Bug 1138874

Summary:	qla2xx: Update Leap 15.1-28.4 -> 15.1-28.7, crashed
Product:	[openSUSE] openSUSE Distribution	Reporter:	Holger Schranz <holger>
Component:	Kernel	Assignee:	Daniel Wagner <daniel.wagner>
Status:	RESOLVED FIXED	QA Contact:	E-mail List <qa-bugs>
Severity:	Critical
Priority:	P3 - Medium	CC:	daniel.wagner, hare, holger, jthumshirn, msuchanek
Version:	Leap 15.1
Target Milestone:	---
Hardware:	x86-64
OS:	Other
Whiteboard:
Found By:	---	Services Priority:
Business Priority:		Blocker:	---
Marketing QA Status:	---	IT Deployment:	---
Attachments:	DMESG, LEAP 15.1-28.7 Journalctl 15.1-28.7 (Bad case) RPM list 15.1-28.7 Journalctl 15.1-28.4 (o.k. case) scsi: qla2xxx: do not crash on uninitialized pool list dmesg with patch journalctl with patch

Description Holger Schranz 2019-06-20 18:31:03 UTC

Created attachment 808098 [details]
DMESG, LEAP 15.1-28.7

Hello,

after update from 

opensuse 15.1: Linux_4.12.14-lp151.28.4
opensuse 15.1: Linux_4.12.14-lp151.28.7

the driver qla2xxx run into a dump.

With issue the work with the virtual environment is no longer
possible. More than 60 virtual systems (150 virtual machines) 
are involved over 5 virtual hosts.

To continue the work we switched back to Linux_4.12.14-lp151.28.4.

May be others are also involved.

I attached the journalctl, dmesg and a rpm -qa list.

The journalctl are from Linux_4.12.14-lp151.28.4 (o.k. version)
and Linux_4.12.14-lp151.28.7 (bad version)

I opened this issue report as a privat report. If necessary I will
opened an urgent call via FUJITSU as a customer from SuSE. 

Best regards

Holger

Comment 1 Holger Schranz 2019-06-20 18:32:02 UTC

Created attachment 808099 [details]
Journalctl 15.1-28.7 (Bad case)

Comment 2 Holger Schranz 2019-06-20 18:32:39 UTC

Created attachment 808100 [details]
RPM list 15.1-28.7

Comment 3 Holger Schranz 2019-06-20 18:33:20 UTC

Created attachment 808101 [details]
Journalctl 15.1-28.4 (o.k. case)

Comment 4 Michal Suchanek 2019-06-24 14:53:44 UTC

Hare, can you have a look?

It's openSUSE but regression in qla2xxx could affect the SLE kernel as well.

Comment 5 Holger Schranz 2019-07-01 19:08:54 UTC

Hello,

any update for this critical bug please?

I can't update some systms to a newer Patch of 15.1.

Best regards

Holger

Comment 6 Michal Suchanek 2019-07-01 19:30:40 UTC

We don't have tags for openSUSE so here are the git commits:

Release     : lp151.28.4.1
GIT Revision: af35fd11466ddb32ce5df4bc094d71af8b3b86aa
GIT Branch: openSUSE-15.1

Release     : lp151.28.7.1
GIT Revision: f8a1872c2e97826e8e0333012932aa99b5041ddd
GIT Branch: openSUSE-15.1

And these are qla patches added/removed:

