Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3) SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:1948-1 Final 1 1 2019-07-23T08:08:48Z current 2019-07-23T08:08:48Z 2019-07-23T08:08:48Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP3) This update for the Linux Kernel 4.4.178-94_91 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424). This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2019-1948,SUSE-SLE-Live-Patching-12-SP4-2019-1936,SUSE-SLE-Live-Patching-12-SP4-2019-1937,SUSE-SLE-Live-Patching-12-SP4-2019-1938,SUSE-SLE-Live-Patching-12-SP4-2019-1939,SUSE-SLE-Live-Patching-12-SP4-2019-1940,SUSE-SLE-SAP-12-SP2-2019-1928,SUSE-SLE-SAP-12-SP2-2019-1929,SUSE-SLE-SAP-12-SP2-2019-1931,SUSE-SLE-SAP-12-SP2-2019-1932,SUSE-SLE-SAP-12-SP2-2019-1933,SUSE-SLE-SAP-12-SP2-2019-1934,SUSE-SLE-SAP-12-SP3-2019-1942,SUSE-SLE-SAP-12-SP3-2019-1943,SUSE-SLE-SAP-12-SP3-2019-1944,SUSE-SLE-SAP-12-SP3-2019-1945,SUSE-SLE-SAP-12-SP3-2019-1946,SUSE-SLE-SAP-12-SP3-2019-1947,SUSE-SLE-SAP-12-SP3-2019-1948,SUSE-SLE-SAP-12-SP3-2019-1949,SUSE-SLE-SAP-12-SP3-2019-1950,SUSE-SLE-SAP-12-SP3-2019-1951,SUSE-SLE-SAP-12-SP3-2019-1952,SUSE-SLE-SERVER-12-SP2-2019-1928,SUSE-SLE-SERVER-12-SP2-2019-1929,SUSE-SLE-SERVER-12-SP2-2019-1931,SUSE-SLE-SERVER-12-SP2-2019-1932,SUSE-SLE-SERVER-12-SP2-2019-1933,SUSE-SLE-SERVER-12-SP2-2019-1934,SUSE-SLE-SERVER-12-SP3-2019-1942,SUSE-SLE-SERVER-12-SP3-2019-1943,SUSE-SLE-SERVER-12-SP3-2019-1944,SUSE-SLE-SERVER-12-SP3-2019-1945,SUSE-SLE-SERVER-12-SP3-2019-1946,SUSE-SLE-SERVER-12-SP3-2019-1947,SUSE-SLE-SERVER-12-SP3-2019-1948,SUSE-SLE-SERVER-12-SP3-2019-1949,SUSE-SLE-SERVER-12-SP3-2019-1950,SUSE-SLE-SERVER-12-SP3-2019-1951,SUSE-SLE-SERVER-12-SP3-2019-1952 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-20191948-1/ Link for SUSE-SU-2019:1948-1 https://lists.suse.com/pipermail/sle-security-updates/2019-July/005744.html E-Mail link for SUSE-SU-2019:1948-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1136446 SUSE Bug 1136446 https://bugzilla.suse.com/1137597 SUSE Bug 1137597 https://bugzilla.suse.com/1140747 SUSE Bug 1140747 https://www.suse.com/security/cve/CVE-2019-11477/ SUSE CVE CVE-2019-11477 page https://www.suse.com/security/cve/CVE-2019-11478/ SUSE CVE CVE-2019-11478 page https://www.suse.com/security/cve/CVE-2019-3846/ SUSE CVE CVE-2019-3846 page SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_162-94_69-default-5-2.1 kgraft-patch-4_12_14-94_41-default-6-2.16.1 kgraft-patch-4_12_14-95_3-default-5-2.1 kgraft-patch-4_12_14-95_6-default-4-2.1 kgraft-patch-4_12_14-95_13-default-3-2.1 kgraft-patch-4_12_14-95_16-default-3-2.1 kgraft-patch-4_4_121-92_92-default-8-2.1 kgraft-patch-4_4_121-92_95-default-7-2.1 kgraft-patch-4_4_121-92_98-default-6-2.1 kgraft-patch-4_4_121-92_101-default-4-2.1 kgraft-patch-4_4_121-92_104-default-4-2.1 kgraft-patch-4_4_121-92_109-default-4-2.1 kgraft-patch-4_4_140-94_42-default-10-2.1 kgraft-patch-4_4_143-94_47-default-7-2.1 kgraft-patch-4_4_155-94_50-default-7-2.1 kgraft-patch-4_4_156-94_57-default-7-2.1 kgraft-patch-4_4_156-94_61-default-7-2.1 kgraft-patch-4_4_156-94_64-default-6-2.1 kgraft-patch-4_4_162-94_72-default-5-2.1 kgraft-patch-4_4_175-94_79-default-4-2.1 kgraft-patch-4_4_176-94_88-default-3-2.1 kgraft-patch-4_4_178-94_91-default-3-2.1 kgraft-patch-4_12_14-94_41-default-6-2.16.1 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kgraft-patch-4_12_14-95_3-default-5-2.1 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kgraft-patch-4_12_14-95_6-default-4-2.1 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kgraft-patch-4_12_14-95_13-default-3-2.1 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kgraft-patch-4_12_14-95_16-default-3-2.1 as a component of SUSE Linux Enterprise Live Patching 12 SP4 kgraft-patch-4_4_121-92_92-default-8-2.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kgraft-patch-4_4_121-92_95-default-7-2.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kgraft-patch-4_4_121-92_98-default-6-2.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kgraft-patch-4_4_121-92_101-default-4-2.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kgraft-patch-4_4_121-92_104-default-4-2.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kgraft-patch-4_4_121-92_109-default-4-2.1 as a component of SUSE Linux Enterprise Server 12 SP2-LTSS kgraft-patch-4_4_140-94_42-default-10-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_143-94_47-default-7-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_155-94_50-default-7-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_156-94_57-default-7-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_156-94_61-default-7-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_156-94_64-default-6-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_162-94_69-default-5-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_162-94_72-default-5-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_175-94_79-default-4-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_176-94_88-default-3-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_178-94_91-default-3-2.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS kgraft-patch-4_4_121-92_92-default-8-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kgraft-patch-4_4_121-92_95-default-7-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kgraft-patch-4_4_121-92_98-default-6-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kgraft-patch-4_4_121-92_101-default-4-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kgraft-patch-4_4_121-92_104-default-4-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kgraft-patch-4_4_121-92_109-default-4-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kgraft-patch-4_4_140-94_42-default-10-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_143-94_47-default-7-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_155-94_50-default-7-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_156-94_57-default-7-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_156-94_61-default-7-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_156-94_64-default-6-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_162-94_69-default-5-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_162-94_72-default-5-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_175-94_79-default-4-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_176-94_88-default-3-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 kgraft-patch-4_4_178-94_91-default-3-2.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff. CVE-2019-11477 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-6-2.16.