Security update for the Linux Kernel

Announcement ID:	SUSE-SU-2019:2948-1
Rating:	important
References:	bsc#1051510 bsc#1082635 bsc#1083647 bsc#1090631 bsc#1096254 bsc#1117665 bsc#1119461 bsc#1119465 bsc#1123034 bsc#1135966 bsc#1135967 bsc#1137040 bsc#1138190 bsc#1139073 bsc#1140090 bsc#1143706 bsc#1144338 bsc#1144903 bsc#1146612 bsc#1149119 bsc#1150457 bsc#1151225 bsc#1152624 bsc#1153476 bsc#1153509 bsc#1153969 bsc#1154737 bsc#1154848 bsc#1154858 bsc#1154905 bsc#1154959 bsc#1155178 bsc#1155179 bsc#1155184 bsc#1155186 bsc#1155671
Cross-References:	CVE-2018-12207 CVE-2019-0154 CVE-2019-0155 CVE-2019-10220 CVE-2019-11135 CVE-2019-16233
CVSS scores:	CVE-2018-12207 ( SUSE ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2018-12207 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H CVE-2019-0154 ( SUSE ): 5.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2019-0154 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVE-2019-0155 ( SUSE ): 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2019-0155 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2019-10220 ( SUSE ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2019-10220 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVE-2019-11135 ( SUSE ): 6.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2019-11135 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N CVE-2019-16233 ( SUSE ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2019-16233 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Affected Products:	SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability Extension 12 SP4 SUSE Linux Enterprise High Performance Computing 12 SP4 SUSE Linux Enterprise Live Patching 12-SP4 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Software Bootstrap Kit 12 12-SP4 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 12-SP4

An update that solves six vulnerabilities and has 30 security fixes can now be installed.

Description:

The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

CVE-2018-12207: Untrusted virtual machines on Intel CPUs could exploit a race condition in the Instruction Fetch Unit of the Intel CPU to cause a Machine Exception during Page Size Change, causing the CPU core to be non-functional.

The Linux Kernel KVM hypervisor was adjusted to avoid page size changes in executable pages by splitting / merging huge pages into small pages as needed. More information can be found on https://www.suse.com/support/kb/doc/?id=7023735

CVE-2019-11135: Aborting an asynchronous TSX operation on Intel CPUs with Transactional Memory support could be used to facilitate sidechannel information leaks out of microarchitectural buffers, similar to the previously described "Microarchitectural Data Sampling" attack.

The Linux kernel was supplemented with the option to disable TSX operation altogether (requiring CPU Microcode updates on older systems) and better flushing of microarchitectural buffers (VERW).

The set of options available is described in our TID at https://www.suse.com/support/kb/doc/?id=7024251

Other security fixes:

• CVE-2019-0154: Fixed a local denial of service via read of unprotected i915 registers. (bsc#1135966)
• CVE-2019-0155: Fixed privilege escalation in the i915 driver. Batch buffers from usermode could have escalated privileges via blitter command stream. (bsc#1135967)
• CVE-2019-16233: drivers/scsi/qla2xxx/qla_os.c did not check the alloc_workqueue return value, leading to a NULL pointer dereference. (bsc#1150457).
• CVE-2019-10220: Added sanity checks on the pathnames passed to the user space. (bsc#1144903).

The following non-security bugs were fixed:

• alsa: bebob: Fix prototype of helper function to return negative value (bsc#1051510).
• alsa: hda/realtek - Add support for ALC623 (bsc#1051510).
• alsa: hda/realtek - Add support for ALC711 (bsc#1051510).
• alsa: hda/realtek - Fix 2 front mics of codec 0x623 (bsc#1051510).
• alsa: hda: Add Elkhart Lake PCI ID (bsc#1051510).
• alsa: hda: Add Tigerlake/Jasperlake PCI ID (bsc#1051510).
• alsa: timer: Fix mutex deadlock at releasing card (bsc#1051510).
• arcnet: provide a buffer big enough to actually receive packets (networking-stable-19_09_30).
• asoc: rockchip: i2s: Fix RPM imbalance (bsc#1051510).
• asoc: rsnd: Reinitialize bit clock inversion flag for every format setting (bsc#1051510).
• bpf: fix use after free in prog symbol exposure (bsc#1083647).
• btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group() (bsc#1155178).
• btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179).
• btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186).
• btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184).
• crypto: af_alg - Fix race around ctx->rcvused by making it atomic_t (bsc#1154737).
• crypto: af_alg - Initialize sg_num_bytes in error code path (bsc#1051510).
• crypto: af_alg - consolidation of duplicate code (bsc#1154737).
• crypto: af_alg - fix race accessing cipher request (bsc#1154737).
• crypto: af_alg - remove locking in async callback (bsc#1154737).
• crypto: af_alg - update correct dst SGL entry (bsc#1051510).
• crypto: af_alg - wait for data at beginning of recvmsg (bsc#1154737).
• crypto: algif - return error code when no data was processed (bsc#1154737).
• crypto: algif_aead - copy AAD from src to dst (bsc#1154737).
• crypto: algif_aead - fix reference counting of null skcipher (bsc#1154737).
• crypto: algif_aead - overhaul memory management (bsc#1154737).
• crypto: algif_aead - skip SGL entries with NULL page (bsc#1154737).
• crypto: algif_skcipher - overhaul memory management (bsc#1154737).
• cxgb4:Fix out-of-bounds MSI-X info array access (networking-stable-19_10_05).
• drm/edid: Add 6 bpc quirk for SDC panel in Lenovo G50 (bsc#1051510).
• drm/i915/cmdparser: Add support for backward jumps (bsc#1135967)
• drm/i915/cmdparser: Ignore Length operands during command matching (bsc#1135967)
• drm/i915/cmdparser: Use explicit goto for error paths (bsc#1135967)
• drm/i915/gen8+: Add RC6 CTX corruption WA (bsc#1135967)
• drm/i915/gtt: Add read only pages to gen8_pte_encode (bsc#1135967)
• drm/i915/gtt: Disable read-only support under GVT (bsc#1135967)
• drm/i915/gtt: Read-only pages for insert_entries on bdw (bsc#1135967)
• drm/i915: Add gen9 BCS cmdparsing (bsc#1135967)
• drm/i915: Add support for mandatory cmdparsing (bsc#1135967)
• drm/i915: Allow parsing of unsized batches (bsc#1135967)
• drm/i915: Disable Secure Batches for gen6+
• drm/i915: Lower RM timeout to avoid DSI hard hangs (bsc#1135967)
• drm/i915: Prevent writing into a read-only object via a GGTT mmap (bsc#1135967)
• drm/i915: Remove Master tables from cmdparser
• drm/i915: Rename gen7 cmdparser tables (bsc#1135967)
• drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (bsc#1135967)
• efi/memattr: Do not bail on zero VA if it equals the region's PA (bsc#1051510).
• efi: cper: print AER info of PCIe fatal error (bsc#1051510).
• efivar/ssdt: Do not iterate over EFI vars if no SSDT override was specified (bsc#1051510).
• hid: fix error message in hid_open_report() (bsc#1051510).
• hid: logitech-hidpp: do all FF cleanup in hidpp_ff_destroy() (bsc#1051510).
• hso: fix NULL-deref on tty open (bsc#1051510).
• hyperv: set nvme msi interrupts to unmanaged (jsc#SLE-8953, jsc#SLE-9221, jsc#SLE-4941, bsc#1119461, bsc#1119465, bsc#1138190, bsc#1154905).
• ib/core: Add mitigation for Spectre V1 (bsc#1155671)
• ieee802154: ca8210: prevent memory leak (bsc#1051510).
• input: synaptics-rmi4 - avoid processing unknown IRQs (bsc#1051510).
• integrity: prevent deadlock during digsig verification (bsc#1090631).
• ipv6: Handle missing host route in __ipv6_ifa_notify (networking-stable-19_10_05).
• ipv6: drop incoming packets having a v4mapped source address (networking-stable-19_10_05).
• kABI workaround for crypto/af_alg changes (bsc#1154737).
• kABI workaround for drm_vma_offset_node readonly field addition (bsc#1135967)
• ksm: cleanup stable_node chain collapse case (bnc#1144338).
• ksm: fix use after free with merge_across_nodes = 0 (bnc#1144338).
• ksm: introduce ksm_max_page_sharing per page deduplication limit (bnc#1144338).
• ksm: optimize refile of stable_node_dup at the head of the chain (bnc#1144338).
• ksm: swap the two output parameters of chain/chain_prune (bnc#1144338).
• kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (bsc#1117665).
• kvm: x86: mmu: Recovery of shattered NX large pages (bsc#1117665, CVE-2018-12207).
• mac80211: Reject malformed SSID elements (bsc#1051510).
• mac80211: fix txq null pointer dereference (bsc#1051510).
• md/raid0: avoid RAID0 data corruption due to layout confusion (bsc#1140090).
• md/raid0: fix warning message for parameter default_layout (bsc#1140090).