+       patches.drivers/scsi-qla2xxx-Fix-panic-from-use-after-free-in-qla2x0.patch
+       patches.drivers/scsi-qla2xxx-Add-protection-mask-module-parameters.patch
+       patches.drivers/scsi-qla2xxx-Fix-DMA-error-when-the-DIF-sg-buffer-cr.patch
+       patches.drivers/scsi-qla2xxx-no-need-to-check-return-value-of-debugf.patch
+       patches.drivers/scsi-qla2xxx-Move-debug-messages-before-sending-srb-.patch
+       patches.drivers/scsi-qla2xxx-remove-redundant-null-check-on-pointer-.patch
+       patches.drivers/scsi-qla2xxx-Fix-LUN-discovery-if-loop-id-is-not-ass.patch
+       patches.drivers/scsi-qla2xxx-Add-First-Burst-support-for-FC-NVMe-dev.patch
+       patches.drivers/scsi-qla2xxx-Fix-unload-when-NVMe-devices-are-config.patch
+       patches.drivers/scsi-qla2xxx-Check-for-FW-started-flag-before-aborti.patch
+       patches.drivers/scsi-qla2xxx-Prevent-multiple-ADISC-commands-per-ses.patch
+       patches.drivers/scsi-qla2xxx-Add-support-for-setting-port-speed.patch
+       patches.drivers/scsi-qla2xxx-Prevent-SysFS-access-when-chip-is-down.patch
+       patches.drivers/scsi-qla2xxx-Move-marker-request-behind-QPair.patch
+       patches.drivers/scsi-qla2xxx-Fix-code-indentation-for-qla27xx_fwdt_e.patch
+       patches.drivers/scsi-qla2xxx-Add-new-FW-dump-template-entry-types.patch
+       patches.drivers/scsi-qla2xxx-Update-driver-version-to-10.00.00.14-k.patch
+       patches.drivers/scsi-qla2xxx-Avoid-PCI-IRQ-affinity-mapping-when-mul.patch
+       patches.drivers/scsi-qla2xxx-avoid-printf-format-warning.patch
+       patches.drivers/scsi-qla2xxx-check-for-kstrtol-failure.patch
+       patches.drivers/scsi-qla2xxx-Add-fw_attr-and-port_no-SysFS-node.patch
+       patches.drivers/scsi-qla2xxx-Remove-FW-default-template.patch
+       patches.drivers/scsi-qla2xxx-Fix-routine-qla27xx_dump_-mpi-ram.patch
+       patches.drivers/scsi-qla2xxx-Add-Device-ID-for-ISP28XX.patch
+       patches.drivers/scsi-qla2xxx-Add-Serdes-support-for-ISP28XX.patch
+       patches.drivers/scsi-qla2xxx-Correctly-report-max-min-supported-spee.patch
+       patches.drivers/scsi-qla2xxx-Cleanups-for-NVRAM-Flash-read-write-pat.patch
+       patches.drivers/scsi-qla2xxx-Add-support-for-multiple-fwdump-templat.patch
+       patches.drivers/scsi-qla2xxx-Update-flash-read-write-routine.patch
+       patches.drivers/scsi-qla2xxx-Correction-and-improvement-to-fwdt-proc.patch
+       patches.drivers/scsi-qla2xxx-Simplification-of-register-address-used.patch
+       patches.drivers/scsi-qla2xxx-Add-28xx-flash-primary-secondary-status.patch
+       patches.drivers/scsi-qla2xxx-Secure-flash-update-support-for-ISP28XX.patch
+       patches.drivers/scsi-qla2xxx-Update-driver-version-to-10.01.00.15-k.patch
+       patches.drivers/scsi-qla2xxx-Simplify-conditional-check-again.patch
+       patches.drivers/scsi-qla2xxx-Set-remote-port-devloss-timeout-to-0.patch
+       patches.drivers/scsi-qla2xxx-Fix-read-offset-in-qla24xx_load_risc_fl.patch
-       patches.suse/qla2xxx-allow-irqbalance-control-in-non-MQ-mode.patch
+       patches.kabi/qla2xxx-kABI-fixes-for-v10.00.00.14-k.patch
+       patches.kabi/qla2xxx-kABI-fixes-for-v10.01.00.15-k.patch

This is openSUSE so you are free to build lp151.28.7 with the patches reverted and bisect them to determine which one breaks your setup.

Comment 7 Michal Suchanek 2019-07-01 20:39:39 UTC

If we can trust the debugger unwinding the function correctly at offset 1097 we have list_for_each_entry_safe(dsd, nxt, &ha->pool.unusable.head, list) which implies initialization of pools is not consistent with ql2xenabledif which is probably meant to protect against access to uninitialized pools here. But ql2xenabledif is a global that can be changed at any time so the functions in question should probably check that the pools indeed exist.

