Bug 1129179 - (CVE-2019-2024) VUL-1: CVE-2019-2024: kernel-source: media: em28xx: Fix use-after-free when disconnecting
(CVE-2019-2024)
VUL-1: CVE-2019-2024: kernel-source: media: em28xx: Fix use-after-free when d...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/225702/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-03-14 09:25 UTC by Marcus Meissner
Modified: 2019-08-28 10:11 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2019-03-14 09:25:08 UTC
CVE-2019-2024

media: em28xx: Fix use-after-free when disconnecting

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-2024
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-2024.html
Comment 1 Marcus Meissner 2019-03-14 09:26:59 UTC
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=910b0797fa9e8af09c44a3fa36cb310ba7a7218d



Author: Matthias Schwarzott <zzam@gentoo.org>
Date:   Mon Oct 30 06:07:29 2017 -0400

    media: em28xx: Fix use-after-free when disconnecting
    
    Fix bug by moving the i2c_unregister_device calls after deregistration
    of dvb frontend.
    
    The new style i2c drivers already destroys the frontend object at
    i2c_unregister_device time.
    When the dvb frontend is unregistered afterwards it leads to this oops:
Comment 2 Takashi Iwai 2019-03-14 09:34:53 UTC
It's already included in SLE15 and SLE15-SP1 branches.
SLE12-SP3 contains the fix via 4.4.167 stable.
Comment 3 Takashi Iwai 2019-03-14 10:07:17 UTC
I backported the fix to cve/linux-4.4 branch now.

3.12 and older don't seem affected by this bug since they use the old-fashioned i2c access.

Reassigned back to security team.
Comment 5 Swamp Workflow Management 2019-03-15 10:03:13 UTC
This is an autogenerated message for OBS integration:
This bug (1129179) was mentioned in
https://build.opensuse.org/request/show/685278 42.3 / kernel-source
https://build.opensuse.org/request/show/685279 15.0 / kernel-source
Comment 14 Swamp Workflow Management 2019-03-26 13:44:37 UTC
This is an autogenerated message for OBS integration:
This bug (1129179) was mentioned in
https://build.opensuse.org/request/show/688712 15.0 / kernel-source
https://build.opensuse.org/request/show/688713 42.3 / kernel-source
Comment 15 Swamp Workflow Management 2019-03-26 20:38:58 UTC
SUSE-SU-2019:0765-1: An update that solves 13 vulnerabilities and has 215 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1068032,1070995,1071995,1074562,1074578,1074701,1075006,1075419,1075748,1078355,1080039,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087084,1087092,1087939,1088133,1094555,1098382,1098425,1098995,1102055,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113769,1113939,1114279,1114585,1114893,1117108,1117155,1117645,1117947,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122159,1122192,1122292,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,807502,824948,828192,925178
CVE References: CVE-2017-5753,CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.13.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.13.1, kernel-obs-build-4.12.14-95.13.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.13.1, kernel-source-4.12.14-95.13.1, kernel-syms-4.12.14-95.13.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.13.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.13.1, kernel-source-4.12.14-95.13.1, kernel-syms-4.12.14-95.13.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 16 Swamp Workflow Management 2019-03-27 09:48:04 UTC
SUSE-SU-2019:0765-1: An update that solves 13 vulnerabilities and has 215 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1068032,1070995,1071995,1074562,1074578,1074701,1075006,1075419,1075748,1078355,1080039,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087084,1087092,1087939,1088133,1094555,1098382,1098425,1098995,1102055,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113769,1113939,1114279,1114585,1114893,1117108,1117155,1117645,1117947,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122159,1122192,1122292,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,807502,824948,828192,925178
CVE References: CVE-2017-5753,CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.13.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.13.1, kernel-obs-build-4.12.14-95.13.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.13.1, kernel-source-4.12.14-95.13.1, kernel-syms-4.12.14-95.13.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_3-1-6.7.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.13.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.13.1, kernel-source-4.12.14-95.13.1, kernel-syms-4.12.14-95.13.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 17 Swamp Workflow Management 2019-03-27 19:01:16 UTC
SUSE-SU-2019:0767-1: An update that solves 12 vulnerabilities and has 205 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1114893,1117108,1117155,1117645,1117947,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122159,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126284,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127081,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127577,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128378,1128451,1128895,1129016,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,807502,828192
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.9.1, kernel-source-azure-4.12.14-6.9.1, kernel-syms-azure-4.12.14-6.9.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 18 Swamp Workflow Management 2019-03-28 12:48:23 UTC
SUSE-SU-2019:0784-1: An update that solves 12 vulnerabilities and has 197 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1117108,1117155,1117645,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,824948
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.14.2, kernel-livepatch-SLE15_Update_9-1-1.9.3