• net/phy: fix DP83865 10 Mbps HDX loopback disable function (networking-stable-19_09_30).
• net/rds: Fix error handling in rds_ib_add_one() (networking-stable-19_10_05).
• net/rds: fix warn in rds_message_alloc_sgs (bsc#1154848).
• net/rds: remove user triggered WARN_ON in rds_sendmsg (bsc#1154848).
• net/sched: act_sample: do not push mac header on ip6gre ingress (networking-stable-19_09_30).
• net/smc: fix SMCD link group creation with VLAN id (bsc#1154959).
• net: Replace NF_CT_ASSERT() with WARN_ON() (bsc#1146612).
• net: Unpublish sk from sk_reuseport_cb before call_rcu (networking-stable-19_10_05).
• net: openvswitch: free vport unless register_netdevice() succeeds (git-fixes).
• net: qlogic: Fix memory leak in ql_alloc_large_buffers (networking-stable-19_10_05).
• net: qrtr: Stop rx_worker before freeing node (networking-stable-19_09_30).
• net_sched: add policy validation for action attributes (networking-stable-19_09_30).
• net_sched: fix backward compatibility for TCA_ACT_KIND (git-fixes).
• netfilter: nf_nat: do not bug when mapping already exists (bsc#1146612).
• nfsv4.1 - backchannel request should hold ref on xprt (bsc#1152624).
• nl80211: fix null pointer dereference (bsc#1051510).
• openvswitch: change type of UPCALL_PID attribute to NLA_UNSPEC (networking-stable-19_09_30).
• qmi_wwan: add support for Cinterion CLS8 devices (networking-stable-19_10_05).
• r8152: Set macpassthru in reset_resume callback (bsc#1051510).
• rds: Fix warning (bsc#1154848).
• reiserfs: fix extended attributes on the root directory (bsc#1151225).
• rpm/kernel-subpackage-spec: Mention debuginfo in the subpackage description (bsc#1149119).
• s390/cmf: set_schib_wait add timeout (bsc#1153509, bsc#1153476).
• sch_cbq: validate TCA_CBQ_WRROPT to avoid crash (networking-stable-19_10_05).
• sch_dsmark: fix potential NULL deref in dsmark_init() (networking-stable-19_10_05).
• sch_netem: fix a divide by zero in tabledist() (networking-stable-19_09_30).
• sched/fair: Avoid divide by zero when rebalancing domains (bsc#1096254).
• scsi: lpfc: Fix devices that do not return after devloss followed by rediscovery (bsc#1137040).
• scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Capture FW dump on MPI heartbeat stop event (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Check for MB timeout while capturing ISP27/28xx FW dump (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Dual FCP-NVMe target port support (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Fix N2N link reset (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Fix N2N link up fail (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Fix partial flash write of MBI (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Fix stale mem access on driver unload (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Fix unbound sleep in fcport delete path (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Fix wait condition in loop (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Improve logging for scan thread (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Initialized mailbox to prevent driver load failure (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Optimize NPIV tear down process (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Set remove flag for all VP (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Silence fwdump template message (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: Update driver version to 10.01.00.20-k (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: fix a potential NULL pointer dereference (bsc#1150457 CVE-2019-16233).
• scsi: qla2xxx: fixup incorrect usage of host_byte (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: remove redundant assignment to pointer host (bsc#1143706 bsc#1082635 bsc#1123034).
• scsi: qla2xxx: stop timer in shutdown path (bsc#1143706 bsc#1082635 bsc#1123034).
• skge: fix checksum byte order (networking-stable-19_09_30).
• staging: wlan-ng: fix exit return when sme->key_idx >= NUM_WEPKEYS (bsc#1051510).
• supporte.conf: add efivarfs to kernel-default-base (bsc#1154858).
• tipc: fix unlimited bundling of small messages (networking-stable-19_10_05).
• usb: ldusb: fix NULL-derefs on driver unbind (bsc#1051510).
• usb: ldusb: fix memleak on disconnect (bsc#1051510).
• usb: ldusb: fix read info leaks (bsc#1051510).
• usb: legousbtower: fix a signedness bug in tower_probe() (bsc#1051510).
• usb: legousbtower: fix memleak on disconnect (bsc#1051510).
• usb: serial: ti_usb_3410_5052: fix port-close races (bsc#1051510).
• usb: udc: lpc32xx: fix bad bit shift operation (bsc#1051510).
• usb: usblp: fix use-after-free on disconnect (bsc#1051510).
• vfs: Make filldir64 verify the directory entry filename is valid (bsc#1144903, CVE-2019-10220).
• vsock: Fix a lockdep warning in __vsock_release() (networking-stable-19_10_05).
• x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (bnc#1153969).
• x86/boot/64: Round memory hole size up to next PMD page (bnc#1153969).
• x86/tsx: Add config options to set tsx=on|off|auto (bsc#1139073, CVE-2019-11135).