Presumably if you always initialized ha->pool.good.count and ha->pool.unusable.count in qla2x00_mem_alloc you could check this count before traversing the list in qla2x00_mem_free.

Comment 8 Michal Suchanek 2019-07-02 16:28:35 UTC

Actually ql2xenabledif is readonly parameter so it should be fine to use as guard. Nonetheless, adding some checks and WARN_ONs for the pools might be helpful.

Comment 9 Holger Schranz 2019-07-02 17:42:48 UTC

Dear Mr. Suchanek,

let me clearfy:
I'm a user of openSUSE and not a developer.

If I read your comments, I understood that I have to fix the bug by my own.
Is this correct?

Best regards

Holger Schranz

Comment 10 Michal Suchanek 2019-07-03 17:54:22 UTC

Created attachment 809341 [details]
scsi: qla2xxx: do not crash on uninitialized pool list

As an openSUSE user you are expected to be able to apply or revert a kernel patch.

Attached is a patch that should confirm if the issue is with the pool list. If you see the message about uninitialized bool list then it is indeed the case. It is not clear why the pool list is not initialized so the kernel may crash in a different place due to state inconsistency in the qla2xxx driver.

Comment 11 Jiri Slaby 2019-07-04 05:00:50 UTC

(In reply to Michal Suchanek from comment #10)
> As an openSUSE user you are expected to be able to apply or revert a kernel
> patch.

You definitely cannot expect that from *users*.

Comment 13 Holger Schranz 2019-07-09 15:27:02 UTC

Hello Mr. Suchanek,

as Jiri Slaby wrote, to expect that each user of OpenSuse have a deep knowledge  about the kernel and the behavior of Linux, isn't the case in 95% of the user.

Whatever, I'm will not discuss here, about the knowledge of an user which want use OpenSuse as the OS.

I will try ,to include the Patch from you, in one of the involved systems. The result I will report here. I think around next weekend I can spend the time.

Please wait.

Best regards

Holger

Comment 14 Holger Schranz 2019-07-14 15:54:13 UTC

Hello Mr. Suchanek,

test is done. The protocol I will upload. 
It is the dmesg protocol and the journalctl.

Best regards

Holger

Comment 15 Holger Schranz 2019-07-14 15:55:21 UTC

Created attachment 810383 [details]
dmesg with patch

Comment 16 Holger Schranz 2019-07-14 15:56:17 UTC

Created attachment 810384 [details]
journalctl with patch

Comment 17 Michal Suchanek 2019-07-15 09:51:53 UTC

Thanks for testing

From the log it looks like the kernel no longer crashes. Does the adapter work for you?

Comment 18 Holger Schranz 2019-07-15 15:48:03 UTC

Hello Mr. Suchanek,

Yes, of course, the system doesn't crashed, but I have to test the adapter
in a virtual machine. I will inform you a.s.a.p..

Best regards

Holger Schranz

Comment 19 Michal Suchanek 2019-07-22 15:30:02 UTC

Any test result with the patched kernel?

Comment 20 Holger Schranz 2019-07-22 15:40:16 UTC

Hello Mr. Suchanek,

sorry for the delay.

I have updated the Leap 15.1 systems to a last patch ...28-10 first.
Than modified the qla_os.c with your fix and restarted the tests.

All tests closed with result o.k.

Thanks a lot for your effort Mr. Suchanek.

Best regards

Holger

Comment 21 Michal Suchanek 2019-07-22 15:47:45 UTC

Thanks for the tests.

I will merge this bandaid until somebody has time to look more closely at the issue.