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_13-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_16-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-5-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_104-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_92-default-8-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-7-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_98-default-6-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_140-94_42-default-10-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_143-94_47-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_155-94_50-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_57-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_61-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_64-default-6-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_162-94_69-default-5-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_162-94_72-default-5-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-4-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-3-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-3-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_104-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_92-default-8-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_98-default-6-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_140-94_42-default-10-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_143-94_47-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_155-94_50-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_57-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_61-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_64-default-6-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_162-94_69-default-5-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_162-94_72-default-5-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-3-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-3-2.1 important 7.8 AV:N/AC:L/Au:N/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20191948-1/ https://www.suse.com/security/cve/CVE-2019-11477.html CVE-2019-11477 https://bugzilla.suse.com/1132686 SUSE Bug 1132686 https://bugzilla.suse.com/1137586 SUSE Bug 1137586 https://bugzilla.suse.com/1142129 SUSE Bug 1142129 https://bugzilla.suse.com/1153242 SUSE Bug 1153242 Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit f070ef2ac66716357066b683fb0baf55f8191a2e. CVE-2019-11478 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-6-2.16.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_13-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_16-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-5-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_104-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_92-default-8-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-7-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_98-default-6-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_140-94_42-default-10-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_143-94_47-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_155-94_50-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_57-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_61-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_64-default-6-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_162-94_69-default-5-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_162-94_72-default-5-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-4-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-3-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-3-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_104-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_92-default-8-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_98-default-6-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_140-94_42-default-10-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_143-94_47-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_155-94_50-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_57-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_61-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_64-default-6-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_162-94_69-default-5-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_162-94_72-default-5-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-3-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-3-2.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20191948-1/ https://www.suse.com/security/cve/CVE-2019-11478.html CVE-2019-11478 https://bugzilla.suse.com/1132686 SUSE Bug 1132686 https://bugzilla.suse.com/1137586 SUSE Bug 1137586 https://bugzilla.suse.com/1142129 SUSE Bug 1142129 https://bugzilla.suse.com/1143542 SUSE Bug 1143542 A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network. CVE-2019-3846 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-94_41-default-6-2.16.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_13-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_16-default-3-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_3-default-5-2.1 SUSE Linux Enterprise Live Patching 12 SP4:kgraft-patch-4_12_14-95_6-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_101-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_104-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_109-default-4-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_92-default-8-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_95-default-7-2.1 SUSE Linux Enterprise Server 12 SP2-LTSS:kgraft-patch-4_4_121-92_98-default-6-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_140-94_42-default-10-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_143-94_47-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_155-94_50-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_57-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_61-default-7-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_156-94_64-default-6-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_162-94_69-default-5-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_162-94_72-default-5-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_175-94_79-default-4-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_176-94_88-default-3-2.1 SUSE Linux Enterprise Server 12 SP3-LTSS:kgraft-patch-4_4_178-94_91-default-3-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_101-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_104-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_109-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_92-default-8-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_95-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kgraft-patch-4_4_121-92_98-default-6-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_140-94_42-default-10-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_143-94_47-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_155-94_50-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_57-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_61-default-7-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_156-94_64-default-6-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_162-94_69-default-5-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_162-94_72-default-5-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_175-94_79-default-4-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_176-94_88-default-3-2.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:kgraft-patch-4_4_178-94_91-default-3-2.1 moderate 8.3 AV:A/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20191948-1/ https://www.suse.com/security/cve/CVE-2019-3846.html CVE-2019-3846 https://bugzilla.suse.com/1136424 SUSE Bug 1136424 https://bugzilla.suse.com/1136446 SUSE Bug 1136446 https://bugzilla.suse.com/1156330 SUSE Bug 1156330