Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:0437-1 Final 1 1 2021-02-11T15:33:40Z current 2021-02-11T15:33:40Z 2021-02-11T15:33:40Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2021-3347: A use-after-free was discovered in the PI futexes during fault handling, allowing local users to execute code in the kernel (bnc#1181349). - CVE-2020-29569: Fixed a potential privilege escalation and information leaks related to the PV block backend, as used by Xen (bnc#1179509). - CVE-2020-29568: Fixed a denial of service issue, related to processing watch events (bnc#1179508). - CVE-2020-25211: Fixed a flaw where a local attacker was able to inject conntrack netlink configuration that could cause a denial of service or trigger the use of incorrect protocol numbers in ctnetlink_parse_tuple_filter (bnc#1176395). - CVE-2020-0444: Fixed a bad kfree due to a logic error in audit_data_to_entry (bnc#1180027). - CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c that could have led to local privilege escalation (bnc#1180029). - CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031). - CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c which could have allowed local users to gain privileges or cause a denial of service (bsc#1179141). - CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds check in the nl80211_policy policy of nl80211.c (bnc#1180086). - CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction Services (RTAS) interface, affecting guests running on top of PowerVM or KVM hypervisors (bnc#1179107). - CVE-2020-27786: Fixed an out-of-bounds write in the MIDI implementation (bnc#1179601). - CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls (bsc#1179960). - CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bnc#1179745). - CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179745). - CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could have been used by local attackers to read privileged information or potentially crash the kernel (bsc#1178589). - CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could have been used by local attackers to read kernel memory (bsc#1178886). - CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit() (bsc#1178182). - CVE-2020-25285: A race condition between hugetlb sysctl handlers in mm/hugetlb.c could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact (bnc#1176485 ). - CVE-2020-15437: Fixed a null pointer dereference which could have allowed local users to cause a denial of service (bsc#1179140). - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180559). - CVE-2020-11668: Fixed the mishandling of invalid descriptors in the Xirlink camera USB driver (bnc#1168952). - CVE-2020-25668: Fixed a use-after-free in con_font_op() (bsc#1178123). - CVE-2020-27673: Fixed an issue where rogue guests could have caused denial of service of Dom0 via high frequency events (XSA-332 bsc#1177411) - CVE-2019-20934: Fixed a use-after-free in show_numa_stats() because NUMA fault statistics were inappropriately freed (bsc#1179663). - CVE-2019-19063: Fixed two memory leaks in the rtl_usb_probe() which could eventually have allowed attackers to cause a denial of service (memory consumption) (bnc#1157298 ). - CVE-2019-6133: Fixed an issue where the 'start time' protection mechanism could have been bypassed and therefore authorization decisions are improperly cached (bsc#1128172). The following non-security bugs were fixed: - HID: Fix slab-out-of-bounds read in hid_field_extract (bsc#1180052). - epoll: Keep a reference on files added to the check list (bsc#1180031). - fix regression in 'epoll: Keep a reference on files added to the check list' (bsc#1180031, git-fixes). - futex,rt_mutex: Fix rt_mutex_cleanup_proxy_lock() (bsc#969755). - futex,rt_mutex: Introduce rt_mutex_init_waiter() (bsc#969755). - futex,rt_mutex: Provide futex specific rt_mutex API (bsc#969755). - futex,rt_mutex: Restructure rt_mutex_finish_proxy_lock() (bsc#969755). - futex: Avoid freeing an active timer (bsc#969755). - futex: Avoid violating the 10th rule of futex (bsc#969755). - futex: Change locking rules (bsc#969755). - futex: Do not enable IRQs unconditionally in put_pi_state() (bsc#969755). - futex: Drop hb->lock before enqueueing on the rtmutex (bsc#969755). - futex: Fix OWNER_DEAD fixup (bsc#969755). - futex: Fix incorrect should_fail_futex() handling (bsc#969755). - futex: Fix more put_pi_state() vs. exit_pi_state_list() races (bsc#969755). - futex: Fix pi_state->owner serialization (bsc#969755). - futex: Fix small (and harmless looking) inconsistencies (bsc#969755). - futex: Futex_unlock_pi() determinism (bsc#969755). - futex: Handle early deadlock return correctly (bsc#969755). - futex: Handle transient 'ownerless' rtmutex state correctly (bsc#969755). - futex: Pull rt_mutex_futex_unlock() out from under hb->lock (bsc#969755). - futex: Rework futex_lock_pi() to use rt_mutex_*_proxy_lock() (bsc#969755). - futex: Rework inconsistent rt_mutex/futex_q state (bsc#969755). - locking/futex: Allow low-level atomic operations to return -EAGAIN (bsc#969755). - mm/userfaultfd: do not access vma->vm_mm after calling handle_userfault() (bsc#1179204). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2021-437,SUSE-OpenStack-Cloud-7-2021-437,SUSE-SLE-HA-12-SP2-2021-437,SUSE-SLE-SAP-12-SP2-2021-437,SUSE-SLE-SERVER-12-SP2-2021-437,SUSE-SLE-SERVER-12-SP2-BCL-2021-437 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ Link for SUSE-SU-2021:0437-1 https://lists.suse.com/pipermail/sle-security-updates/2021-February/008312.html E-Mail link for SUSE-SU-2021:0437-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1070943 SUSE Bug 1070943 https://bugzilla.suse.com/1121826 SUSE Bug 1121826 https://bugzilla.suse.com/1121872 SUSE Bug 1121872 https://bugzilla.suse.com/1157298 SUSE Bug 1157298 https://bugzilla.suse.com/1168952 SUSE Bug 1168952 https://bugzilla.suse.com/1173942 SUSE Bug 1173942 https://bugzilla.suse.com/1176395 SUSE Bug 1176395 https://bugzilla.suse.com/1176485 SUSE Bug 1176485 https://bugzilla.suse.com/1177411 SUSE Bug 1177411 https://bugzilla.suse.com/1178123 SUSE Bug 1178123 https://bugzilla.suse.com/1178182 SUSE Bug 1178182 https://bugzilla.suse.com/1178589 SUSE Bug 1178589 https://bugzilla.suse.com/1178622 SUSE Bug 1178622 https://bugzilla.suse.com/1178886 SUSE Bug 1178886 https://bugzilla.suse.com/1179107 SUSE Bug 1179107 https://bugzilla.suse.com/1179140 SUSE Bug 1179140 https://bugzilla.suse.com/1179141 SUSE Bug 1179141 https://bugzilla.suse.com/1179204 SUSE Bug 1179204 https://bugzilla.suse.com/1179419 SUSE Bug 1179419 https://bugzilla.suse.com/1179508 SUSE Bug 1179508 https://bugzilla.suse.com/1179509 SUSE Bug 1179509 https://bugzilla.suse.com/1179601 SUSE Bug 1179601 https://bugzilla.suse.com/1179616 SUSE Bug 1179616 https://bugzilla.suse.com/1179663 SUSE Bug 1179663 https://bugzilla.suse.com/1179666 SUSE Bug 1179666 https://bugzilla.suse.com/1179745 SUSE Bug 1179745 https://bugzilla.suse.com/1179877 SUSE Bug 1179877 https://bugzilla.suse.com/1179960 SUSE Bug 1179960 https://bugzilla.suse.com/1179961 SUSE Bug 1179961 https://bugzilla.suse.com/1180008 SUSE Bug 1180008 https://bugzilla.suse.com/1180027 SUSE Bug 1180027 https://bugzilla.suse.com/1180028 SUSE Bug 1180028 https://bugzilla.suse.com/1180029 SUSE Bug 1180029 https://bugzilla.suse.com/1180030 SUSE Bug 1180030 https://bugzilla.suse.com/1180031 SUSE Bug 1180031 https://bugzilla.suse.com/1180032 SUSE Bug 1180032 https://bugzilla.suse.com/1180052 SUSE Bug 1180052 https://bugzilla.suse.com/1180086 SUSE Bug 1180086 https://bugzilla.suse.com/1180559 SUSE Bug 1180559 https://bugzilla.suse.com/1180562 SUSE Bug 1180562 https://bugzilla.suse.com/1181349 SUSE Bug 1181349 https://bugzilla.suse.com/969755 SUSE Bug 969755 https://www.suse.com/security/cve/CVE-2019-19063/ SUSE CVE CVE-2019-19063 page https://www.suse.com/security/cve/CVE-2019-20934/ SUSE CVE CVE-2019-20934 page https://www.suse.com/security/cve/CVE-2019-6133/ SUSE CVE CVE-2019-6133 page https://www.suse.com/security/cve/CVE-2020-0444/ SUSE CVE CVE-2020-0444 page https://www.suse.com/security/cve/CVE-2020-0465/ SUSE CVE CVE-2020-0465 page https://www.suse.com/security/cve/CVE-2020-0466/ SUSE CVE CVE-2020-0466 page https://www.suse.com/security/cve/CVE-2020-11668/ SUSE CVE CVE-2020-11668 page https://www.suse.com/security/cve/CVE-2020-15436/ SUSE CVE CVE-2020-15436 page https://www.suse.com/security/cve/CVE-2020-15437/ SUSE CVE CVE-2020-15437 page https://www.suse.com/security/cve/CVE-2020-25211/ SUSE CVE CVE-2020-25211 page https://www.suse.com/security/cve/CVE-2020-25285/ SUSE CVE CVE-2020-25285 page https://www.suse.com/security/cve/CVE-2020-25668/ SUSE CVE CVE-2020-25668 page https://www.suse.com/security/cve/CVE-2020-25669/ SUSE CVE CVE-2020-25669 page https://www.suse.com/security/cve/CVE-2020-27068/ SUSE CVE CVE-2020-27068 page https://www.suse.com/security/cve/CVE-2020-27673/ SUSE CVE CVE-2020-27673 page https://www.suse.com/security/cve/CVE-2020-27777/ SUSE CVE CVE-2020-27777 page https://www.suse.com/security/cve/CVE-2020-27786/ SUSE CVE CVE-2020-27786 page https://www.suse.com/security/cve/CVE-2020-27825/ SUSE CVE CVE-2020-27825 page https://www.suse.com/security/cve/CVE-2020-28915/ SUSE CVE CVE-2020-28915 page https://www.suse.com/security/cve/CVE-2020-28974/ SUSE CVE CVE-2020-28974 page https://www.suse.com/security/cve/CVE-2020-29568/ SUSE CVE CVE-2020-29568 page https://www.suse.com/security/cve/CVE-2020-29569/ SUSE CVE CVE-2020-29569 page https://www.suse.com/security/cve/CVE-2020-29660/ SUSE CVE CVE-2020-29660 page https://www.suse.com/security/cve/CVE-2020-29661/ SUSE CVE CVE-2020-29661 page https://www.suse.com/security/cve/CVE-2020-36158/ SUSE CVE CVE-2020-36158 page https://www.suse.com/security/cve/CVE-2021-3347/ SUSE CVE CVE-2021-3347 page SUSE Linux Enterprise High Availability Extension 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE OpenStack Cloud 7 cluster-md-kmp-debug-4.4.121-92.149.1 cluster-md-kmp-default-4.4.121-92.149.1 cluster-md-kmp-vanilla-4.4.121-92.149.1 cluster-network-kmp-debug-4.4.121-92.149.1 cluster-network-kmp-default-4.4.121-92.149.1 cluster-network-kmp-vanilla-4.4.121-92.149.1 dlm-kmp-debug-4.4.121-92.149.1 dlm-kmp-default-4.4.121-92.149.1 dlm-kmp-vanilla-4.4.121-92.149.1 gfs2-kmp-debug-4.4.121-92.149.1 gfs2-kmp-default-4.4.121-92.149.1 gfs2-kmp-vanilla-4.4.121-92.149.1 kernel-debug-4.4.121-92.149.1 kernel-debug-base-4.4.121-92.149.1 kernel-debug-devel-4.4.121-92.149.1 kernel-debug-extra-4.4.121-92.149.1 kernel-debug-kgraft-4.4.121-92.149.1 kernel-default-4.4.121-92.149.1 kernel-default-base-4.4.121-92.149.1 kernel-default-devel-4.4.121-92.149.1 kernel-default-extra-4.4.121-92.149.1 kernel-default-kgraft-4.4.121-92.149.1 kernel-default-man-4.4.121-92.149.1 kernel-devel-4.4.121-92.149.1 kernel-docs-4.4.121-92.149.2 kernel-docs-html-4.4.121-92.149.2 kernel-docs-pdf-4.4.121-92.149.2 kernel-macros-4.4.121-92.149.1 kernel-obs-build-4.4.121-92.149.1 kernel-obs-qa-4.4.121-92.149.1 kernel-source-4.4.121-92.149.1 kernel-source-vanilla-4.4.121-92.149.1 kernel-syms-4.4.121-92.149.1 kernel-vanilla-4.4.121-92.149.1 kernel-vanilla-base-4.4.121-92.149.1 kernel-vanilla-devel-4.4.121-92.149.1 kernel-zfcpdump-4.4.121-92.149.1 kgraft-patch-4_4_121-92_149-default-1-3.3.1 ocfs2-kmp-debug-4.4.121-92.149.1 ocfs2-kmp-default-4.4.121-92.149.1 ocfs2-kmp-vanilla-4.4.121-92.149.1 cluster-md-kmp-default-4.4.121-92.149.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 cluster-network-kmp-default-4.4.121-92.149.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 dlm-kmp-default-4.4.121-92.149.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 gfs2-kmp-default-4.4.121-92.149.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 ocfs2-kmp-default-4.4.121-92.149.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 kernel-default-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-default-base-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-default-devel-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-devel-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-macros-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-source-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-syms-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL kernel-default-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kernel-default-base-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kernel-default-devel-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kernel-default-man-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kernel-devel-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kernel-macros-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kernel-source-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kernel-syms-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kgraft-patch-4_4_121-92_149-default-1-3.3.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kernel-default-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-default-base-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-default-devel-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-devel-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-macros-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-source-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-syms-4.4.121-92.149.