problem.

NOTE REGARDING LACK OF EMBARGO
==============================

This issue was discussed in public already.

RESOLUTION
==========

Applying the attached patch resolves this issue.

xsa424-linux.patch     Linux 6.0, 6.1-rc

$ sha256sum xsa424*
89db7cad9694f498c4ac450356932fb69fb514162e07aea0343776effa821fc8  xsa424-linux.patch
$

-----BEGIN PGP SIGNATURE-----

iQFABAEBCAAqFiEEI+MiLBRfRHX6gGCng/4UyVfoK9kFAmOPXKYMHHBncEB4ZW4u
b3JnAAoJEIP+FMlX6CvZ30IH/1GZwPXXAqMjN3d1n7BotiDLfmDiNp8e92wvQvmh
cXgsBtvTZ+oDzI7J+Xr/42c4IN41s34fWl0hmNbdrw4lwrOSoj0rnCP73Bn22oUT
jbv3bmFOHytCs5crvVrA4S7dCNcdpoEmfOoSaz1cBPhMecotlgTQo7M2Cagv3O9a
a9fR+KGMk9EBDGdo2wBJyEcD9ApASPEV+LJgLoTOuYFIStCO/+TTBfJx5H7T/vgK
Dqxsq1nULCSBc5Z5wrmtF49G3asBrAbPTkRhpyp9giXU+UV0QNJclnc+IJPdLIOe
jISAvpHQ3Fkb7Q25jaBg+c0bf9KzT3ekBOaf1RofgA84Jg0=
=4J/5
-----END PGP SIGNATURE-----

Comment 14 Swamp Workflow Management 2022-12-16 17:24:10 UTC

SUSE-SU-2022:4505-1: An update that solves 16 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1106594,1156395,1164051,1184350,1199365,1200845,1201455,1203183,1203746,1203860,1203960,1204017,1204142,1204414,1204446,1204631,1204636,1204810,1204850,1204868,1204963,1205006,1205128,1205130,1205220,1205234,1205264,1205473,1205514,1205617,1205671,1205705,1205709,1205796,1205901,1205902,1205903,1205904,1205905,1205906,1205907,1205908,1206032,1206037,1206113,1206114,1206117,1206118,1206119,1206120,1206207,1206213
CVE References: CVE-2022-28693,CVE-2022-3567,CVE-2022-3628,CVE-2022-3635,CVE-2022-3643,CVE-2022-3903,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-azure-4.12.14-16.120.1, kernel-source-azure-4.12.14-16.120.1, kernel-syms-azure-4.12.14-16.120.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 15 Swamp Workflow Management 2022-12-16 17:33:49 UTC

SUSE-SU-2022:4504-1: An update that solves 22 vulnerabilities, contains 7 features and has 26 fixes is now available.

Category: security (important)
Bug References: 1065729,1156395,1164051,1184350,1189297,1190256,1193629,1194869,1202341,1203183,1204631,1204636,1204693,1204810,1204850,1205007,1205100,1205111,1205128,1205130,1205149,1205153,1205220,1205331,1205428,1205473,1205514,1205617,1205653,1205744,1205764,1205796,1205882,1205993,1206035,1206036,1206037,1206046,1206047,1206051,1206056,1206057,1206113,1206114,1206147,1206149,1206207,1206273
CVE References: CVE-2022-2602,CVE-2022-3176,CVE-2022-3566,CVE-2022-3567,CVE-2022-3635,CVE-2022-3643,CVE-2022-3707,CVE-2022-3903,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45869,CVE-2022-45888,CVE-2022-45934
JIRA References: PED-1573,PED-1706,PED-1936,PED-2684,PED-611,PED-824,PED-849
Sources used:
openSUSE Leap 15.4 (src):    kernel-azure-5.14.21-150400.14.28.1, kernel-source-azure-5.14.21-150400.14.28.1, kernel-syms-azure-5.14.21-150400.14.28.1
SUSE Linux Enterprise Module for Public Cloud 15-SP4 (src):    kernel-azure-5.14.21-150400.14.28.1, kernel-source-azure-5.14.21-150400.14.28.1, kernel-syms-azure-5.14.21-150400.14.28.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 18 Swamp Workflow Management 2022-12-19 17:29:41 UTC