Special Instructions and Notes:

• Please reboot the system after installing this update.

Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

• SUSE Linux Enterprise Software Bootstrap Kit 12 12-SP4
  zypper in -t patch SUSE-SLE-BSK-12-SP4-2019-2948=1
• SUSE Linux Enterprise Desktop 12 SP4
  zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-2948=1
• SUSE Linux Enterprise Server for SAP Applications 12 SP4
  zypper in -t patch SUSE-SLE-HA-12-SP4-2019-2948=1 SUSE-SLE-SERVER-12-SP4-2019-2948=1
• SUSE Linux Enterprise High Availability Extension 12 SP4
  zypper in -t patch SUSE-SLE-HA-12-SP4-2019-2948=1
• SUSE Linux Enterprise Live Patching 12-SP4
  zypper in -t patch SUSE-SLE-Live-Patching-12-SP4-2019-2948=1
• SUSE Linux Enterprise Software Development Kit 12 SP4
  zypper in -t patch SUSE-SLE-SDK-12-SP4-2019-2948=1
• SUSE Linux Enterprise High Performance Computing 12 SP4
  zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-2948=1
• SUSE Linux Enterprise Server 12 SP4
  zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-2948=1
• SUSE Linux Enterprise Workstation Extension 12 12-SP4
  zypper in -t patch SUSE-SLE-WE-12-SP4-2019-2948=1

Package List:

• SUSE Linux Enterprise Software Bootstrap Kit 12 12-SP4 (nosrc s390x)
  • kernel-zfcpdump-4.12.14-95.40.1
• SUSE Linux Enterprise Software Bootstrap Kit 12 12-SP4 (s390x)
  • kernel-zfcpdump-debuginfo-4.12.14-95.40.1
  • kernel-zfcpdump-debugsource-4.12.14-95.40.1
• SUSE Linux Enterprise Desktop 12 SP4 (nosrc x86_64)
  • kernel-default-4.12.14-95.40.1
• SUSE Linux Enterprise Desktop 12 SP4 (x86_64)
  • kernel-default-extra-debuginfo-4.12.14-95.40.1
  • kernel-default-devel-debuginfo-4.12.14-95.40.1
  • kernel-syms-4.12.14-95.40.1
  • kernel-default-extra-4.12.14-95.40.1
  • kernel-default-debugsource-4.12.14-95.40.1
  • kernel-default-devel-4.12.14-95.40.1
  • kernel-default-debuginfo-4.12.14-95.40.1
• SUSE Linux Enterprise Desktop 12 SP4 (noarch)
  • kernel-devel-4.12.14-95.40.1
  • kernel-macros-4.12.14-95.40.1
  • kernel-source-4.12.14-95.40.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP4 (ppc64le x86_64)
  • cluster-md-kmp-default-debuginfo-4.12.14-95.40.1
  • ocfs2-kmp-default-debuginfo-4.12.14-95.40.1
  • ocfs2-kmp-default-4.12.14-95.40.1
  • gfs2-kmp-default-4.12.14-95.40.1
  • kernel-default-debuginfo-4.12.14-95.40.1
  • dlm-kmp-default-4.12.14-95.40.1
  • kernel-syms-4.12.14-95.40.1
  • dlm-kmp-default-debuginfo-4.12.14-95.40.1
  • kernel-default-debugsource-4.12.14-95.40.1
  • gfs2-kmp-default-debuginfo-4.12.14-95.40.1
  • kernel-default-base-debuginfo-4.12.14-95.40.1
  • kernel-default-devel-4.12.14-95.40.1
  • kernel-default-base-4.12.14-95.40.1
  • cluster-md-kmp-default-4.12.14-95.40.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP4 (nosrc ppc64le x86_64)
  • kernel-default-4.12.14-95.40.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP4 (noarch)
  • kernel-devel-4.12.14-95.40.1
  • kernel-macros-4.12.14-95.40.1
  • kernel-source-4.12.14-95.40.1
• SUSE Linux Enterprise Server for SAP Applications 12 SP4 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-95.40.1
• SUSE Linux Enterprise High Availability Extension 12 SP4 (ppc64le s390x x86_64)
  • cluster-md-kmp-default-debuginfo-4.12.14-95.40.1
  • ocfs2-kmp-default-debuginfo-4.12.14-95.40.1
  • ocfs2-kmp-default-4.12.14-95.40.1
  • gfs2-kmp-default-4.12.14-95.40.1
  • kernel-default-debuginfo-4.12.14-95.40.1
  • dlm-kmp-default-4.12.14-95.40.1
  • dlm-kmp-default-debuginfo-4.12.14-95.40.1
  • kernel-default-debugsource-4.12.14-95.40.1
  • gfs2-kmp-default-debuginfo-4.12.14-95.40.1
  • cluster-md-kmp-default-4.12.14-95.40.1
• SUSE Linux Enterprise High Availability Extension 12 SP4 (nosrc)
  • kernel-default-4.12.14-95.40.1
• SUSE Linux Enterprise Live Patching 12-SP4 (nosrc)
  • kernel-default-4.12.14-95.40.1
• SUSE Linux Enterprise Live Patching 12-SP4 (ppc64le x86_64)
  • kernel-default-kgraft-4.12.14-95.40.1
  • kernel-default-kgraft-devel-4.12.14-95.40.1
  • kgraft-patch-4_12_14-95_40-default-1-6.3.1
• SUSE Linux Enterprise Software Development Kit 12 SP4 (noarch nosrc)
  • kernel-docs-4.12.14-95.40.1
• SUSE Linux Enterprise Software Development Kit 12 SP4 (aarch64 ppc64le s390x x86_64)
  • kernel-obs-build-4.12.14-95.40.2
  • kernel-obs-build-debugsource-4.12.14-95.40.2
• SUSE Linux Enterprise High Performance Computing 12 SP4 (aarch64 x86_64)
  • kernel-syms-4.12.14-95.40.1
  • kernel-default-debugsource-4.12.14-95.40.1
  • kernel-default-base-debuginfo-4.12.14-95.40.1
  • kernel-default-devel-4.12.14-95.40.1
  • kernel-default-base-4.12.14-95.40.1
  • kernel-default-debuginfo-4.12.14-95.40.1
• SUSE Linux Enterprise High Performance Computing 12 SP4 (noarch)
  • kernel-devel-4.12.14-95.40.1
  • kernel-macros-4.12.14-95.40.1
  • kernel-source-4.12.14-95.40.1
• SUSE Linux Enterprise High Performance Computing 12 SP4 (aarch64 nosrc x86_64)
  • kernel-default-4.12.14-95.40.1
• SUSE Linux Enterprise High Performance Computing 12 SP4 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-95.40.1
• SUSE Linux Enterprise Server 12 SP4 (aarch64 ppc64le s390x x86_64)
  • kernel-syms-4.12.14-95.40.1
  • kernel-default-debugsource-4.12.14-95.40.1
  • kernel-default-base-debuginfo-4.12.14-95.40.1
  • kernel-default-devel-4.12.14-95.40.1
  • kernel-default-base-4.12.14-95.40.1
  • kernel-default-debuginfo-4.12.14-95.40.1
• SUSE Linux Enterprise Server 12 SP4 (noarch)
  • kernel-devel-4.12.14-95.40.1
  • kernel-macros-4.12.14-95.40.1
  • kernel-source-4.12.14-95.40.1
• SUSE Linux Enterprise Server 12 SP4 (aarch64 ppc64le s390x x86_64 nosrc)
  • kernel-default-4.12.14-95.40.1
• SUSE Linux Enterprise Server 12 SP4 (s390x)
  • kernel-default-man-4.12.14-95.40.1
• SUSE Linux Enterprise Server 12 SP4 (x86_64)
  • kernel-default-devel-debuginfo-4.12.14-95.40.1
• SUSE Linux Enterprise Workstation Extension 12 12-SP4 (nosrc)
  • kernel-default-4.12.14-95.40.1
• SUSE Linux Enterprise Workstation Extension 12 12-SP4 (x86_64)
  • kernel-default-extra-4.12.14-95.40.1
  • kernel-default-extra-debuginfo-4.12.14-95.40.1
  • kernel-default-debugsource-4.12.14-95.40.1
  • kernel-default-debuginfo-4.12.14-95.40.1

