Bug 1136935 – VUL-0: CVE-2019-10126: kernel-source: Heap Overflow in mwifiex_uap_parse_tail_ies function of Marvell Wifi Driver

Bug 1136935 - (CVE-2019-10126) VUL-0: CVE-2019-10126: kernel-source: Heap Overflow in mwifiex_uap_parse_tail_ies function of Marvell Wifi Driver

(CVE-2019-10126)
Summary:	VUL-0: CVE-2019-10126: kernel-source: Heap Overflow in mwifiex_uap_parse_tail...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/234067/
Whiteboard:	CVSSv2:NVD:CVE-2019-10126:7.5:(AV:N/...
Keywords:

Depends on:
Blocks:	1137944
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2019-05-31 08:32 UTC by Alexandros Toptsoglou
Modified:	2020-05-15 16:25 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Submitted patch (3.88 KB, patch) 2019-05-31 13:30 UTC, Takashi Iwai	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexandros Toptsoglou 2019-05-31 08:32:52 UTC

Description

==========

The problem is inside mwifiex_uap_parse_tail_ies function in
drivers/net/wireless/marvell/mwifiex/ie.c. 

There are two memcpy in this function.The memcpy in while loop will be
called when element_id is not equal to WLAN_EID_SSID,WLAN_EID_SUPP_RATES
etc.

The copy dst buffer gen_ie->ie_buffer is a array with size
IEEE_MAX_IE_SIZE(256), the src buffer is element in cfg80211_beacon_data
from user space. 

There is not len check for two memcpy in this function.

 

struct mwifiex_ie {

         __le16 ie_index;

         __le16 mgmt_subtype_mask;

         __le16 ie_length;

         u8 ie_buffer[IEEE_MAX_IE_SIZE];

} __packed;

 

#define IEEE_MAX_IE_SIZE            256

 

static int mwifiex_uap_parse_tail_ies(struct mwifiex_private *priv,

                                         struct cfg80211_beacon_data *info)

{

         struct mwifiex_ie *gen_ie;

         struct ieee_types_header *hdr;

         struct ieee80211_vendor_ie *vendorhdr;

         u16 gen_idx = MWIFIEX_AUTO_IDX_MASK, ie_len = 0;

         int left_len, parsed_len = 0;

 

         if (!info->tail || !info->tail_len)

                  return 0;

 

         gen_ie = kzalloc(sizeof(*gen_ie), GFP_KERNEL);

         if (!gen_ie)

                  return -ENOMEM;

 

         left_len = info->tail_len;

 

         /* Many IEs are generated in FW by parsing bss configuration.

          * Let's not add them here; else we may end up duplicating these
IEs

          */

         while (left_len > sizeof(struct ieee_types_header)) {

                  hdr = (void *)(info->tail + parsed_len);

                  switch (hdr->element_id) {

                  case WLAN_EID_SSID:

                  case WLAN_EID_SUPP_RATES:

                  case WLAN_EID_COUNTRY:

                  case WLAN_EID_PWR_CONSTRAINT:

                  case WLAN_EID_ERP_INFO:

                  case WLAN_EID_EXT_SUPP_RATES:

                  case WLAN_EID_HT_CAPABILITY:

                  case WLAN_EID_HT_OPERATION:

                  case WLAN_EID_VHT_CAPABILITY:

                  case WLAN_EID_VHT_OPERATION:

                          break;

                  case WLAN_EID_VENDOR_SPECIFIC:

                          /* Skip only Microsoft WMM IE */

                          if (cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,

 
WLAN_OUI_TYPE_MICROSOFT_WMM,

                                                         (const u8 *)hdr,

                                                         hdr->len +
sizeof(struct ieee_types_header)))

                                   break;

                          /* fall through */

                  default:

                          memcpy(gen_ie->ie_buffer + ie_len, hdr,
//!!!!!!overflow

                                 hdr->len + sizeof(struct
ieee_types_header));

                          ie_len += hdr->len + sizeof(struct
ieee_types_header);

                          break;

                  }

                  left_len -= hdr->len + sizeof(struct ieee_types_header);

                  parsed_len += hdr->len + sizeof(struct ieee_types_header);

         }

 

         /* parse only WPA vendor IE from tail, WMM IE is configured by

          * bss_config command

          */

         vendorhdr = (void *)cfg80211_find_vendor_ie(WLAN_OUI_MICROSOFT,

 
WLAN_OUI_TYPE_MICROSOFT_WPA,

                                                         info->tail,
info->tail_len);

         if (vendorhdr) {

                  memcpy(gen_ie->ie_buffer + ie_len, vendorhdr,

                         vendorhdr->len + sizeof(struct ieee_types_header));

                  ie_len += vendorhdr->len + sizeof(struct
ieee_types_header);

         }

         .....

}

 

To trigger the bug, the poc can send a NL80211_CMD_START_AP(or
NL80211_CMD_CHANNEL_SWITCH/NL80211_CMD_SET_BEACON) command to driver.

For NL80211_CMD_START_AP command, the function mwifiex_cfg80211_start_ap
will be called,mwifiex_cfg80211_start_ap will call mwifiex_set_mgmt_ies, and
finally comes to mwifiex_uap_parse_tail_ies.

If beacon parameter is constructed with Multiple special elements (E.g.
WLAN_EID_SUPPORTED_OPERATING_CLASSES) to make memcpy called repeatedly, will
finally trigger the overflow.

Credit

==========

This issue was discovered by huangwen of ADLab of Venustech

Comment 4 Takashi Iwai 2019-05-31 13:29:41 UTC

I submitted the fix patch per request.
  https://lore.kernel.org/linux-wireless/20190531131841.7552-1-tiwai@suse.de

Comment 5 Takashi Iwai 2019-05-31 13:30:03 UTC

Created attachment 806542 [details]
Submitted patch

Comment 7 Alexandros Toptsoglou 2019-05-31 13:38:15 UTC

Is now public

Comment 8 Alexandros Toptsoglou 2019-05-31 13:39:01 UTC

No CVE has yet assigned...

Comment 11 Oliver Neukum 2019-06-04 14:11:55 UTC

The driver was added with 5e6e3a92b9a4c9416b17f468fa5c7fa2233b8b4e in v3.0
2.6.32 is not affected

Comment 12 Oliver Neukum 2019-06-04 15:00:42 UTC

This vulnerability was introduced with

commit e4f59aca0b6317cfd567f5050938fb95992109dd
Author: Avinash Patil <patila@marvell.com>
Date:   Wed Jun 3 16:59:42 2015 +0530

    mwifiex: support downloading IEs from tail

in v4.2

Comment 13 Oliver Neukum 2019-06-04 15:02:11 UTC

Patch submitted to cve/linux-4.4 and SLE15

Comment 28 Swamp Workflow Management 2019-06-17 18:08:33 UTC

This is an autogenerated message for OBS integration:
This bug (1136935) was mentioned in
https://build.opensuse.org/request/show/710395 15.1 / kernel-source
https://build.opensuse.org/request/show/710403 15.0 / kernel-source
https://build.opensuse.org/request/show/710405 42.3 / kernel-source

Comment 29 Swamp Workflow Management 2019-06-17 22:29:59 UTC

SUSE-SU-2019:1529-1: An update that solves 14 vulnerabilities and has 130 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1051510,1053043,1055186,1056787,1058115,1063638,1064802,1065600,1065729,1066129,1068546,1071995,1075020,1082387,1083647,1085535,1099658,1103992,1104353,1104427,1106011,1106284,1108193,1108838,1108937,1110946,1111696,1112063,1113722,1114427,1115688,1117158,1117561,1118139,1119843,1120091,1120423,1120566,1120843,1120902,1122776,1123454,1123663,1124503,1124839,1126356,1127616,1128052,1128904,1128979,1129138,1129273,1129497,1129693,1129770,1130579,1130699,1130972,1131326,1131451,1131488,1131565,1131673,1132044,1133176,1133188,1133190,1133320,1133612,1133616,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134354,1134393,1134459,1134460,1134461,1134537,1134597,1134651,1134671,1134760,1134806,1134810,1134813,1134848,1134936,1135006,1135007,1135008,1135056,1135100,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136206,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136477,1136478,1136573,1136586,1136881,1136935,1136990,1137151,1137152,1137153,1137162,1137372,1137444,1137586,1137739,1137752
CVE References: CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.22.1, kernel-livepatch-SLE15_Update_11-1-1.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 30 Swamp Workflow Management 2019-06-17 22:49:02 UTC