SUSE-SU-2022:4566-1: An update that solves 16 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1065729,1071995,1106594,1156395,1164051,1184350,1199365,1200845,1201455,1203183,1203746,1203860,1203960,1204017,1204142,1204414,1204446,1204631,1204636,1204810,1204850,1204868,1204963,1205006,1205128,1205130,1205220,1205234,1205264,1205473,1205514,1205617,1205671,1205705,1205709,1205796,1205901,1205902,1205903,1205904,1205905,1205906,1205907,1205908,1206032,1206037,1206113,1206114,1206117,1206118,1206119,1206120,1206207,1206213
CVE References: CVE-2022-28693,CVE-2022-3567,CVE-2022-3628,CVE-2022-3635,CVE-2022-3643,CVE-2022-3903,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP5 (src):    kernel-default-4.12.14-122.144.1
SUSE Linux Enterprise Software Development Kit 12-SP5 (src):    kernel-docs-4.12.14-122.144.1, kernel-obs-build-4.12.14-122.144.1
SUSE Linux Enterprise Server 12-SP5 (src):    kernel-default-4.12.14-122.144.1, kernel-source-4.12.14-122.144.1, kernel-syms-4.12.14-122.144.1
SUSE Linux Enterprise Live Patching 12-SP5 (src):    kernel-default-4.12.14-122.144.1, kgraft-patch-SLE12-SP5_Update_38-1-8.5.1
SUSE Linux Enterprise High Availability 12-SP5 (src):    kernel-default-4.12.14-122.144.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 20 Swamp Workflow Management 2022-12-19 20:29:24 UTC

SUSE-SU-2022:4574-1: An update that solves 36 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1198702,1199365,1200788,1200845,1201455,1202686,1203008,1203183,1203290,1203322,1203514,1203860,1203960,1204017,1204166,1204170,1204354,1204355,1204402,1204414,1204415,1204424,1204431,1204432,1204439,1204446,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204850,1204868,1205006,1205128,1205220,1205473,1205514,1205617,1205671,1205796,1206113,1206114,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28693,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
openSUSE Leap 15.4 (src):    kernel-debug-4.12.14-150100.197.131.1, kernel-default-4.12.14-150100.197.131.1, kernel-kvmsmall-4.12.14-150100.197.131.1, kernel-vanilla-4.12.14-150100.197.131.1, kernel-zfcpdump-4.12.14-150100.197.131.1
openSUSE Leap 15.3 (src):    kernel-debug-4.12.14-150100.197.131.1, kernel-default-4.12.14-150100.197.131.1, kernel-kvmsmall-4.12.14-150100.197.131.1, kernel-vanilla-4.12.14-150100.197.131.1, kernel-zfcpdump-4.12.14-150100.197.131.1
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1, kernel-zfcpdump-4.12.14-150100.197.131.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-150100.197.131.1, kernel-livepatch-SLE15-SP1_Update_36-1-150100.3.5.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-150100.197.131.1
SUSE Enterprise Storage 6 (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1
SUSE CaaS Platform 4.0 (src):    kernel-default-4.12.14-150100.197.131.1, kernel-docs-4.12.14-150100.197.131.1, kernel-obs-build-4.12.14-150100.197.131.1, kernel-source-4.12.14-150100.197.131.1, kernel-syms-4.12.14-150100.197.131.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 21 Swamp Workflow Management 2022-12-19 20:35:06 UTC

SUSE-SU-2022:4573-1: An update that solves 38 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1196018,1198702,1200692,1200788,1201455,1202686,1203008,1203183,1203290,1203322,1203514,1203960,1204166,1204168,1204170,1204354,1204355,1204402,1204414,1204415,1204424,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205006,1205128,1205130,1205220,1205473,1205514,1205671,1205705,1205709,1205796,1206113,1206114,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-33981,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise Server 15-LTSS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1, kernel-zfcpdump-4.12.14-150000.150.109.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150000.150.109.1, kernel-livepatch-SLE15_Update_35-1-150000.1.5.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    kernel-default-4.12.14-150000.150.109.1, kernel-docs-4.12.14-150000.150.109.1, kernel-obs-build-4.12.14-150000.150.109.1, kernel-source-4.12.14-150000.150.109.1, kernel-syms-4.12.14-150000.150.109.1, kernel-vanilla-4.12.14-150000.150.109.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150000.150.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 22 Swamp Workflow Management 2022-12-20 17:44:09 UTC

SUSE-SU-2022:4585-1: An update that solves 22 vulnerabilities, contains 7 features and has 52 fixes is now available.