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 19 Swamp Workflow Management 2019-03-28 12:49:30 UTC
SUSE-SU-2019:0784-1: An update that solves 12 vulnerabilities and has 197 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1117108,1117155,1117645,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,824948
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.14.2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.14.2, kernel-docs-4.12.14-150.14.1, kernel-obs-qa-4.12.14-150.14.2
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.14.2, kernel-livepatch-SLE15_Update_9-1-1.9.3
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.14.2
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.14.1, kernel-obs-build-4.12.14-150.14.2, kernel-source-4.12.14-150.14.1, kernel-syms-4.12.14-150.14.1, kernel-vanilla-4.12.14-150.14.2
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.14.2, kernel-source-4.12.14-150.14.1, kernel-zfcpdump-4.12.14-150.14.2
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.14.2

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2019-03-28 12:53:04 UTC
SUSE-SU-2019:0767-1: An update that solves 12 vulnerabilities and has 205 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1114893,1117108,1117155,1117645,1117947,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122159,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126284,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127081,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127577,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128378,1128451,1128895,1129016,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,807502,828192
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.9.1, kernel-source-azure-4.12.14-6.9.1, kernel-syms-azure-4.12.14-6.9.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2019-03-28 14:38:20 UTC
SUSE-SU-2019:0785-1: An update that solves 12 vulnerabilities and has 198 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050252,1050549,1051510,1054610,1055121,1056658,1056662,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1084216,1086095,1086282,1086301,1086313,1086314,1086323,1087082,1087092,1088133,1094555,1098382,1098425,1098995,1103429,1104353,1106105,1106434,1106811,1107078,1107665,1108101,1108870,1109695,1110096,1110705,1111666,1113042,1113712,1113722,1113939,1114279,1114585,1117108,1117155,1117645,1118338,1119019,1119086,1119766,1119843,1120008,1120318,1120601,1120758,1120854,1120902,1120909,1120955,1121317,1121726,1121789,1121805,1122019,1122192,1122324,1122554,1122662,1122764,1122779,1122822,1122885,1122927,1122944,1122971,1122982,1123060,1123061,1123161,1123317,1123348,1123357,1123456,1123538,1123697,1123882,1123933,1124055,1124204,1124235,1124579,1124589,1124728,1124732,1124735,1124969,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1124985,1125109,1125125,1125252,1125315,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127578,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129923,824948
CVE References: CVE-2018-20669,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-3819,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.24.1, kernel-source-azure-4.12.14-5.24.1, kernel-syms-azure-4.12.14-5.24.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2019-03-29 11:17:46 UTC
SUSE-SU-2019:0801-1: An update that solves two vulnerabilities and has 53 fixes is now available.

Category: security (important)
Bug References: 1012382,1020413,1065600,1070767,1075697,1082943,1087092,1090435,1102959,1103429,1106929,1109137,1109248,1119019,1119843,1120691,1120902,1121713,1121805,1124235,1125315,1125446,1126389,1126772,1126773,1126805,1127082,1127155,1127561,1127725,1127731,1127961,1128166,1128452,1128565,1128696,1128756,1128893,1129080,1129179,1129237,1129238,1129239,1129240,1129241,1129413,1129414,1129415,1129416,1129417,1129418,1129419,1129581,1129770,1129923
CVE References: CVE-2019-2024,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_24-1-4.9.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2019-03-29 11:27:12 UTC
SUSE-SU-2019:0801-1: An update that solves two vulnerabilities and has 53 fixes is now available.