SUSE-SU-2019:1530-1: An update that solves 14 vulnerabilities and has 132 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1051510,1053043,1056787,1058115,1063638,1064802,1065600,1065729,1066129,1068546,1071995,1075020,1082387,1083647,1085535,1099658,1103992,1104353,1104427,1106011,1106284,1108838,1110946,1111696,1112063,1113722,1114427,1114893,1115688,1117158,1117561,1118139,1119843,1120091,1120423,1120566,1120843,1120902,1122776,1123454,1123663,1124503,1124839,1126356,1127616,1128052,1128904,1128905,1128979,1129138,1129497,1129693,1129770,1129848,1129857,1130409,1130699,1130972,1131451,1131488,1131565,1131673,1132044,1132894,1133176,1133188,1133190,1133320,1133612,1133616,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134354,1134393,1134459,1134460,1134461,1134537,1134591,1134597,1134607,1134651,1134671,1134760,1134806,1134810,1134813,1134848,1134936,1135006,1135007,1135008,1135056,1135100,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136206,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136477,1136478,1136573,1136586,1136881,1136935,1136990,1137151,1137152,1137153,1137162,1137372,1137444,1137586,1137739,1137752
CVE References: CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.19.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.19.1, kernel-obs-build-4.12.14-95.19.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.19.1, kernel-source-4.12.14-95.19.1, kernel-syms-4.12.14-95.19.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.19.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.19.1, kernel-source-4.12.14-95.19.1, kernel-syms-4.12.14-95.19.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 31 Swamp Workflow Management 2019-06-17 23:08:23 UTC

SUSE-SU-2019:1529-1: An update that solves 14 vulnerabilities and has 130 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1051510,1053043,1055186,1056787,1058115,1063638,1064802,1065600,1065729,1066129,1068546,1071995,1075020,1082387,1083647,1085535,1099658,1103992,1104353,1104427,1106011,1106284,1108193,1108838,1108937,1110946,1111696,1112063,1113722,1114427,1115688,1117158,1117561,1118139,1119843,1120091,1120423,1120566,1120843,1120902,1122776,1123454,1123663,1124503,1124839,1126356,1127616,1128052,1128904,1128979,1129138,1129273,1129497,1129693,1129770,1130579,1130699,1130972,1131326,1131451,1131488,1131565,1131673,1132044,1133176,1133188,1133190,1133320,1133612,1133616,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134354,1134393,1134459,1134460,1134461,1134537,1134597,1134651,1134671,1134760,1134806,1134810,1134813,1134848,1134936,1135006,1135007,1135008,1135056,1135100,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136206,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136477,1136478,1136573,1136586,1136881,1136935,1136990,1137151,1137152,1137153,1137162,1137372,1137444,1137586,1137739,1137752
CVE References: CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.22.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.22.1, kernel-docs-4.12.14-150.22.1, kernel-obs-qa-4.12.14-150.22.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.22.1, kernel-livepatch-SLE15_Update_11-1-1.5.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.22.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.22.1, kernel-obs-build-4.12.14-150.22.1, kernel-source-4.12.14-150.22.1, kernel-syms-4.12.14-150.22.1, kernel-vanilla-4.12.14-150.22.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.22.1, kernel-source-4.12.14-150.22.1, kernel-zfcpdump-4.12.14-150.22.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 32 Swamp Workflow Management 2019-06-17 23:27:56 UTC

SUSE-SU-2019:1530-1: An update that solves 14 vulnerabilities and has 132 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1051510,1053043,1056787,1058115,1063638,1064802,1065600,1065729,1066129,1068546,1071995,1075020,1082387,1083647,1085535,1099658,1103992,1104353,1104427,1106011,1106284,1108838,1110946,1111696,1112063,1113722,1114427,1114893,1115688,1117158,1117561,1118139,1119843,1120091,1120423,1120566,1120843,1120902,1122776,1123454,1123663,1124503,1124839,1126356,1127616,1128052,1128904,1128905,1128979,1129138,1129497,1129693,1129770,1129848,1129857,1130409,1130699,1130972,1131451,1131488,1131565,1131673,1132044,1132894,1133176,1133188,1133190,1133320,1133612,1133616,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134354,1134393,1134459,1134460,1134461,1134537,1134591,1134597,1134607,1134651,1134671,1134760,1134806,1134810,1134813,1134848,1134936,1135006,1135007,1135008,1135056,1135100,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136206,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136477,1136478,1136573,1136586,1136881,1136935,1136990,1137151,1137152,1137153,1137162,1137372,1137444,1137586,1137739,1137752
CVE References: CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP4 (src):    kernel-default-4.12.14-95.19.1
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    kernel-docs-4.12.14-95.19.1, kernel-obs-build-4.12.14-95.19.1
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-default-4.12.14-95.19.1, kernel-source-4.12.14-95.19.1, kernel-syms-4.12.14-95.19.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_5-1-6.3.1
SUSE Linux Enterprise High Availability 12-SP4 (src):    kernel-default-4.12.14-95.19.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    kernel-default-4.12.14-95.19.1, kernel-source-4.12.14-95.19.1, kernel-syms-4.12.14-95.19.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 33 Swamp Workflow Management 2019-06-17 23:40:35 UTC

SUSE-SU-2019:1532-1: An update that solves 13 vulnerabilities and has 73 fixes is now available.

Category: security (important)
Bug References: 1005778,1005780,1005781,1012382,1019695,1019696,1022604,1063638,1065600,1085535,1085539,1090888,1099658,1100132,1106110,1106284,1106929,1108293,1108838,1110785,1110946,1112063,1112178,1116803,1117562,1119086,1120642,1120843,1120902,1122776,1126040,1126356,1128052,1129138,1129770,1130972,1131107,1131488,1131565,1132212,1132472,1133188,1133874,1134160,1134162,1134338,1134537,1134564,1134565,1134566,1134651,1134760,1134806,1134813,1134848,1135013,1135014,1135015,1135100,1135120,1135281,1135603,1135642,1135661,1135878,1136424,1136438,1136448,1136449,1136451,1136452,1136455,1136458,1136539,1136573,1136575,1136586,1136590,1136623,1136810,1136935,1136990,1137142,1137162,1137586,843419
CVE References: CVE-2018-17972,CVE-2018-7191,CVE-2019-11190,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_26-1-4.3.3

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 34 Swamp Workflow Management 2019-06-17 23:59:01 UTC

SUSE-SU-2019:1536-1: An update that solves 13 vulnerabilities and has 132 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1051510,1053043,1056787,1058115,1063638,1064802,1065600,1065729,1066129,1068546,1071995,1075020,1082387,1083647,1085535,1099658,1103992,1104353,1104427,1106011,1106284,1108838,1110946,1111696,1112063,1113722,1114427,1114893,1115688,1117158,1117561,1118139,1119843,1120091,1120423,1120566,1120843,1120902,1122776,1123454,1123663,1124503,1124839,1126356,1127616,1128052,1128904,1128905,1128979,1129138,1129497,1129693,1129770,1129848,1129857,1130409,1130972,1131451,1131488,1131565,1131673,1132044,1132894,1133176,1133188,1133190,1133320,1133612,1133616,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134354,1134393,1134459,1134460,1134461,1134537,1134591,1134597,1134607,1134651,1134671,1134760,1134806,1134810,1134813,1134848,1134936,1135006,1135007,1135008,1135056,1135100,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136206,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136477,1136478,1136573,1136586,1136881,1136935,1136990,1137151,1137152,1137153,1137162,1137372,1137444,1137586,1137739,1137752
CVE References: CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11477,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Server 12-SP4 (src):    kernel-azure-4.12.14-6.15.2, kernel-source-azure-4.12.14-6.15.2, kernel-syms-azure-4.12.14-6.15.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 35 Swamp Workflow Management 2019-06-18 00:14:40 UTC

SUSE-SU-2019:1532-1: An update that solves 13 vulnerabilities and has 73 fixes is now available.