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kgraft-patch-4_4_121-92_149-default-1-3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-default-4.4.121-92.149.1 as a component of SUSE OpenStack Cloud 7 kernel-default-base-4.4.121-92.149.1 as a component of SUSE OpenStack Cloud 7 kernel-default-devel-4.4.121-92.149.1 as a component of SUSE OpenStack Cloud 7 kernel-default-man-4.4.121-92.149.1 as a component of SUSE OpenStack Cloud 7 kernel-devel-4.4.121-92.149.1 as a component of SUSE OpenStack Cloud 7 kernel-macros-4.4.121-92.149.1 as a component of SUSE OpenStack Cloud 7 kernel-source-4.4.121-92.149.1 as a component of SUSE OpenStack Cloud 7 kernel-syms-4.4.121-92.149.1 as a component of SUSE OpenStack Cloud 7 kgraft-patch-4_4_121-92_149-default-1-3.3.1 as a component of SUSE OpenStack Cloud 7 Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. CVE-2019-19063 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2019-19063.html CVE-2019-19063 https://bugzilla.suse.com/1157298 SUSE Bug 1157298 An issue was discovered in the Linux kernel before 5.2.6. On NUMA systems, the Linux fair scheduler has a use-after-free in show_numa_stats() because NUMA fault statistics are inappropriately freed, aka CID-16d51a590a8c. CVE-2019-20934 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 5.4 AV:L/AC:M/Au:N/C:P/I:N/A:C 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2019-20934.html CVE-2019-20934 https://bugzilla.suse.com/1179663 SUSE Bug 1179663 https://bugzilla.suse.com/1179666 SUSE Bug 1179666 In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendinteractiveauthority.c. CVE-2019-6133 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P 6.7 CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2019-6133.html CVE-2019-6133 https://bugzilla.suse.com/1070943 SUSE Bug 1070943 https://bugzilla.suse.com/1121826 SUSE Bug 1121826 https://bugzilla.suse.com/1121872 SUSE Bug 1121872 In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150693166References: Upstream kernel CVE-2020-0444 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-0444.html CVE-2020-0444 https://bugzilla.suse.com/1180027 SUSE Bug 1180027 https://bugzilla.suse.com/1180028 SUSE Bug 1180028 In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-162844689References: Upstream kernel CVE-2020-0465 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-0465.html CVE-2020-0465 https://bugzilla.suse.com/1180029 SUSE Bug 1180029 https://bugzilla.suse.com/1180030 SUSE Bug 1180030 In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147802478References: Upstream kernel CVE-2020-0466 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-0466.html CVE-2020-0466 https://bugzilla.suse.com/1180031 SUSE Bug 1180031 https://bugzilla.suse.com/1180032 SUSE Bug 1180032 https://bugzilla.suse.com/1199255 SUSE Bug 1199255 https://bugzilla.suse.com/1200084 SUSE Bug 1200084 In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770. CVE-2020-11668 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 5.6 AV:L/AC:L/Au:N/C:N/I:P/A:C 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-11668.html CVE-2020-11668 https://bugzilla.suse.com/1168952 SUSE Bug 1168952 https://bugzilla.suse.com/1173942 SUSE Bug 1173942 Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. CVE-2020-15436 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-15436.html CVE-2020-15436 https://bugzilla.suse.com/1179141 SUSE Bug 1179141 The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized. CVE-2020-15437 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-15437.html CVE-2020-15437 https://bugzilla.suse.com/1179140 SUSE Bug 1179140 In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. CVE-2020-25211 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 3.6 AV:L/AC:L/Au:N/C:N/I:P/A:P 5.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-25211.html CVE-2020-25211 https://bugzilla.suse.com/1176395 SUSE Bug 1176395 https://bugzilla.suse.com/1192356 SUSE Bug 1192356 A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812. CVE-2020-25285 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-25285.html CVE-2020-25285 https://bugzilla.suse.com/1176485 SUSE Bug 1176485 A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. CVE-2020-25668 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-25668.html CVE-2020-25668 https://bugzilla.suse.com/1178123 SUSE Bug 1178123 https://bugzilla.suse.com/1178622 SUSE Bug 1178622 https://bugzilla.suse.com/1196914 SUSE Bug 1196914 A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free. CVE-2020-25669 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-25669.html CVE-2020-25669 https://bugzilla.suse.com/1178182 SUSE Bug 1178182 Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel CVE-2020-27068 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-27068.html CVE-2020-27068 https://bugzilla.suse.com/1180086 SUSE Bug 1180086 