Category: security (important)
Bug References: 1065729,1156395,1164051,1184350,1189297,1190256,1193629,1194869,1202341,1203183,1203391,1203511,1203960,1204228,1204405,1204414,1204631,1204636,1204693,1204780,1204810,1204850,1205007,1205100,1205111,1205113,1205128,1205130,1205149,1205153,1205220,1205264,1205282,1205331,1205332,1205427,1205428,1205473,1205507,1205514,1205521,1205567,1205616,1205617,1205653,1205671,1205679,1205683,1205700,1205705,1205709,1205711,1205744,1205764,1205796,1205882,1205993,1206035,1206036,1206037,1206045,1206046,1206047,1206048,1206049,1206050,1206051,1206056,1206057,1206113,1206114,1206147,1206149,1206207
CVE References: CVE-2022-2602,CVE-2022-3176,CVE-2022-3566,CVE-2022-3567,CVE-2022-3635,CVE-2022-3643,CVE-2022-3707,CVE-2022-3903,CVE-2022-4095,CVE-2022-4129,CVE-2022-4139,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42895,CVE-2022-42896,CVE-2022-4378,CVE-2022-43945,CVE-2022-45869,CVE-2022-45888,CVE-2022-45934
JIRA References: PED-1573,PED-1706,PED-1936,PED-2684,PED-611,PED-824,PED-849
Sources used:
openSUSE Leap Micro 5.3 (src):    kernel-default-5.14.21-150400.24.38.1, kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2
openSUSE Leap 15.4 (src):    dtb-aarch64-5.14.21-150400.24.38.1, kernel-64kb-5.14.21-150400.24.38.1, kernel-debug-5.14.21-150400.24.38.1, kernel-default-5.14.21-150400.24.38.1, kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2, kernel-docs-5.14.21-150400.24.38.1, kernel-kvmsmall-5.14.21-150400.24.38.1, kernel-obs-build-5.14.21-150400.24.38.1, kernel-obs-qa-5.14.21-150400.24.38.1, kernel-source-5.14.21-150400.24.38.1, kernel-syms-5.14.21-150400.24.38.1, kernel-zfcpdump-5.14.21-150400.24.38.1
SUSE Linux Enterprise Workstation Extension 15-SP4 (src):    kernel-default-5.14.21-150400.24.38.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-default-5.14.21-150400.24.38.1, kernel-livepatch-SLE15-SP4_Update_6-1-150400.9.3.2
SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src):    kernel-default-5.14.21-150400.24.38.1
SUSE Linux Enterprise Module for Development Tools 15-SP4 (src):    kernel-docs-5.14.21-150400.24.38.1, kernel-obs-build-5.14.21-150400.24.38.1, kernel-source-5.14.21-150400.24.38.1, kernel-syms-5.14.21-150400.24.38.1
SUSE Linux Enterprise Module for Basesystem 15-SP4 (src):    kernel-64kb-5.14.21-150400.24.38.1, kernel-default-5.14.21-150400.24.38.1, kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2, kernel-source-5.14.21-150400.24.38.1, kernel-zfcpdump-5.14.21-150400.24.38.1
SUSE Linux Enterprise Micro 5.3 (src):    kernel-default-5.14.21-150400.24.38.1, kernel-default-base-5.14.21-150400.24.38.1.150400.24.13.2
SUSE Linux Enterprise High Availability 15-SP4 (src):    kernel-default-5.14.21-150400.24.38.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 23 Swamp Workflow Management 2022-12-23 14:34:11 UTC

SUSE-SU-2022:4615-1: An update that solves 38 vulnerabilities and has 9 fixes is now available.

Category: security (important)
Bug References: 1196018,1198702,1200788,1201455,1202686,1203008,1203183,1203290,1203322,1203514,1203960,1203987,1204166,1204168,1204170,1204354,1204355,1204402,1204414,1204415,1204424,1204431,1204432,1204439,1204479,1204574,1204576,1204631,1204635,1204636,1204646,1204647,1204653,1204868,1205006,1205128,1205130,1205220,1205473,1205514,1205671,1205705,1205709,1205796,1206113,1206114,1206207
CVE References: CVE-2021-4037,CVE-2022-2153,CVE-2022-28693,CVE-2022-28748,CVE-2022-2964,CVE-2022-3169,CVE-2022-3424,CVE-2022-3521,CVE-2022-3524,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3567,CVE-2022-3586,CVE-2022-3594,CVE-2022-3621,CVE-2022-3628,CVE-2022-3629,CVE-2022-3635,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-3903,CVE-2022-40307,CVE-2022-40768,CVE-2022-4095,CVE-2022-41848,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45934
JIRA References: 
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE OpenStack Cloud 9 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    kernel-default-4.12.14-95.114.1, kernel-source-4.12.14-95.114.1, kernel-syms-4.12.14-95.114.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kernel-default-4.12.14-95.114.1, kgraft-patch-SLE12-SP4_Update_32-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.114.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 24 Swamp Workflow Management 2022-12-23 15:29:22 UTC

SUSE-SU-2022:4617-1: An update that solves 96 vulnerabilities, contains 50 features and has 246 fixes is now available.