Category: security (important)
Bug References: 1005778,1005780,1005781,1012382,1019695,1019696,1022604,1063638,1065600,1085535,1085539,1090888,1099658,1100132,1106110,1106284,1106929,1108293,1108838,1110785,1110946,1112063,1112178,1116803,1117562,1119086,1120642,1120843,1120902,1122776,1126040,1126356,1128052,1129138,1129770,1130972,1131107,1131488,1131565,1132212,1132472,1133188,1133874,1134160,1134162,1134338,1134537,1134564,1134565,1134566,1134651,1134760,1134806,1134813,1134848,1135013,1135014,1135015,1135100,1135120,1135281,1135603,1135642,1135661,1135878,1136424,1136438,1136448,1136449,1136451,1136452,1136455,1136458,1136539,1136573,1136575,1136586,1136590,1136623,1136810,1136935,1136990,1137142,1137162,1137586,843419
CVE References: CVE-2018-17972,CVE-2018-7191,CVE-2019-11190,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.180-94.97.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.180-94.97.1, kernel-obs-build-4.4.180-94.97.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.180-94.97.1, kernel-source-4.4.180-94.97.1, kernel-syms-4.4.180-94.97.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_26-1-4.3.3
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.97.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.180-94.97.1, kernel-source-4.4.180-94.97.1, kernel-syms-4.4.180-94.97.1
SUSE CaaS Platform ALL (src):    kernel-default-4.4.180-94.97.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.180-94.97.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 36 Swamp Workflow Management 2019-06-18 00:26:35 UTC

SUSE-SU-2019:1527-1: An update that solves 14 vulnerabilities and has 81 fixes is now available.

Category: security (important)
Bug References: 1005778,1005780,1005781,1012382,1019695,1019696,1022604,1053043,1063638,1065600,1066223,1085535,1085539,1090888,1099658,1100132,1106110,1106284,1106929,1108293,1108838,1110785,1110946,1112063,1112178,1116803,1117562,1119086,1120642,1120843,1120885,1120902,1122776,1125580,1126040,1126356,1128052,1129138,1129770,1130972,1131107,1131488,1131543,1131565,1132212,1132374,1132472,1133188,1133874,1134160,1134162,1134338,1134537,1134564,1134565,1134566,1134651,1134760,1134806,1134813,1134848,1135013,1135014,1135015,1135100,1135120,1135281,1135603,1135642,1135661,1135878,1136424,1136438,1136446,1136448,1136449,1136451,1136452,1136455,1136458,1136539,1136573,1136575,1136586,1136590,1136623,1136810,1136935,1136990,1137142,1137162,1137586,1137739,1137752,843419
CVE References: CVE-2013-4343,CVE-2018-17972,CVE-2018-7191,CVE-2019-11190,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-azure-4.4.180-4.31.1, kernel-source-azure-4.4.180-4.31.1, kernel-syms-azure-4.4.180-4.31.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 37 Swamp Workflow Management 2019-06-18 00:47:37 UTC

SUSE-SU-2019:1535-1: An update that solves 14 vulnerabilities and has 131 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1051510,1053043,1055186,1056787,1058115,1061840,1063638,1064802,1065600,1065729,1066129,1068546,1071995,1075020,1082387,1083647,1085535,1099658,1103992,1104353,1104427,1106011,1106284,1108193,1108838,1108937,1110946,1111696,1112063,1113722,1114427,1115688,1117158,1117561,1118139,1119843,1120091,1120423,1120566,1120843,1120902,1122776,1123454,1123663,1124503,1124839,1126356,1127616,1128052,1128904,1128979,1129138,1129273,1129497,1129693,1129770,1130579,1130699,1130972,1131326,1131451,1131488,1131565,1131673,1132044,1133176,1133188,1133190,1133320,1133612,1133616,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134354,1134393,1134459,1134460,1134461,1134537,1134597,1134651,1134671,1134760,1134806,1134810,1134813,1134848,1134936,1135006,1135007,1135008,1135056,1135100,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136206,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136477,1136478,1136573,1136586,1136881,1136935,1136990,1137151,1137152,1137153,1137162,1137372,1137444,1137586,1137739,1137752
CVE References: CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.30.1, kernel-source-azure-4.12.14-5.30.1, kernel-syms-azure-4.12.14-5.30.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-azure-4.12.14-5.30.1, kernel-source-azure-4.12.14-5.30.1, kernel-syms-azure-4.12.14-5.30.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 38 Swamp Workflow Management 2019-06-18 00:51:37 UTC

SUSE-SU-2019:1534-1: An update that solves 12 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 1099658,1106284,1110785,1113769,1120843,1120885,1131543,1131565,1132374,1132472,1134537,1134596,1134848,1135281,1135603,1136424,1136446,1136586,1136935,1137586
CVE References: CVE-2018-17972,CVE-2018-7191,CVE-2019-11190,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-3846,CVE-2019-5489
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.114.1, kernel-source-4.4.121-92.114.1, kernel-syms-4.4.121-92.114.1, kgraft-patch-SLE12-SP2_Update_30-1-3.5.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.114.1, kernel-source-4.4.121-92.114.1, kernel-syms-4.4.121-92.114.1, kgraft-patch-SLE12-SP2_Update_30-1-3.5.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.114.1, kernel-source-4.4.121-92.114.1, kernel-syms-4.4.121-92.114.1, kgraft-patch-SLE12-SP2_Update_30-1-3.5.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.114.1, kernel-source-4.4.121-92.114.1, kernel-syms-4.4.121-92.114.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.114.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.114.1, kernel-source-4.4.121-92.114.1, kernel-syms-4.4.121-92.114.1, kgraft-patch-SLE12-SP2_Update_30-1-3.5.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.121-92.114.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 40 Swamp Workflow Management 2019-06-18 13:22:39 UTC

openSUSE-SU-2019:1570-1: An update that solves 15 vulnerabilities and has 62 fixes is now available.

Category: security (important)
Bug References: 1005778,1005780,1005781,1012382,1019695,1019696,1022604,1053043,1063638,1065600,1066223,1085535,1085539,1090888,1099658,1100132,1106110,1106284,1106929,1108838,1109137,1112178,1117562,1119086,1120642,1120843,1120902,1125580,1126356,1127155,1128052,1129770,1131107,1131543,1131565,1132374,1132472,1133190,1133874,1134338,1134806,1134813,1135120,1135281,1135603,1135642,1135661,1135878,1136424,1136438,1136448,1136449,1136451,1136452,1136455,1136458,1136539,1136573,1136575,1136586,1136590,1136598,1136623,1136810,1136922,1136935,1136990,1136993,1137142,1137162,1137586,1137739,1137752,1137915,1138291,1138293,1138374
CVE References: CVE-2018-7191,CVE-2019-11190,CVE-2019-11191,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11487,CVE-2019-11833,CVE-2019-12380,CVE-2019-12382,CVE-2019-12456,CVE-2019-12818,CVE-2019-12819,CVE-2019-3846,CVE-2019-5489
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.180-102.1, kernel-default-4.4.180-102.1, kernel-docs-4.4.180-102.1, kernel-obs-build-4.4.180-102.1, kernel-obs-qa-4.4.180-102.1, kernel-source-4.4.180-102.1, kernel-syms-4.4.180-102.1, kernel-vanilla-4.4.180-102.1