An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271. CVE-2020-27673 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-27673.html CVE-2020-27673 https://bugzilla.suse.com/1177411 SUSE Bug 1177411 https://bugzilla.suse.com/1184583 SUSE Bug 1184583 A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel. CVE-2020-27777 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-27777.html CVE-2020-27777 https://bugzilla.suse.com/1179107 SUSE Bug 1179107 https://bugzilla.suse.com/1179419 SUSE Bug 1179419 https://bugzilla.suse.com/1200343 SUSE Bug 1200343 https://bugzilla.suse.com/1220060 SUSE Bug 1220060 A flaw was found in the Linux kernel's implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27786 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-27786.html CVE-2020-27786 https://bugzilla.suse.com/1179601 SUSE Bug 1179601 https://bugzilla.suse.com/1179616 SUSE Bug 1179616 A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. CVE-2020-27825 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 5.4 AV:L/AC:M/Au:N/C:P/I:N/A:C 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-27825.html CVE-2020-27825 https://bugzilla.suse.com/1179960 SUSE Bug 1179960 https://bugzilla.suse.com/1179961 SUSE Bug 1179961 A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. CVE-2020-28915 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 6.1 AV:L/AC:L/Au:N/C:P/I:P/A:C 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-28915.html CVE-2020-28915 https://bugzilla.suse.com/1178886 SUSE Bug 1178886 A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height. CVE-2020-28974 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 6.1 AV:L/AC:L/Au:N/C:P/I:P/A:C 5.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-28974.html CVE-2020-28974 https://bugzilla.suse.com/1178589 SUSE Bug 1178589 An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable. CVE-2020-29568 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-29568.html CVE-2020-29568 https://bugzilla.suse.com/1179508 SUSE Bug 1179508 An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the states connect and disconnect. As a consequence, the block backend may re-use a pointer after it was freed. A misbehaving guest can trigger a dom0 crash by continuously connecting / disconnecting a block frontend. Privilege escalation and information leaks cannot be ruled out. This only affects systems with a Linux blkback. CVE-2020-29569 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-29569.html CVE-2020-29569 https://bugzilla.suse.com/1179509 SUSE Bug 1179509 https://bugzilla.suse.com/1180008 SUSE Bug 1180008 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. CVE-2020-29660 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-29660.html CVE-2020-29660 https://bugzilla.suse.com/1179745 SUSE Bug 1179745 https://bugzilla.suse.com/1179877 SUSE Bug 1179877 A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. CVE-2020-29661 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-29661.html CVE-2020-29661 https://bugzilla.suse.com/1179745 SUSE Bug 1179745 https://bugzilla.suse.com/1179877 SUSE Bug 1179877 https://bugzilla.suse.com/1214268 SUSE Bug 1214268 https://bugzilla.suse.com/1218966 SUSE Bug 1218966 mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. CVE-2020-36158 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2020-36158.html CVE-2020-36158 https://bugzilla.suse.com/1180559 SUSE Bug 1180559 https://bugzilla.suse.com/1180562 SUSE Bug 1180562 An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458. CVE-2021-3347 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-BCL:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-default-man-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.121-92.149.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_149-default-1-3.3.1 SUSE OpenStack Cloud 7:kernel-default-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-base-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-default-man-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-devel-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-macros-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-source-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kernel-syms-4.4.121-92.149.1 SUSE OpenStack Cloud 7:kgraft-patch-4_4_121-92_149-default-1-3.3.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20210437-1/ https://www.suse.com/security/cve/CVE-2021-3347.html CVE-2021-3347 https://bugzilla.suse.com/1181349 SUSE Bug 1181349 https://bugzilla.suse.com/1181553 SUSE Bug 1181553 https://bugzilla.suse.com/1190859 SUSE Bug 1190859