Category: security (important)
Bug References: 1012382,1020413,1065600,1070767,1075697,1082943,1087092,1090435,1102959,1103429,1106929,1109137,1109248,1119019,1119843,1120691,1120902,1121713,1121805,1124235,1125315,1125446,1126389,1126772,1126773,1126805,1127082,1127155,1127561,1127725,1127731,1127961,1128166,1128452,1128565,1128696,1128756,1128893,1129080,1129179,1129237,1129238,1129239,1129240,1129241,1129413,1129414,1129415,1129416,1129417,1129418,1129419,1129581,1129770,1129923
CVE References: CVE-2019-2024,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.176-94.88.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.176-94.88.1, kernel-obs-build-4.4.176-94.88.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.176-94.88.1, kernel-source-4.4.176-94.88.1, kernel-syms-4.4.176-94.88.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_24-1-4.9.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.176-94.88.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.176-94.88.1, kernel-source-4.4.176-94.88.1, kernel-syms-4.4.176-94.88.1
SUSE CaaS Platform ALL (src):    kernel-default-4.4.176-94.88.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.176-94.88.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 25 Swamp Workflow Management 2019-03-30 11:16:38 UTC
openSUSE-SU-2019:1085-1: An update that solves two vulnerabilities and has 53 fixes is now available.

Category: security (important)
Bug References: 1012382,1020413,1065600,1070767,1075697,1082943,1087092,1090435,1102959,1103429,1106929,1109137,1109248,1119019,1119843,1120691,1120902,1121713,1121805,1124235,1125315,1125446,1126389,1126772,1126773,1126805,1127082,1127155,1127561,1127725,1127731,1127961,1128166,1128452,1128565,1128696,1128756,1128893,1129080,1129179,1129237,1129238,1129239,1129240,1129241,1129413,1129414,1129415,1129416,1129417,1129418,1129419,1129581,1129770,1129923
CVE References: CVE-2019-2024,CVE-2019-9213
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.176-96.1, kernel-default-4.4.176-96.1, kernel-docs-4.4.176-96.1, kernel-obs-build-4.4.176-96.1, kernel-obs-qa-4.4.176-96.1, kernel-source-4.4.176-96.1, kernel-syms-4.4.176-96.1, kernel-vanilla-4.4.176-96.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 26 Swamp Workflow Management 2019-04-01 13:15:14 UTC
SUSE-SU-2019:0828-1: An update that solves 6 vulnerabilities and has 21 fixes is now available.

Category: security (important)
Bug References: 1012382,1075697,1082943,1098599,1102959,1105402,1107829,1108145,1109137,1109330,1110286,1117645,1119019,1120691,1121698,1121805,1122821,1124728,1124732,1124735,1125315,1127155,1127758,1127961,1128166,1129080,1129179
CVE References: CVE-2018-14633,CVE-2019-2024,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-9213
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.104.1, kernel-source-4.4.121-92.104.1, kernel-syms-4.4.121-92.104.1, kgraft-patch-SLE12-SP2_Update_28-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.104.1, kernel-source-4.4.121-92.104.1, kernel-syms-4.4.121-92.104.1, kgraft-patch-SLE12-SP2_Update_28-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.104.1, kernel-source-4.4.121-92.104.1, kernel-syms-4.4.121-92.104.1, kgraft-patch-SLE12-SP2_Update_28-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.104.1, kernel-source-4.4.121-92.104.1, kernel-syms-4.4.121-92.104.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.104.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.104.1, kernel-source-4.4.121-92.104.1, kernel-syms-4.4.121-92.104.1, kgraft-patch-SLE12-SP2_Update_28-1-3.3.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.121-92.104.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2019-04-03 10:16:08 UTC
This is an autogenerated message for OBS integration:
This bug (1129179) was mentioned in
https://build.opensuse.org/request/show/690934 15.0 / kernel-source
Comment 30 Swamp Workflow Management 2019-04-08 13:28:18 UTC
SUSE-SU-2019:0901-1: An update that solves 8 vulnerabilities and has 102 fixes is now available.