Comment 41 Swamp Workflow Management 2019-06-18 16:31:49 UTC

openSUSE-SU-2019:1571-1: An update that solves 11 vulnerabilities and has 167 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1051510,1053043,1056787,1058115,1061840,1064802,1065600,1065729,1066129,1068546,1071995,1075020,1082387,1083647,1085535,1093389,1099658,1103992,1104353,1104427,1111666,1111696,1113722,1115688,1117114,1117158,1117561,1118139,1120091,1120423,1120566,1120902,1124503,1126206,1126356,1127616,1128432,1130699,1131673,1133190,1133612,1133616,1134090,1134671,1134730,1134738,1134743,1134806,1134936,1134945,1134946,1134947,1134948,1134949,1134950,1134951,1134952,1134953,1134972,1134974,1134975,1134980,1134981,1134983,1134987,1134989,1134990,1134994,1134995,1134998,1134999,1135018,1135021,1135024,1135026,1135027,1135028,1135029,1135031,1135033,1135034,1135035,1135036,1135037,1135038,1135039,1135041,1135042,1135044,1135045,1135046,1135047,1135049,1135051,1135052,1135053,1135055,1135056,1135058,1135153,1135542,1135556,1135642,1135661,1136188,1136206,1136215,1136345,1136347,1136348,1136353,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136456,1136460,1136461,1136469,1136477,1136478,1136498,1136573,1136586,1136598,1136881,1136922,1136935,1136978,1136990,1137151,1137152,1137153,1137162,1137201,1137224,1137232,1137233,1137236,1137372,1137429,1137444,1137586,1137739,1137752,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138336,1138374,1138375
CVE References: CVE-2019-10124,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11487,CVE-2019-12380,CVE-2019-12382,CVE-2019-12456,CVE-2019-12818,CVE-2019-12819,CVE-2019-3846
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.7.1, kernel-default-4.12.14-lp151.28.7.1, kernel-docs-4.12.14-lp151.28.7.1, kernel-kvmsmall-4.12.14-lp151.28.7.1, kernel-obs-build-4.12.14-lp151.28.7.1, kernel-obs-qa-4.12.14-lp151.28.7.1, kernel-source-4.12.14-lp151.28.7.1, kernel-syms-4.12.14-lp151.28.7.1, kernel-vanilla-4.12.14-lp151.28.7.1

Comment 42 Swamp Workflow Management 2019-06-18 19:53:36 UTC

SUSE-SU-2019:1550-1: An update that solves 28 vulnerabilities and has 318 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1050549,1051510,1052904,1053043,1055117,1055121,1055186,1056787,1058115,1061840,1063638,1064802,1065600,1065729,1066129,1068546,1070872,1071995,1075020,1082387,1082555,1083647,1085535,1085536,1086657,1088804,1093389,1097583,1097584,1097585,1097586,1097587,1097588,1099658,1103186,1103259,1103992,1104353,1104427,1106011,1106284,1108193,1108838,1108937,1110946,1111331,1111666,1111696,1112063,1112128,1112178,1113722,1113956,1114279,1114427,1114542,1114638,1115688,1117114,1117158,1117561,1118139,1119680,1119843,1120091,1120318,1120423,1120566,1120843,1120902,1122767,1122776,1123454,1123663,1124503,1124839,1126206,1126356,1126704,1127175,1127371,1127374,1127616,1128052,1128415,1128544,1128904,1128971,1128979,1129138,1129273,1129497,1129693,1129770,1129845,1130195,1130425,1130527,1130567,1130579,1130699,1130937,1130972,1131326,1131427,1131438,1131451,1131467,1131488,1131530,1131565,1131574,1131587,1131659,1131673,1131847,1131848,1131851,1131900,1131934,1131935,1132044,1132219,1132226,1132227,1132365,1132368,1132369,1132370,1132372,1132373,1132384,1132397,1132402,1132403,1132404,1132405,1132407,1132411,1132412,1132413,1132414,1132426,1132527,1132531,1132555,1132558,1132561,1132562,1132563,1132564,1132570,1132571,1132572,1132589,1132618,1132673,1132681,1132726,1132828,1132894,1132943,1132982,1133005,1133016,1133094,1133095,1133115,1133149,1133176,1133188,1133190,1133320,1133486,1133529,1133547,1133584,1133593,1133612,1133616,1133667,1133668,1133672,1133674,1133675,1133698,1133702,1133731,1133769,1133772,1133774,1133778,1133779,1133780,1133825,1133850,1133851,1133852,1133897,1134090,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134223,1134354,1134393,1134397,1134459,1134460,1134461,1134597,1134600,1134607,1134618,1134651,1134671,1134760,1134806,1134810,1134813,1134848,1134936,1134945,1134946,1134947,1134948,1134949,1134950,1134951,1134952,1134953,1134972,1134974,1134975,1134980,1134981,1134983,1134987,1134989,1134990,1134994,1134995,1134998,1134999,1135006,1135007,1135008,1135018,1135021,1135024,1135026,1135027,1135028,1135029,1135031,1135033,1135034,1135035,1135036,1135037,1135038,1135039,1135041,1135042,1135044,1135045,1135046,1135047,1135049,1135051,1135052,1135053,1135055,1135056,1135058,1135100,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136188,1136206,1136215,1136345,1136347,1136348,1136353,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136456,1136460,1136461,1136469,1136477,1136478,1136498,1136573,1136586,1136881,1136935,1136990,1137151,1137152,1137153,1137162,1137201,1137224,1137232,1137233,1137236,1137372,1137429,1137444,1137586,1137739,1137752,1138291,1138293
CVE References: CVE-2017-5753,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-16880,CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11091,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11811,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-12818,CVE-2019-12819,CVE-2019-3846,CVE-2019-3882,CVE-2019-5489,CVE-2019-8564,CVE-2019-9003,CVE-2019-9500,CVE-2019-9503
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.4.1, kernel-livepatch-SLE15-SP1_Update_1-1-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 43 Swamp Workflow Management 2019-06-18 22:23:52 UTC

openSUSE-SU-2019:1579-1: An update that solves 15 vulnerabilities and has 115 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1051510,1053043,1056787,1058115,1061840,1063638,1064802,1065600,1065729,1066129,1068546,1071995,1075020,1082387,1083647,1085535,1099658,1103992,1104353,1104427,1106284,1108838,1111696,1113722,1114427,1115688,1117158,1117561,1118139,1120091,1120423,1120566,1120843,1120902,1123454,1123663,1124503,1126356,1127616,1128052,1128432,1128904,1129693,1129770,1130699,1131565,1131673,1133190,1133320,1133612,1133616,1134597,1134671,1134806,1134936,1135056,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136206,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136477,1136478,1136573,1136586,1136598,1136881,1136922,1136935,1136990,1137151,1137152,1137153,1137162,1137372,1137429,1137444,1137586,1137739,1137752,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375
CVE References: CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11487,CVE-2019-11833,CVE-2019-12380,CVE-2019-12382,CVE-2019-12456,CVE-2019-12818,CVE-2019-12819,CVE-2019-3846,CVE-2019-5489
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.64.1, kernel-default-4.12.14-lp150.12.64.1, kernel-docs-4.12.14-lp150.12.64.1, kernel-kvmsmall-4.12.14-lp150.12.64.1, kernel-obs-build-4.12.14-lp150.12.64.1, kernel-obs-qa-4.12.14-lp150.12.64.1, kernel-source-4.12.14-lp150.12.64.1, kernel-syms-4.12.14-lp150.12.64.1, kernel-vanilla-4.12.14-lp150.12.64.1

Comment 44 Swamp Workflow Management 2019-06-18 23:09:09 UTC

SUSE-SU-2019:1550-1: An update that solves 28 vulnerabilities and has 318 fixes is now available.