Comment 27 Swamp Workflow Management 2019-08-07 04:34:38 UTC

SUSE-SU-2019:2070-1: An update that solves 7 vulnerabilities and has 95 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1102247,1103991,1103992,1104745,1109837,1111666,1112374,1119222,1123080,1127034,1127315,1127611,1129770,1130972,1133021,1134090,1134097,1134390,1134399,1135335,1135642,1136217,1136342,1136460,1136461,1136462,1136467,1136896,1137458,1137534,1137535,1137584,1137609,1137811,1137827,1138874,1139358,1139619,1140133,1140139,1140322,1140559,1140652,1140676,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1142023,1142052,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-20855,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.23.1, kernel-source-azure-4.12.14-6.23.1, kernel-syms-azure-4.12.14-6.23.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 28 Swamp Workflow Management 2019-08-07 04:48:07 UTC

SUSE-SU-2019:2073-1: An update that solves 7 vulnerabilities and has 78 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1102247,1103991,1103992,1104745,1109837,1111666,1112374,1119222,1123080,1127034,1127315,1127611,1129770,1130972,1133021,1134090,1134097,1134390,1134399,1135335,1135642,1136217,1136342,1136460,1136461,1136462,1136467,1137458,1137534,1137535,1137584,1137609,1137811,1137827,1138874,1139358,1139619,1140133,1140139,1140322,1140559,1140652,1140676,1140903,1140945,1140948,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-20855,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.15.1, kernel-debug-4.12.14-197.15.1, kernel-default-4.12.14-197.15.1, kernel-docs-4.12.14-197.15.1, kernel-kvmsmall-4.12.14-197.15.1, kernel-obs-qa-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-vanilla-4.12.14-197.15.1, kernel-zfcpdump-4.12.14-197.15.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.15.1, kernel-obs-build-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-syms-4.12.14-197.15.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-zfcpdump-4.12.14-197.15.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 29 Swamp Workflow Management 2019-08-07 05:09:40 UTC

SUSE-SU-2019:2073-1: An update that solves 7 vulnerabilities and has 78 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1102247,1103991,1103992,1104745,1109837,1111666,1112374,1119222,1123080,1127034,1127315,1127611,1129770,1130972,1133021,1134090,1134097,1134390,1134399,1135335,1135642,1136217,1136342,1136460,1136461,1136462,1136467,1137458,1137534,1137535,1137584,1137609,1137811,1137827,1138874,1139358,1139619,1140133,1140139,1140322,1140559,1140652,1140676,1140903,1140945,1140948,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-20855,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.15.1, kernel-debug-4.12.14-197.15.1, kernel-default-4.12.14-197.15.1, kernel-docs-4.12.14-197.15.1, kernel-kvmsmall-4.12.14-197.15.1, kernel-obs-qa-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-vanilla-4.12.14-197.15.1, kernel-zfcpdump-4.12.14-197.15.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.15.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.15.1, kernel-obs-build-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-syms-4.12.14-197.15.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.15.1, kernel-source-4.12.14-197.15.1, kernel-zfcpdump-4.12.14-197.15.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.15.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Swamp Workflow Management 2019-08-07 05:28:02 UTC

SUSE-SU-2019:2069-1: An update that solves 18 vulnerabilities and has 157 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1088047,1094555,1098633,1103990,1103991,1103992,1104745,1106383,1109837,1111666,1112374,1114279,1114685,1119113,1119222,1119532,1120423,1123080,1125703,1127034,1127315,1127611,1128432,1128902,1129770,1130836,1132390,1133021,1133401,1133738,1134090,1134097,1134390,1134395,1134399,1134730,1134738,1135153,1135296,1135335,1135556,1135642,1135897,1136156,1136157,1136161,1136217,1136264,1136271,1136333,1136342,1136343,1136345,1136348,1136460,1136461,1136462,1136467,1137103,1137194,1137224,1137366,1137429,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137811,1137827,1137884,1137985,1138263,1138291,1138293,1138336,1138374,1138375,1138589,1138681,1138719,1138732,1138874,1138879,1139358,1139619,1139712,1139751,1139771,1139865,1140133,1140139,1140228,1140322,1140328,1140405,1140424,1140428,1140454,1140463,1140559,1140575,1140577,1140637,1140652,1140658,1140676,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142265,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2018-20855,CVE-2019-10638,CVE-2019-10639,CVE-2019-1125,CVE-2019-11478,CVE-2019-11599,CVE-2019-11810,CVE-2019-12614,CVE-2019-12817,CVE-2019-12818,CVE-2019-12819,CVE-2019-13233,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15-SP1 (src):    kernel-azure-4.12.14-8.13.1, kernel-source-azure-4.12.14-8.13.1, kernel-syms-azure-4.12.14-8.13.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2019-08-07 09:54:11 UTC

This is an autogenerated message for OBS integration:
This bug (1138874) was mentioned in
https://build.opensuse.org/request/show/721464 15.1 / kernel-source

Comment 32 Michal Suchanek 2019-08-07 11:18:52 UTC

Workaround is released. Please review the state of the qla2xx driver in 15.1 and determine if there is alternative fix upstream or this workaround should be upstreamed.