Category: security (important)
Bug References: 1023051,1032323,1065729,1071995,1152472,1152489,1156395,1164051,1177471,1184350,1185032,1188238,1189297,1189999,1190256,1190497,1190969,1192968,1193629,1194023,1194592,1194869,1194904,1195480,1195917,1196018,1196444,1196616,1196632,1196867,1196869,1197158,1197391,1197659,1197755,1197756,1197757,1197763,1198189,1198410,1198577,1198702,1198971,1199086,1199364,1199515,1199670,1199904,1200015,1200058,1200268,1200288,1200301,1200313,1200431,1200465,1200494,1200544,1200567,1200622,1200644,1200651,1200692,1200788,1200845,1200868,1200869,1200870,1200871,1200872,1200873,1201019,1201308,1201309,1201310,1201361,1201427,1201442,1201455,1201489,1201610,1201675,1201725,1201726,1201768,1201865,1201940,1201941,1201948,1201954,1201956,1201958,1202095,1202096,1202097,1202113,1202131,1202154,1202187,1202262,1202265,1202312,1202341,1202346,1202347,1202385,1202393,1202447,1202471,1202558,1202623,1202636,1202672,1202681,1202685,1202686,1202700,1202710,1202711,1202712,1202713,1202715,1202716,1202757,1202758,1202759,1202761,1202762,1202763,1202764,1202765,1202766,1202767,1202768,1202769,1202770,1202771,1202773,1202774,1202775,1202776,1202778,1202779,1202780,1202781,1202782,1202783,1202822,1202823,1202824,1202860,1202867,1202872,1202874,1202898,1202914,1202960,1202989,1202992,1202993,1203002,1203008,1203036,1203039,1203041,1203063,1203066,1203067,1203098,1203101,1203107,1203116,1203117,1203138,1203139,1203159,1203183,1203197,1203208,1203229,1203263,1203290,1203338,1203360,1203361,1203389,1203391,1203410,1203435,1203505,1203511,1203514,1203552,1203606,1203664,1203693,1203699,1203767,1203769,1203770,1203794,1203798,1203802,1203829,1203893,1203902,1203906,1203908,1203922,1203935,1203939,1203960,1203969,1203987,1203992,1203994,1204017,1204051,1204059,1204060,1204092,1204125,1204132,1204142,1204166,1204168,1204170,1204171,1204183,1204228,1204241,1204289,1204290,1204291,1204292,1204353,1204354,1204355,1204402,1204405,1204413,1204414,1204415,1204417,1204424,1204428,1204431,1204432,1204439,1204470,1204479,1204486,1204498,1204533,1204569,1204574,1204575,1204576,1204619,1204624,1204631,1204635,1204636,1204637,1204646,1204647,1204650,1204653,1204693,1204705,1204719,1204728,1204745,1204753,1204780,1204810,1204850,1204868,1204926,1204933,1204934,1204947,1204957,1204963,1204970,1205007,1205100,1205111,1205113,1205128,1205130,1205149,1205153,1205220,1205257,1205264,1205282,1205313,1205331,1205332,1205427,1205428,1205473,1205496,1205507,1205514,1205521,1205567,1205616,1205617,1205653,1205671,1205679,1205683,1205700,1205705,1205709,1205711,1205744,1205764,1205796,1205882,1205993,1206035,1206036,1206037,1206045,1206046,1206047,1206048,1206049,1206050,1206051,1206056,1206057,1206113,1206114,1206147,1206149,1206207,1206273,1206391