Category: security (important)
Bug References: 1012382,1050242,1050549,1051510,1052904,1053043,1055117,1055121,1055186,1056787,1058115,1061840,1063638,1064802,1065600,1065729,1066129,1068546,1070872,1071995,1075020,1082387,1082555,1083647,1085535,1085536,1086657,1088804,1093389,1097583,1097584,1097585,1097586,1097587,1097588,1099658,1103186,1103259,1103992,1104353,1104427,1106011,1106284,1108193,1108838,1108937,1110946,1111331,1111666,1111696,1112063,1112128,1112178,1113722,1113956,1114279,1114427,1114542,1114638,1115688,1117114,1117158,1117561,1118139,1119680,1119843,1120091,1120318,1120423,1120566,1120843,1120902,1122767,1122776,1123454,1123663,1124503,1124839,1126206,1126356,1126704,1127175,1127371,1127374,1127616,1128052,1128415,1128544,1128904,1128971,1128979,1129138,1129273,1129497,1129693,1129770,1129845,1130195,1130425,1130527,1130567,1130579,1130699,1130937,1130972,1131326,1131427,1131438,1131451,1131467,1131488,1131530,1131565,1131574,1131587,1131659,1131673,1131847,1131848,1131851,1131900,1131934,1131935,1132044,1132219,1132226,1132227,1132365,1132368,1132369,1132370,1132372,1132373,1132384,1132397,1132402,1132403,1132404,1132405,1132407,1132411,1132412,1132413,1132414,1132426,1132527,1132531,1132555,1132558,1132561,1132562,1132563,1132564,1132570,1132571,1132572,1132589,1132618,1132673,1132681,1132726,1132828,1132894,1132943,1132982,1133005,1133016,1133094,1133095,1133115,1133149,1133176,1133188,1133190,1133320,1133486,1133529,1133547,1133584,1133593,1133612,1133616,1133667,1133668,1133672,1133674,1133675,1133698,1133702,1133731,1133769,1133772,1133774,1133778,1133779,1133780,1133825,1133850,1133851,1133852,1133897,1134090,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134223,1134354,1134393,1134397,1134459,1134460,1134461,1134597,1134600,1134607,1134618,1134651,1134671,1134760,1134806,1134810,1134813,1134848,1134936,1134945,1134946,1134947,1134948,1134949,1134950,1134951,1134952,1134953,1134972,1134974,1134975,1134980,1134981,1134983,1134987,1134989,1134990,1134994,1134995,1134998,1134999,1135006,1135007,1135008,1135018,1135021,1135024,1135026,1135027,1135028,1135029,1135031,1135033,1135034,1135035,1135036,1135037,1135038,1135039,1135041,1135042,1135044,1135045,1135046,1135047,1135049,1135051,1135052,1135053,1135055,1135056,1135058,1135100,1135120,1135278,1135281,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1136188,1136206,1136215,1136345,1136347,1136348,1136353,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136456,1136460,1136461,1136469,1136477,1136478,1136498,1136573,1136586,1136881,1136935,1136990,1137151,1137152,1137153,1137162,1137201,1137224,1137232,1137233,1137236,1137372,1137429,1137444,1137586,1137739,1137752,1138291,1138293
CVE References: CVE-2017-5753,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-16880,CVE-2018-7191,CVE-2019-10124,CVE-2019-11085,CVE-2019-11091,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11811,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12382,CVE-2019-12818,CVE-2019-12819,CVE-2019-3846,CVE-2019-3882,CVE-2019-5489,CVE-2019-8564,CVE-2019-9003,CVE-2019-9500,CVE-2019-9503
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.4.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.4.1, kernel-debug-4.12.14-197.4.1, kernel-default-4.12.14-197.4.1, kernel-docs-4.12.14-197.4.1, kernel-kvmsmall-4.12.14-197.4.1, kernel-obs-qa-4.12.14-197.4.1, kernel-source-4.12.14-197.4.1, kernel-vanilla-4.12.14-197.4.1, kernel-zfcpdump-4.12.14-197.4.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.4.1, kernel-livepatch-SLE15-SP1_Update_1-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.4.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.4.1, kernel-obs-build-4.12.14-197.4.1, kernel-source-4.12.14-197.4.1, kernel-syms-4.12.14-197.4.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.4.1, kernel-source-4.12.14-197.4.1, kernel-zfcpdump-4.12.14-197.4.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.4.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 45 Swamp Workflow Management 2019-06-20 22:11:47 UTC

SUSE-SU-2019:1588-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1133191,1136446,1136935,1137597
CVE References: CVE-2019-11477,CVE-2019-11478,CVE-2019-11487,CVE-2019-3846
Sources used:
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-livepatch-SLE15-SP1_Update_0-2-4.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-livepatch-SLE15_Update_10-2-2.1, kernel-livepatch-SLE15_Update_9-2-2.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 46 Swamp Workflow Management 2019-06-20 22:14:46 UTC

SUSE-SU-2019:1581-1: An update that fixes 5 vulnerabilities is now available.

Category: security (important)
Bug References: 1133191,1135280,1136446,1136935,1137597
CVE References: CVE-2019-11085,CVE-2019-11477,CVE-2019-11478,CVE-2019-11487,CVE-2019-3846
Sources used:
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-livepatch-SLE15_Update_1-10-2.1, kernel-livepatch-SLE15_Update_2-9-2.1, kernel-livepatch-SLE15_Update_3-7-2.1, kernel-livepatch-SLE15_Update_4-6-2.1, kernel-livepatch-SLE15_Update_5-6-2.1, kernel-livepatch-SLE15_Update_6-5-2.1, kernel-livepatch-SLE15_Update_7-4-2.1, kernel-livepatch-SLE15_Update_8-3-2.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 47 Swamp Workflow Management 2019-06-21 19:13:48 UTC

SUSE-SU-2019:1671-1: An update that fixes four vulnerabilities is now available.

Category: security (important)
Bug References: 1133191,1136446,1136935,1137597
CVE References: CVE-2019-11477,CVE-2019-11478,CVE-2019-11487,CVE-2019-3846
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kgraft-patch-SLE12-SP2_Update_23-9-2.1, kgraft-patch-SLE12-SP2_Update_24-7-2.1, kgraft-patch-SLE12-SP2_Update_25-6-2.1, kgraft-patch-SLE12-SP2_Update_26-5-2.1, kgraft-patch-SLE12-SP2_Update_27-3-2.1, kgraft-patch-SLE12-SP2_Update_28-3-2.1, kgraft-patch-SLE12-SP2_Update_29-3-2.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kgraft-patch-SLE12-SP2_Update_23-9-2.1, kgraft-patch-SLE12-SP2_Update_24-7-2.1, kgraft-patch-SLE12-SP2_Update_25-6-2.1, kgraft-patch-SLE12-SP2_Update_26-5-2.1, kgraft-patch-SLE12-SP2_Update_27-3-2.1, kgraft-patch-SLE12-SP2_Update_28-3-2.1, kgraft-patch-SLE12-SP2_Update_29-3-2.1
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_3-2-2.1, kgraft-patch-SLE12-SP4_Update_4-2-2.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_14-9-2.1, kgraft-patch-SLE12-SP3_Update_15-9-2.1, kgraft-patch-SLE12-SP3_Update_16-6-2.1, kgraft-patch-SLE12-SP3_Update_17-6-2.1, kgraft-patch-SLE12-SP3_Update_18-6-2.1, kgraft-patch-SLE12-SP3_Update_19-6-2.1, kgraft-patch-SLE12-SP3_Update_20-5-2.1, kgraft-patch-SLE12-SP3_Update_21-4-2.1, kgraft-patch-SLE12-SP3_Update_22-4-2.1, kgraft-patch-SLE12-SP3_Update_23-3-2.1, kgraft-patch-SLE12-SP3_Update_24-2-2.1, kgraft-patch-SLE12-SP3_Update_25-2-2.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 48 Swamp Workflow Management 2019-06-21 19:17:34 UTC

SUSE-SU-2019:1674-1: An update that fixes 5 vulnerabilities is now available.

Category: security (important)
Bug References: 1133191,1135280,1136446,1136935,1137597
CVE References: CVE-2019-11085,CVE-2019-11477,CVE-2019-11478,CVE-2019-11487,CVE-2019-3846
Sources used:
SUSE Linux Enterprise Live Patching 12-SP4 (src):    kgraft-patch-SLE12-SP4_Update_0-5-2.13.1, kgraft-patch-SLE12-SP4_Update_1-4-2.1, kgraft-patch-SLE12-SP4_Update_2-3-2.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 49 Oliver Neukum 2019-06-24 09:41:46 UTC

(In reply to Alexandros Toptsoglou from comment #8)
> No CVE has yet assigned...

Will we get a CVE?

Comment 50 Alexandros Toptsoglou 2019-06-24 09:52:22 UTC

(In reply to Oliver Neukum from comment #49)
> (In reply to Alexandros Toptsoglou from comment #8)
> > No CVE has yet assigned...
> 
> Will we get a CVE?