Comment 33 Holger Schranz 2019-08-11 17:06:10 UTC

Hello Mr. Suchaneck,

Sorry for late responce. I will review the WA til Tuesday,13.08.

Best regards

Holger

Comment 34 Michal Suchanek 2019-08-11 18:06:11 UTC

This was summary for scsi developers looking at the bug. For now the workaround should be sufficient and there is no need for action.

Comment 35 Holger Schranz 2019-08-11 18:14:48 UTC

Thanks a lot

Comment 36 Swamp Workflow Management 2019-08-16 16:31:12 UTC

openSUSE-SU-2019:1923-1: An update that solves 8 vulnerabilities and has 97 fixes is now available.

Category: security (important)
Bug References: 1051510,1055117,1071995,1083647,1083710,1085030,1086103,1102247,1103991,1103992,1104745,1106061,1109837,1111666,1112374,1114279,1119222,1123959,1127034,1127315,1127611,1129770,1130972,1131281,1133021,1134090,1134097,1134390,1134399,1135335,1135642,1135897,1136217,1136342,1136352,1136460,1136461,1136467,1136502,1137458,1137534,1137535,1137584,1137609,1137811,1137827,1138874,1139101,1139358,1139500,1139619,1140133,1140139,1140322,1140426,1140559,1140652,1140676,1140903,1140945,1141312,1141401,1141402,1141450,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142117,1142118,1142119,1142220,1142221,1142254,1142265,1142350,1142351,1142354,1142359,1142450,1142623,1142635,1142673,1142685,1142701,1142857,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143466,1143507,1143738,1144474,1144518
CVE References: CVE-2018-20855,CVE-2019-10207,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.13.1, kernel-default-4.12.14-lp151.28.13.1, kernel-docs-4.12.14-lp151.28.13.1, kernel-kvmsmall-4.12.14-lp151.28.13.1, kernel-obs-build-4.12.14-lp151.28.13.1, kernel-obs-qa-4.12.14-lp151.28.13.1, kernel-source-4.12.14-lp151.28.13.1, kernel-syms-4.12.14-lp151.28.13.1, kernel-vanilla-4.12.14-lp151.28.13.1

Comment 38 Michal Suchanek 2019-09-12 13:06:02 UTC

Next maintenanace update should include qla2xx driver update addressing crashes on load/unload.

Comment 39 Swamp Workflow Management 2019-09-23 14:16:09 UTC

SUSE-SU-2019:2430-1: An update that solves 45 vulnerabilities and has 474 fixes is now available.