CVE References: CVE-2016-3695,CVE-2020-16119,CVE-2020-36516,CVE-2021-33135,CVE-2021-4037,CVE-2022-1184,CVE-2022-1263,CVE-2022-1882,CVE-2022-20368,CVE-2022-20369,CVE-2022-2153,CVE-2022-2586,CVE-2022-2588,CVE-2022-2602,CVE-2022-26373,CVE-2022-2639,CVE-2022-2663,CVE-2022-28356,CVE-2022-28693,CVE-2022-2873,CVE-2022-28748,CVE-2022-2905,CVE-2022-2938,CVE-2022-2959,CVE-2022-2964,CVE-2022-2977,CVE-2022-2978,CVE-2022-3028,CVE-2022-3078,CVE-2022-3114,CVE-2022-3169,CVE-2022-3176,CVE-2022-3202,CVE-2022-32250,CVE-2022-32296,CVE-2022-3239,CVE-2022-3303,CVE-2022-33981,CVE-2022-3424,CVE-2022-3435,CVE-2022-3521,CVE-2022-3524,CVE-2022-3526,CVE-2022-3535,CVE-2022-3542,CVE-2022-3545,CVE-2022-3565,CVE-2022-3566,CVE-2022-3567,CVE-2022-3577,CVE-2022-3586,CVE-2022-3594,CVE-2022-3619,CVE-2022-3621,CVE-2022-3625,CVE-2022-3628,CVE-2022-3629,CVE-2022-3633,CVE-2022-3635,CVE-2022-3640,CVE-2022-3643,CVE-2022-3646,CVE-2022-3649,CVE-2022-36879,CVE-2022-36946,CVE-2022-3707,CVE-2022-3903,CVE-2022-39188,CVE-2022-39189,CVE-2022-39190,CVE-2022-40476,CVE-2022-40768,CVE-2022-4095,CVE-2022-41218,CVE-2022-4129,CVE-2022-4139,CVE-2022-41674,CVE-2022-41848,CVE-2022-41849,CVE-2022-41850,CVE-2022-41858,CVE-2022-42328,CVE-2022-42329,CVE-2022-42703,CVE-2022-42719,CVE-2022-42720,CVE-2022-42721,CVE-2022-42722,CVE-2022-42895,CVE-2022-42896,CVE-2022-43750,CVE-2022-4378,CVE-2022-43945,CVE-2022-45869,CVE-2022-45888,CVE-2022-45934
JIRA References: PED-1082,PED-1084,PED-1085,PED-1096,PED-1211,PED-1573,PED-1649,PED-1706,PED-1936,PED-2684,PED-387,PED-529,PED-611,PED-634,PED-652,PED-664,PED-676,PED-678,PED-679,PED-682,PED-688,PED-707,PED-720,PED-729,PED-732,PED-755,PED-763,PED-813,PED-817,PED-822,PED-824,PED-825,PED-833,PED-842,PED-846,PED-849,PED-850,PED-851,PED-856,PED-857,SLE-13847,SLE-18130,SLE-19359,SLE-19924,SLE-20183,SLE-23766,SLE-24572,SLE-24682,SLE-24814,SLE-9246
Sources used:
openSUSE Leap Micro 5.3 (src):    kernel-rt-5.14.21-150400.15.5.1
openSUSE Leap 15.4 (src):    kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1
SUSE Linux Enterprise Module for Realtime 15-SP4 (src):    kernel-rt-5.14.21-150400.15.5.1, kernel-rt_debug-5.14.21-150400.15.5.1, kernel-source-rt-5.14.21-150400.15.5.1, kernel-syms-rt-5.14.21-150400.15.5.1
SUSE Linux Enterprise Module for Live Patching 15-SP4 (src):    kernel-livepatch-SLE15-SP4-RT_Update_1-1-150400.1.3.1
SUSE Linux Enterprise Micro 5.3 (src):    kernel-rt-5.14.21-150400.15.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2023-01-25 14:20:38 UTC