Should be CVE-2019-10126

Comment 56 Swamp Workflow Management 2019-07-09 13:33:08 UTC

This is an autogenerated message for OBS integration:
This bug (1136935) was mentioned in
https://build.opensuse.org/request/show/714223 15.0 / kernel-source

Comment 60 Swamp Workflow Management 2019-07-12 10:16:43 UTC

SUSE-SU-2019:1823-1: An update that solves 11 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1096254,1108382,1109137,1127155,1133190,1133738,1134395,1134701,1136922,1136935,1137194,1138291,1140575
CVE References: CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11487,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.117.1, kernel-source-4.4.121-92.117.1, kernel-syms-4.4.121-92.117.1, kgraft-patch-SLE12-SP2_Update_31-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.117.1, kernel-source-4.4.121-92.117.1, kernel-syms-4.4.121-92.117.1, kgraft-patch-SLE12-SP2_Update_31-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.117.1, kernel-source-4.4.121-92.117.1, kernel-syms-4.4.121-92.117.1, kgraft-patch-SLE12-SP2_Update_31-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.117.1, kernel-source-4.4.121-92.117.1, kernel-syms-4.4.121-92.117.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.117.1, kernel-source-4.4.121-92.117.1, kernel-syms-4.4.121-92.117.1, kgraft-patch-SLE12-SP2_Update_31-1-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 61 Swamp Workflow Management 2019-07-12 16:17:37 UTC

SUSE-SU-2019:1829-1: An update that solves 11 vulnerabilities and has 71 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128432,1128902,1128910,1131645,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136598,1136922,1136935,1137103,1137194,1137429,1137625,1137728,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise Module for Public Cloud 15 (src):    kernel-azure-4.12.14-5.33.1, kernel-source-azure-4.12.14-5.33.1, kernel-syms-azure-4.12.14-5.33.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-azure-4.12.14-5.33.1, kernel-source-azure-4.12.14-5.33.1, kernel-syms-azure-4.12.14-5.33.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 63 Swamp Workflow Management 2019-07-15 10:13:14 UTC

SUSE-SU-2019:1823-2: An update that solves 11 vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1096254,1108382,1109137,1127155,1133190,1133738,1134395,1134701,1136922,1136935,1137194,1138291,1140575
CVE References: CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11487,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.117.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 64 Swamp Workflow Management 2019-07-15 10:14:15 UTC

This is an autogenerated message for OBS integration:
This bug (1136935) was mentioned in
https://build.opensuse.org/request/show/715440 15.1 / kernel-source

Comment 66 Swamp Workflow Management 2019-07-15 19:15:35 UTC

SUSE-SU-2019:1854-1: An update that solves 6 vulnerabilities and has 69 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1088047,1098633,1103990,1103991,1103992,1106383,1109837,1111666,1112374,1114685,1119113,1119532,1120423,1125703,1128902,1130836,1131645,1132390,1133401,1133738,1134303,1134395,1135556,1135642,1135897,1136161,1136264,1136343,1136935,1137625,1137728,1138879,1139712,1139751,1139771,1139865,1140133,1140228,1140328,1140405,1140424,1140428,1140454,1140463,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992
CVE References: CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11599,CVE-2019-13233
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.10.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.10.1, kernel-debug-4.12.14-197.10.1, kernel-default-4.12.14-197.10.1, kernel-docs-4.12.14-197.10.1, kernel-kvmsmall-4.12.14-197.10.1, kernel-obs-qa-4.12.14-197.10.1, kernel-source-4.12.14-197.10.1, kernel-vanilla-4.12.14-197.10.1, kernel-zfcpdump-4.12.14-197.10.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.10.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.10.1, kernel-obs-build-4.12.14-197.10.1, kernel-source-4.12.14-197.10.1, kernel-syms-4.12.14-197.10.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.10.1, kernel-source-4.12.14-197.10.1, kernel-zfcpdump-4.12.14-197.10.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 67 Swamp Workflow Management 2019-07-15 19:25:52 UTC

SUSE-SU-2019:1855-1: An update that solves 12 vulnerabilities and has 73 fixes is now available.

Category: security (important)
Bug References: 1051510,1061840,1065600,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128432,1128902,1128910,1131645,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136598,1136922,1136935,1137103,1137194,1137429,1137625,1137728,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139751,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11478,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.27.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.27.1, kernel-docs-4.12.14-150.27.1, kernel-obs-qa-4.12.14-150.27.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.27.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.27.1, kernel-obs-build-4.12.14-150.27.1, kernel-source-4.12.14-150.27.1, kernel-syms-4.12.14-150.27.1, kernel-vanilla-4.12.14-150.27.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.27.1, kernel-source-4.12.14-150.27.1, kernel-zfcpdump-4.12.14-150.27.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.27.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 68 Swamp Workflow Management 2019-07-15 19:36:39 UTC

SUSE-SU-2019:1854-1: An update that solves 6 vulnerabilities and has 69 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1088047,1098633,1103990,1103991,1103992,1106383,1109837,1111666,1112374,1114685,1119113,1119532,1120423,1125703,1128902,1130836,1131645,1132390,1133401,1133738,1134303,1134395,1135556,1135642,1135897,1136161,1136264,1136343,1136935,1137625,1137728,1138879,1139712,1139751,1139771,1139865,1140133,1140228,1140328,1140405,1140424,1140428,1140454,1140463,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992
CVE References: CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11599,CVE-2019-13233
Sources used:
SUSE Linux Enterprise Workstation Extension 15-SP1 (src):    kernel-default-4.12.14-197.10.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    dtb-aarch64-4.12.14-197.10.1, kernel-debug-4.12.14-197.10.1, kernel-default-4.12.14-197.10.1, kernel-docs-4.12.14-197.10.1, kernel-kvmsmall-4.12.14-197.10.1, kernel-obs-qa-4.12.14-197.10.1, kernel-source-4.12.14-197.10.1, kernel-vanilla-4.12.14-197.10.1, kernel-zfcpdump-4.12.14-197.10.1
SUSE Linux Enterprise Module for Live Patching 15-SP1 (src):    kernel-default-4.12.14-197.10.1, kernel-livepatch-SLE15-SP1_Update_3-1-3.3.1
SUSE Linux Enterprise Module for Legacy Software 15-SP1 (src):    kernel-default-4.12.14-197.10.1
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    kernel-docs-4.12.14-197.10.1, kernel-obs-build-4.12.14-197.10.1, kernel-source-4.12.14-197.10.1, kernel-syms-4.12.14-197.10.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    kernel-default-4.12.14-197.10.1, kernel-source-4.12.14-197.10.1, kernel-zfcpdump-4.12.14-197.10.1
SUSE Linux Enterprise High Availability 15-SP1 (src):    kernel-default-4.12.14-197.10.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 69 Swamp Workflow Management 2019-07-15 19:58:33 UTC

SUSE-SU-2019:1855-1: An update that solves 12 vulnerabilities and has 73 fixes is now available.

Category: security (important)
Bug References: 1051510,1061840,1065600,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128432,1128902,1128910,1131645,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136598,1136922,1136935,1137103,1137194,1137429,1137625,1137728,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139751,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11478,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-150.27.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src):    kernel-default-4.12.14-150.27.1, kernel-docs-4.12.14-150.27.1, kernel-obs-qa-4.12.14-150.27.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-150.27.1, kernel-livepatch-SLE15_Update_12-1-1.5.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-150.27.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-150.27.1, kernel-obs-build-4.12.14-150.27.1, kernel-source-4.12.14-150.27.1, kernel-syms-4.12.14-150.27.1, kernel-vanilla-4.12.14-150.27.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-150.27.1, kernel-source-4.12.14-150.27.1, kernel-zfcpdump-4.12.14-150.27.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-150.27.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 70 Swamp Workflow Management 2019-07-15 20:09:29 UTC

SUSE-SU-2019:1852-1: An update that solves 11 vulnerabilities and has 29 fixes is now available.