Category: security (important)
Bug References: 1012382,1020413,1023175,1031492,1042286,1050549,1065600,1070767,1075697,1078355,1082943,1086095,1086652,1087036,1087092,1090435,1094823,1099810,1102875,1102877,1102879,1102882,1102896,1102959,1103429,1105428,1106061,1106105,1106929,1107866,1109137,1109248,1109695,1114893,1116345,1116653,1117108,1117645,1117744,1119019,1119680,1119843,1120017,1120691,1120722,1120758,1120902,1121713,1121726,1121805,1122650,1122651,1122779,1122885,1123321,1123323,1123357,1123933,1124166,1124235,1124728,1124732,1124735,1124775,1124777,1124780,1124811,1125000,1125014,1125315,1125446,1125794,1125796,1125808,1125809,1125810,1125892,1126389,1126772,1126773,1126805,1127082,1127155,1127561,1127725,1127731,1127961,1128166,1128452,1128565,1128696,1128756,1128893,1129080,1129179,1129237,1129238,1129239,1129240,1129241,1129413,1129414,1129415,1129416,1129417,1129418,1129419,1129581,1129770,1129923
CVE References: CVE-2017-18249,CVE-2019-2024,CVE-2019-3459,CVE-2019-3460,CVE-2019-6974,CVE-2019-7221,CVE-2019-7222,CVE-2019-9213
Sources used:
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-azure-4.4.176-4.25.1, kernel-source-azure-4.4.176-4.25.1, kernel-syms-azure-4.4.176-4.25.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 31 Swamp Workflow Management 2019-04-12 10:35:37 UTC
openSUSE-SU-2019:1193-1: An update that solves 6 vulnerabilities and has 171 fixes is now available.

Category: security (important)
Bug References: 1046305,1046306,1050549,1051510,1056787,1060463,1063638,1065600,1070995,1071995,1078355,1082943,1083548,1083647,1086095,1086282,1088133,1094244,1094555,1098995,1100132,1103429,1106811,1107078,1107665,1108101,1110096,1113042,1113399,1113722,1113939,1114279,1114585,1117108,1117645,1119019,1119086,1119843,1120008,1120601,1120854,1120902,1120909,1121317,1121789,1121805,1122192,1122764,1122822,1122982,1123060,1123061,1123105,1123161,1123456,1123882,1124055,1124235,1124974,1124975,1124976,1124978,1124979,1124980,1124981,1124982,1124984,1125125,1125252,1125315,1125342,1125614,1125728,1125780,1125797,1125799,1125800,1125907,1125947,1126131,1126209,1126356,1126389,1126393,1126476,1126480,1126481,1126488,1126495,1126555,1126579,1126740,1126789,1126790,1126802,1126803,1126804,1126805,1126806,1126807,1127042,1127062,1127082,1127154,1127285,1127286,1127307,1127363,1127378,1127445,1127493,1127494,1127495,1127496,1127497,1127498,1127534,1127561,1127567,1127595,1127603,1127682,1127731,1127750,1127836,1127961,1128094,1128166,1128351,1128451,1128895,1129046,1129080,1129163,1129179,1129181,1129182,1129183,1129184,1129205,1129276,1129281,1129284,1129285,1129291,1129292,1129293,1129294,1129295,1129296,1129326,1129327,1129330,1129363,1129366,1129497,1129519,1129543,1129547,1129551,1129581,1129625,1129664,1129739,1129770,1129923,1130130,1130154,1130335,1130336,1130337,1130338,1130425,1130427,1130518,1131062,824948
CVE References: CVE-2019-2024,CVE-2019-3819,CVE-2019-7308,CVE-2019-8912,CVE-2019-8980,CVE-2019-9213
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.58.1, kernel-default-4.12.14-lp150.12.58.1, kernel-docs-4.12.14-lp150.12.58.1, kernel-kvmsmall-4.12.14-lp150.12.58.1, kernel-obs-build-4.12.14-lp150.12.58.1, kernel-obs-qa-4.12.14-lp150.12.58.1, kernel-source-4.12.14-lp150.12.58.1, kernel-syms-4.12.14-lp150.12.58.1, kernel-vanilla-4.12.14-lp150.12.58.1
Comment 32 Marcus Meissner 2019-07-15 06:13:53 UTC
done