References:

• https://www.suse.com/security/cve/CVE-2018-12207.html
• https://www.suse.com/security/cve/CVE-2019-0154.html
• https://www.suse.com/security/cve/CVE-2019-0155.html
• https://www.suse.com/security/cve/CVE-2019-10220.html
• https://www.suse.com/security/cve/CVE-2019-11135.html
• https://www.suse.com/security/cve/CVE-2019-16233.html
• https://bugzilla.suse.com/show_bug.cgi?id=1051510
• https://bugzilla.suse.com/show_bug.cgi?id=1082635
• https://bugzilla.suse.com/show_bug.cgi?id=1083647
• https://bugzilla.suse.com/show_bug.cgi?id=1090631
• https://bugzilla.suse.com/show_bug.cgi?id=1096254
• https://bugzilla.suse.com/show_bug.cgi?id=1117665
• https://bugzilla.suse.com/show_bug.cgi?id=1119461
• https://bugzilla.suse.com/show_bug.cgi?id=1119465
• https://bugzilla.suse.com/show_bug.cgi?id=1123034
• https://bugzilla.suse.com/show_bug.cgi?id=1135966
• https://bugzilla.suse.com/show_bug.cgi?id=1135967
• https://bugzilla.suse.com/show_bug.cgi?id=1137040
• https://bugzilla.suse.com/show_bug.cgi?id=1138190
• https://bugzilla.suse.com/show_bug.cgi?id=1139073
• https://bugzilla.suse.com/show_bug.cgi?id=1140090
• https://bugzilla.suse.com/show_bug.cgi?id=1143706
• https://bugzilla.suse.com/show_bug.cgi?id=1144338
• https://bugzilla.suse.com/show_bug.cgi?id=1144903
• https://bugzilla.suse.com/show_bug.cgi?id=1146612
• https://bugzilla.suse.com/show_bug.cgi?id=1149119
• https://bugzilla.suse.com/show_bug.cgi?id=1150457
• https://bugzilla.suse.com/show_bug.cgi?id=1151225
• https://bugzilla.suse.com/show_bug.cgi?id=1152624
• https://bugzilla.suse.com/show_bug.cgi?id=1153476
• https://bugzilla.suse.com/show_bug.cgi?id=1153509
• https://bugzilla.suse.com/show_bug.cgi?id=1153969
• https://bugzilla.suse.com/show_bug.cgi?id=1154737
• https://bugzilla.suse.com/show_bug.cgi?id=1154848
• https://bugzilla.suse.com/show_bug.cgi?id=1154858
• https://bugzilla.suse.com/show_bug.cgi?id=1154905
• https://bugzilla.suse.com/show_bug.cgi?id=1154959
• https://bugzilla.suse.com/show_bug.cgi?id=1155178
• https://bugzilla.suse.com/show_bug.cgi?id=1155179
• https://bugzilla.suse.com/show_bug.cgi?id=1155184
• https://bugzilla.suse.com/show_bug.cgi?id=1155186
• https://bugzilla.suse.com/show_bug.cgi?id=1155671