Category: security (important)
Bug References: 1053043,1066223,1094555,1108382,1109137,1111188,1119086,1120902,1121263,1125580,1126961,1127155,1129770,1131335,1131336,1131645,1132390,1133140,1133190,1133191,1133738,1134395,1135642,1136598,1136889,1136922,1136935,1137004,1137194,1137739,1137749,1137752,1137915,1138291,1138293,1138374,1138681,1139751,1140575,1140577
CVE References: CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11487,CVE-2019-11599,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819
Sources used:
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.100.1, kernel-source-4.4.180-94.100.1, kernel-syms-4.4.180-94.100.1, kgraft-patch-SLE12-SP3_Update_27-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.100.1, kernel-source-4.4.180-94.100.1, kernel-syms-4.4.180-94.100.1, kgraft-patch-SLE12-SP3_Update_27-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.100.1, kernel-source-4.4.180-94.100.1, kernel-syms-4.4.180-94.100.1, kgraft-patch-SLE12-SP3_Update_27-1-4.3.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.100.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.100.1, kernel-source-4.4.180-94.100.1, kernel-syms-4.4.180-94.100.1, kgraft-patch-SLE12-SP3_Update_27-1-4.3.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.180-94.100.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 71 Swamp Workflow Management 2019-07-19 10:19:35 UTC

openSUSE-SU-2019:1716-1: An update that solves 7 vulnerabilities and has 45 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1088047,1094555,1098633,1106383,1106751,1109137,1114279,1119532,1120423,1124167,1127155,1128902,1128910,1131645,1132154,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1136157,1136935,1137103,1137194,1137625,1137728,1137884,1138589,1138719,1139771,1139782,1139865,1140133,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11599,CVE-2019-12614
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.67.1, kernel-default-4.12.14-lp150.12.67.1, kernel-docs-4.12.14-lp150.12.67.1, kernel-kvmsmall-4.12.14-lp150.12.67.1, kernel-obs-build-4.12.14-lp150.12.67.1, kernel-obs-qa-4.12.14-lp150.12.67.1, kernel-source-4.12.14-lp150.12.67.1, kernel-syms-4.12.14-lp150.12.67.1, kernel-vanilla-4.12.14-lp150.12.67.1

Comment 72 Swamp Workflow Management 2019-07-20 10:20:43 UTC

openSUSE-SU-2019:1757-1: An update that solves 9 vulnerabilities and has 82 fixes is now available.

Category: security (important)
Bug References: 1051510,1071995,1088047,1094555,1098633,1103990,1103991,1103992,1106383,1109837,1111666,1112374,1114279,1114685,1119113,1119532,1120423,1125703,1128902,1130836,1132390,1133401,1133738,1134303,1134395,1135296,1135556,1135642,1135897,1136156,1136157,1136161,1136264,1136271,1136333,1136343,1136462,1136935,1137103,1137194,1137366,1137625,1137728,1137884,1137985,1138263,1138589,1138681,1138719,1138732,1138879,1139712,1139771,1139865,1140133,1140228,1140328,1140405,1140424,1140428,1140454,1140463,1140575,1140577,1140637,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-11599,CVE-2019-12614,CVE-2019-12817,CVE-2019-13233
Sources used:
openSUSE Leap 15.1 (src):    kernel-debug-4.12.14-lp151.28.10.1, kernel-default-4.12.14-lp151.28.10.1, kernel-docs-4.12.14-lp151.28.10.1, kernel-kvmsmall-4.12.14-lp151.28.10.1, kernel-obs-build-4.12.14-lp151.28.10.1, kernel-obs-qa-4.12.14-lp151.28.10.1, kernel-source-4.12.14-lp151.28.10.1, kernel-syms-4.12.14-lp151.28.10.1, kernel-vanilla-4.12.14-lp151.28.10.1

Comment 78 Swamp Workflow Management 2019-09-23 14:08:18 UTC

SUSE-SU-2019:2430-1: An update that solves 45 vulnerabilities and has 474 fixes is now available.

Category: security (important)
Bug References: 1050242,1050549,1051510,1052904,1053043,1055117,1055121,1055186,1056787,1058115,1061840,1064802,1065600,1065729,1066129,1070872,1071995,1075020,1082387,1082555,1083647,1083710,1085535,1085536,1088047,1088804,1093389,1094555,1096003,1098633,1099658,1102247,1103186,1103259,1103990,1103991,1103992,1104745,1106011,1106284,1106383,1106751,1108193,1108838,1108937,1109837,1110946,1111331,1111666,1111696,1112063,1112128,1112178,1112374,1113722,1113956,1114279,1114427,1114542,1114638,1114685,1115688,1117114,1117158,1117561,1118139,1119113,1119222,1119532,1119680,1120091,1120318,1120423,1120566,1120843,1120902,1122767,1122776,1123080,1123454,1123663,1124503,1124839,1125703,1126206,1126356,1126704,1127034,1127175,1127315,1127371,1127374,1127611,1127616,1128052,1128415,1128432,1128544,1128902,1128904,1128971,1128979,1129138,1129273,1129693,1129770,1129845,1130195,1130425,1130527,1130567,1130579,1130699,1130836,1130937,1130972,1131326,1131427,1131438,1131451,1131467,1131488,1131530,1131565,1131574,1131587,1131645,1131659,1131673,1131847,1131848,1131851,1131900,1131934,1131935,1132044,1132219,1132226,1132227,1132365,1132368,1132369,1132370,1132372,1132373,1132384,1132390,1132397,1132402,1132403,1132404,1132405,1132407,1132411,1132412,1132413,1132414,1132426,1132527,1132531,1132555,1132558,1132561,1132562,1132563,1132564,1132570,1132571,1132572,1132589,1132618,1132673,1132681,1132726,1132828,1132894,1132943,1132982,1133005,1133016,1133021,1133094,1133095,1133115,1133149,1133176,1133188,1133190,1133311,1133320,1133401,1133486,1133529,1133547,1133584,1133593,1133612,1133616,1133667,1133668,1133672,1133674,1133675,1133698,1133702,1133731,1133738,1133769,1133772,1133774,1133778,1133779,1133780,1133825,1133850,1133851,1133852,1133897,1134090,1134097,1134160,1134162,1134199,1134200,1134201,1134202,1134203,1134204,1134205,1134223,1134303,1134354,1134390,1134393,1134395,1134397,1134399,1134459,1134460,1134461,1134597,1134600,1134607,1134618,1134651,1134671,1134730,1134738,1134743,1134760,1134806,1134810,1134813,1134848,1134936,1134945,1134946,1134947,1134948,1134949,1134950,1134951,1134952,1134953,1134972,1134974,1134975,1134980,1134981,1134983,1134987,1134989,1134990,1134994,1134995,1134998,1134999,1135006,1135007,1135008,1135018,1135021,1135024,1135026,1135027,1135028,1135029,1135031,1135033,1135034,1135035,1135036,1135037,1135038,1135039,1135041,1135042,1135044,1135045,1135046,1135047,1135049,1135051,1135052,1135053,1135055,1135056,1135058,1135100,1135120,1135153,1135278,1135281,1135296,1135309,1135312,1135314,1135315,1135316,1135320,1135323,1135330,1135335,1135492,1135542,1135556,1135603,1135642,1135661,1135758,1135897,1136156,1136157,1136161,1136188,1136206,1136215,1136217,1136264,1136271,1136333,1136342,1136343,1136345,1136347,1136348,1136353,1136424,1136428,1136430,1136432,1136434,1136435,1136438,1136439,1136456,1136460,1136461,1136462,1136467,1136469,1136477,1136478,1136498,1136573,1136586,1136598,1136881,1136922,1136935,1136978,1136990,1137103,1137151,1137152,1137153,1137162,1137194,1137201,1137224,1137232,1137233,1137236,1137366,1137372,1137429,1137444,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137739,1137752,1137811,1137827,1137884,1137985,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138263,1138291,1138293,1138336,1138374,1138375,1138589,1138681,1138719,1138732,1138874,1138879,1139358,1139619,1139712,1139751,1139771,1139865,1140133,1140139,1140228,1140322,1140328,1140405,1140424,1140428,1140454,1140463,1140559,1140575,1140577,1140637,1140652,1140658,1140676,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141312,1141401,1141402,1141452,1141453,1141454,1141478,1141558,1142023,1142052,1142083,1142112,1142115,1142119,1142220,1142221,1142254,1142350,1142351,1142354,1142359,1142450,1142623,1142673,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143209,1143507
CVE References: CVE-2017-5753,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-16871,CVE-2018-16880,CVE-2018-20836,CVE-2018-20855,CVE-2018-7191,CVE-2019-10124,CVE-2019-10638,CVE-2019-10639,CVE-2019-11085,CVE-2019-11091,CVE-2019-1125,CVE-2019-11477,CVE-2019-11478,CVE-2019-11479,CVE-2019-11486,CVE-2019-11487,CVE-2019-11599,CVE-2019-11810,CVE-2019-11811,CVE-2019-11815,CVE-2019-11833,CVE-2019-11884,CVE-2019-12380,CVE-2019-12382,CVE-2019-12456,CVE-2019-12614,CVE-2019-12817,CVE-2019-12818,CVE-2019-12819,CVE-2019-13233,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284,CVE-2019-3846,CVE-2019-3882,CVE-2019-5489,CVE-2019-8564,CVE-2019-9003,CVE-2019-9500,CVE-2019-9503
Sources used:
SUSE Linux Enterprise Module for Realtime 15-SP1 (src):    kernel-rt-4.12.14-14.8.1, kernel-rt_debug-4.12.14-14.8.1, kernel-source-rt-4.12.14-14.8.1, kernel-syms-rt-4.12.14-14.8.1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src):    kernel-rt-4.12.14-14.8.1, kernel-rt_debug-4.12.14-14.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 79 Swamp Workflow Management 2019-09-24 16:19:38 UTC

SUSE-SU-2019:2450-1: An update that solves 21 vulnerabilities and has 160 fixes is now available.