SUSE-SU-2023:0134-1: An update that solves 11 vulnerabilities and has 11 fixes is now available.

Category: security (important)
Bug References: 1151927,1157049,1190969,1203183,1204171,1204250,1204693,1205256,1206113,1206114,1206174,1206175,1206176,1206177,1206178,1206179,1206389,1206394,1206395,1206397,1206398,1206664
CVE References: CVE-2019-19083,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3435,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662
JIRA References: 
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-rt-5.3.18-150300.115.1
SUSE Linux Enterprise Module for Realtime 15-SP3 (src):    kernel-rt-5.3.18-150300.115.1, kernel-rt_debug-5.3.18-150300.115.1, kernel-source-rt-5.3.18-150300.115.1, kernel-syms-rt-5.3.18-150300.115.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-rt-5.3.18-150300.115.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-rt-5.3.18-150300.115.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Swamp Workflow Management 2023-01-26 14:28:33 UTC

SUSE-SU-2023:0152-1: An update that solves 19 vulnerabilities, contains three features and has 71 fixes is now available.

Category: security (important)
Bug References: 1065729,1151927,1156395,1157049,1190969,1203183,1203693,1203740,1204171,1204250,1204614,1204693,1204760,1204989,1205149,1205256,1205495,1205496,1205601,1205695,1206073,1206113,1206114,1206174,1206175,1206176,1206177,1206178,1206179,1206344,1206389,1206393,1206394,1206395,1206397,1206398,1206399,1206515,1206602,1206634,1206635,1206636,1206637,1206640,1206641,1206642,1206643,1206644,1206645,1206646,1206647,1206648,1206649,1206663,1206664,1206784,1206841,1206854,1206855,1206857,1206858,1206859,1206860,1206873,1206875,1206876,1206877,1206878,1206880,1206881,1206882,1206883,1206884,1206885,1206886,1206887,1206888,1206889,1206890,1206891,1206893,1206896,1206904,1207036,1207125,1207134,1207186,1207198,1207218,1207237
CVE References: CVE-2019-19083,CVE-2022-3105,CVE-2022-3106,CVE-2022-3107,CVE-2022-3108,CVE-2022-3111,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455
JIRA References: PED-1445,PED-1706,PED-568
Sources used:
openSUSE Leap Micro 5.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
openSUSE Leap 15.4 (src):    dtb-aarch64-5.3.18-150300.59.109.1
SUSE Manager Server 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1
SUSE Manager Retail Branch Server 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1
SUSE Manager Proxy 4.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1
SUSE Linux Enterprise Server for SAP 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise Server 15-SP3-LTSS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1, kernel-zfcpdump-5.3.18-150300.59.109.1
SUSE Linux Enterprise Realtime Extension 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise Module for Live Patching 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-livepatch-SLE15-SP3_Update_28-1-150300.7.3.1
SUSE Linux Enterprise Micro 5.2 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
SUSE Linux Enterprise Micro 5.1 (src):    kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1
SUSE Linux Enterprise High Performance Computing 15-SP3-LTSS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise High Performance Computing 15-SP3-ESPOS (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1
SUSE Linux Enterprise High Availability 15-SP3 (src):    kernel-default-5.3.18-150300.59.109.1
SUSE Enterprise Storage 7.1 (src):    kernel-64kb-5.3.18-150300.59.109.1, kernel-default-5.3.18-150300.59.109.1, kernel-default-base-5.3.18-150300.59.109.1.150300.18.62.1, kernel-docs-5.3.18-150300.59.109.1, kernel-obs-build-5.3.18-150300.59.109.1, kernel-preempt-5.3.18-150300.59.109.1, kernel-source-5.3.18-150300.59.109.1, kernel-syms-5.3.18-150300.59.109.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 Swamp Workflow Management 2023-02-14 17:21:41 UTC

SUSE-SU-2023:0406-1: An update that solves 16 vulnerabilities, contains one feature and has 14 fixes is now available.

Category: security (important)
Bug References: 1203183,1203693,1203740,1204171,1204614,1204760,1205149,1206073,1206113,1206114,1206314,1206389,1206393,1206395,1206398,1206399,1206515,1206664,1206677,1206784,1207036,1207125,1207134,1207186,1207188,1207189,1207190,1207237,1207769,1207823
CVE References: CVE-2022-3105,CVE-2022-3107,CVE-2022-3108,CVE-2022-3112,CVE-2022-3115,CVE-2022-3435,CVE-2022-3564,CVE-2022-3643,CVE-2022-42328,CVE-2022-42329,CVE-2022-4662,CVE-2022-47520,CVE-2022-47929,CVE-2023-0266,CVE-2023-23454,CVE-2023-23455
JIRA References: PED-1706
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1
SUSE Linux Enterprise Module for Live Patching 15-SP2 (src):    kernel-default-5.3.18-150200.24.142.1, kernel-livepatch-SLE15-SP2_Update_33-1-150200.5.3.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1
SUSE Linux Enterprise High Availability 15-SP2 (src):    kernel-default-5.3.18-150200.24.142.1
SUSE Enterprise Storage 7 (src):    kernel-default-5.3.18-150200.24.142.1, kernel-default-base-5.3.18-150200.24.142.1.150200.9.67.1, kernel-docs-5.3.18-150200.24.142.1, kernel-obs-build-5.3.18-150200.24.142.1, kernel-preempt-5.3.18-150200.24.142.1, kernel-source-5.3.18-150200.24.142.1, kernel-syms-5.3.18-150200.24.142.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.