Category: security (important)
Bug References: 1050242,1050549,1051510,1052904,1053043,1055117,1055121,1055186,1056787,1058115,1061840,1064802,1065600,1065729,1066129,1070872,1071995,1075020,1082387,1082555,1083647,1083710,1085535,1085536,1088047,1088804,1093389,1094555,1096003,1098633,1099658,1102247,1103186,1103259,1103990,1103991,1103992,1104745,1106011,1106284,1106383,1106751,1108193,1108838,1108937,1109837,1110946,1111331,1111666,1111696,1112063,1112128,1112178,1112374,1113722,1113956,1114279,1114427,1114542,1114638,1114685,1115688,1117114,1117158,1117561,1118139,1119113,1119222,1119532,1119680,1120091,1120318,1120423,1120566,1120843,1120902,1122767,1122776,1123080,1123454,1123663,1124503,1124839,1125703,1126206,1126356,1126704,1127034,1127175,1127315,1127371,1127374,1127611,1127616,1128052,1128415,1128432,1128544,1128902,1128904,1128971,1128979,1129138,1129273,1129693,1129770,1129845,1130195,1130425,1130527,1130567,1130579,1130699,1130836,1130937,1130972,1131326,1131427,1131438,1131451,1131467,1131488,1131530,1131565,1131574,1131587,1131645,1131659,1131673,1131847,1131848,1131851,1131900,1131934,1131935,1132044,1132219,1132226,1132227,1132365,1132368,1132369,1132370,1132372,1132373,1132384,1132390,1132397,1132402,1132403,1132404,1132405,1132407,1132411,1132412,1132413,1132414,1132426,1132527,1132531,1132555,1132558,1132561,1132562,1132563,1132564,1132570,1132571,1132572,1132589,1132618,1132673,1132681,1132726,1132828,1132894,1132943,1132982,1133005,1133016,1133021,1133094,1133095,1133115,1133149,1133176,1133188,1133190,1133311,1133320,1133401,1133486,1133529,1133547,1133584,1133593,1133612,1133616,1133667,1133668,1133672,1133674,1133675,1133698,1133702,1133731,1133738,1133769,1133772,1133774,1133778,1133779,1133780,1133825,1133850,1133851,1133852,1133897,1134090,1134097,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134223,1134303,1134354,1134390,1134393,1134395,1134397,1134399,1134459,1134460,1134461,1134597,1134600,1134607,1134618,1134651,1134671,1134730,1134738,1134743,1134760,1134806,1134810,1134813,1134848,1134936,1134945,1134946,1134947,1134948,1134949,1134950,1134951,1134952,1134953,1134972,1134974,1134975,1134980,1134981,1134983,1134987,1134989,1134990,1134994,1134995,1134998,1134999,1135006,1135007,1135008,1135018,1135021,1135024,1135026,1135027,1135028,1135029,1135031,1135033,1135034,1135035,1135036,1135037,1135038,1135039,1135041,1135042,1135044,1135045,1135046,1135047,1135049,1135051,1135052,1135053,1135055,1135056,1135058,1135100,1135120,1135153,1135278,1135281,1135296,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135335,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1135897,1136156,1136157,1136161,1136188,1136206,1136215,1136217,1136264,1136271,1136333,1136342,1136343,1136345,1136347,1136348,1136353,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136456,1136460,1136461,1136462,1136467,1136469,1136477,1136478,1136498,1136573,1136586,1136598,1136881,1136922,1136935,1136978,1136990,1137103,1137151,1137152,1137153,1137162,1137194,1137201,1137224,1137232,1137233,1137236,1137366,1137372,1137429,1137444,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137739,1137752,1137811,1137827,1137884,1137985,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138263,1138291,1138293,1138336,1138374,1138375,1138589,1138681,1138719,1138732,1138874,1138879,1139358,1139619,1139712,1139751,1139771,1139865,1140133,1140139,1140228,1140322,1140328,1140405,1140424,1140428,1140454,1140463,1140559,1140575,1140577,1140637,1140652,1140658,1140676,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2017-5753,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-16871,CVE-2018-16880,CVE-2018-20836,CVE-2018-20855,CVE-2018-7191,CVE-2019-10124,CVE-2019-10638,CVE-2019-10639,CVE-2019-11085,CVE-2019-11091,CVE-2019-1125,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11599,CVE-2019-11810,CVE-2019-11811,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12380,CVE-2019-12382,CVE-2019-12456,CVE-2019-12614,CVE-2019-12817,CVE-2019-12818,CVE-2019-12819,CVE-2019-13233,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284,CVE-2019-3846,CVE-2019-3882,CVE-2019-5489,CVE-2019-8564,CVE-2019-9003,CVE-2019-9500,CVE-2019-9503
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.8.1, kernel-rt_debug-4.12.14-14.8.1, kernel-source-rt-4.12.14-14.8.1, kernel-syms-rt-4.12.14-14.8.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.8.1, kernel-rt_debug-4.12.14-14.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Hannes Reinecke 2019-09-26 08:26:25 UTC

Has been released, closing.