Category: security (important)
Bug References: 1012382,1051510,1053043,1055117,1061840,1065600,1065729,1068032,1071995,1083647,1083710,1088047,1094555,1098633,1102247,1106383,1106751,1109137,1111666,11123080,1112824,1113722,1114279,1115688,1117158,1118139,1119222,1120423,1120566,1124167,1124503,1127034,1127155,1127315,1128432,1128902,1128910,1129770,1130972,1132154,1132390,1133021,1133401,1133738,1134097,1134303,1134390,1134393,1134395,1134399,1134671,1135296,1135335,1135556,1135642,1135661,1136157,1136424,1136598,1136811,1136896,1136922,1136935,1136990,1137103,1137162,1137194,1137366,1137372,1137429,1137444,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137739,1137752,1137811,1137827,1137884,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138291,1138293,1138374,1138375,1138589,1138719,1139358,1139751,1139771,1139782,1139865,1140133,1140139,1140322,1140328,1140405,1140424,1140428,1140575,1140577,1140637,1140652,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141401,1141402,1141452,1141453,1141454,1141478,1141488,1142023,1142112,1142220,1142221,1142265,1142350,1142351,1142354,1142359,1142450,1142701,1142868,1143003,1143045,1143105,1143185,1143189,1143191,1143507
CVE References: CVE-2018-16871,CVE-2018-20836,CVE-2018-20855,CVE-2019-10126,CVE-2019-10638,CVE-2019-10639,CVE-2019-1125,CVE-2019-11477,CVE-2019-11478,CVE-2019-11599,CVE-2019-11810,CVE-2019-12380,CVE-2019-12456,CVE-2019-12614,CVE-2019-12818,CVE-2019-12819,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284,CVE-2019-3846
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.3.1, kernel-rt_debug-4.12.14-8.3.1, kernel-source-rt-4.12.14-8.3.1, kernel-syms-rt-4.12.14-8.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 83 Swamp Workflow Management 2019-10-23 19:29:37 UTC

SUSE-SU-2019:2756-1: An update that solves 44 vulnerabilities and has 368 fixes is now available.

Category: security (important)
Bug References: 1012382,1047238,1050911,1051510,1053043,1054914,1055117,1056686,1060662,1061840,1061843,1064597,1064701,1065600,1065729,1066369,1071009,1071306,1071995,1078248,1082555,1083647,1083710,1085030,1085536,1085539,1086103,1087092,1088047,1090734,1091171,1093205,1094555,1098633,1102097,1102247,1104902,1104967,1106061,1106284,1106383,1106434,1106751,1108382,1109137,1109158,1111666,1112178,1112894,1112899,1112902,1112903,1112905,1112906,1112907,1113722,1114279,1114542,1115688,1117158,1118139,1118689,1119086,1119222,1119532,1120423,1120566,1120876,1120902,1120937,1123034,1123080,1123105,1123959,1124167,1124370,1124503,1127034,1127155,1127315,1127988,1128432,1128902,1128910,1129424,1129519,1129664,1129770,1130972,1131107,1131281,1131304,1131565,1132154,1132390,1132686,1133021,1133401,1134097,1134291,1134303,1134390,1134671,1134881,1134882,1135219,1135296,1135335,1135556,1135642,1135661,1135897,1136157,1136261,1136811,1136896,1136935,1136990,1137069,1137162,1137221,1137366,1137372,1137429,1137444,1137458,1137534,1137535,1137584,1137586,1137609,1137625,1137728,1137739,1137752,1137811,1137827,1137865,1137884,1137959,1137995,1137996,1137998,1137999,1138000,1138002,1138003,1138005,1138006,1138007,1138008,1138009,1138010,1138011,1138012,1138013,1138014,1138015,1138016,1138017,1138018,1138019,1138374,1138375,1138539,1138589,1138719,1139020,1139021,1139101,1139500,1139771,1139782,1139865,1140012,1140133,1140139,1140155,1140322,1140328,1140405,1140424,1140426,1140428,1140487,1140637,1140652,1140658,1140715,1140719,1140726,1140727,1140728,1140814,1140887,1140888,1140889,1140891,1140893,1140903,1140945,1140948,1140954,1140955,1140956,1140957,1140958,1140959,1140960,1140961,1140962,1140964,1140971,1140972,1140992,1141013,1141401,1141402,1141450,1141452,1141453,1141454,1141478,1141543,1141554,1142019,1142076,1142109,1142112,1142117,1142118,1142119,1142129,1142220,1142221,1142350,1142351,1142354,1142359,1142450,1142496,1142541,1142635,1142685,1142701,1142857,1142868,1143003,1143105,1143185,1143300,1143466,1143507,1143765,1143841,1143843,1144123,1144333,1144474,1144518,1144718,1144813,1144880,1144886,1144912,1144920,1144979,1145010,1145024,1145051,1145059,1145189,1145235,1145300,1145302,1145388,1145389,1145390,1145391,1145392,1145393,1145394,1145395,1145396,1145397,1145408,1145409,1145661,1145678,1145687,1145920,1145922,1145934,1145937,1145940,1145941,1145942,1146042,1146074,1146084,1146163,1146285,1146346,1146351,1146352,1146361,1146376,1146378,1146381,1146391,1146399,1146413,1146425,1146512,1146514,1146516,1146519,1146524,1146526,1146529,1146531,1146540,1146543,1146547,1146550,1146575,1146589,1146664,1146678,1146938,1148031,1148032,1148033,1148034,1148035,1148093,1148133,1148192,1148196,1148198,1148202,1148303,1148363,1148379,1148394,1148527,1148574,1148616,1148617,1148619,1148698,1148712,1148859,1148868,1149053,1149083,1149104,1149105,1149106,1149197,1149214,1149224,1149313,1149325,1149376,1149413,1149418,1149424,1149446,1149522,1149527,1149539,1149552,1149555,1149591,1149602,1149612,1149626,1149651,1149652,1149713,1149940,1149959,1149963,1149976,1150025,1150033,1150112,1150381,1150423,1150562,1150727,1150860,1150861,1150933,1151350,1151610,1151667,1151671,1151891,1151955,1152024,1152025,1152026,1152161,1152325,1152457,1152460,1152466,1152972,1152974,1152975
CVE References: CVE-2017-18551,CVE-2017-18595,CVE-2018-20976,CVE-2018-21008,CVE-2019-10207,CVE-2019-11479,CVE-2019-14814,CVE-2019-14815,CVE-2019-14816,CVE-2019-14821,CVE-2019-14835,CVE-2019-15030,CVE-2019-15031,CVE-2019-15090,CVE-2019-15098,CVE-2019-15117,CVE-2019-15118,CVE-2019-15211,CVE-2019-15212,CVE-2019-15214,CVE-2019-15215,CVE-2019-15216,CVE-2019-15217,CVE-2019-15218,CVE-2019-15219,CVE-2019-15220,CVE-2019-15221,CVE-2019-15222,CVE-2019-15239,CVE-2019-15290,CVE-2019-15291,CVE-2019-15292,CVE-2019-15538,CVE-2019-15666,CVE-2019-15902,CVE-2019-15917,CVE-2019-15919,CVE-2019-15920,CVE-2019-15921,CVE-2019-15924,CVE-2019-15926,CVE-2019-15927,CVE-2019-9456,CVE-2019-9506
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP4 (src):    kernel-rt-4.12.14-8.6.1, kernel-rt_debug-4.12.14-8.6.1, kernel-source-rt-4.12.14-8.6.1, kernel-syms-rt-4.12.14-8.6.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 87 Alexandros Toptsoglou 2020-02-04 16:47:59 UTC

all done closing