OVAL Reference oval:org.opensuse.security:def:1274

Oval Definition:

oval:org.opensuse.security:def:1274

Revision Date:	2021-10-12	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)
Description:	This update for the Linux Kernel 5.3.18-57 fixes several issues. The following security issues were fixed: - CVE-2021-31440: Fixed a lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. (bsc#1190127). - CVE-2021-38160: Fixed a bug that could lead to a data corruption or loss. This can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190118) - CVE-2021-3640: Fixed a user-after-free bug in the function sco_sock_sendmsg which could lead to local privilege escalation. (bsc#1188613) - CVE-2021-3573: Fixed a user-after-free bug in the function hci_sock_bound_ioctl which could lead to local privilege escalation. (bsc#1187054).
Family:	unix	Class:	patch
Status:		Reference(s):	1103320 1115929 1187054 1188613 1190118 1190127 CVE-2017-15631 CVE-2017-6318 CVE-2018-19211 CVE-2018-19211 CVE-2021-31440 CVE-2021-3573 CVE-2021-3640 CVE-2021-38160 SUSE-SU-2018:4000-1 SUSE-SU-2021:3360-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 15 SP3 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Desktop Applications 15 SP2 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP3 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 15 SUSE Manager Proxy 4.2 SUSE Manager Server 4.2 SUSE Package Hub for SUSE Linux Enterprise 15	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND haproxy-1.5.4-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information at-3.1.14-7 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed OR libkde4-4.12.0-7 is installed OR libkde4-32bit-4.12.0-7 is installed OR libkdecore4-4.12.0-7 is installed OR libkdecore4-32bit-4.12.0-7 is installed OR libksuseinstall1-4.12.0-7 is installed OR libksuseinstall1-32bit-4.12.0-7 is installed OR libnetpbm11-10.66.3-4 is installed OR libnetpbm11-32bit-10.66.3-4 is installed OR netpbm-10.66.3-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP3 is installed AND yubikey-manager-2.1.0-1.10 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Micro 5.1 is installed OR SUSE Linux Enterprise Micro 5.2 is installed OR SUSE Linux Enterprise Module for Live Patching 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed AND kernel-livepatch-5_3_18-57-default-7-3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libncurses6-6.1-5.3 is installed OR libncurses6-32bit-6.1-5.3 is installed OR ncurses-6.1-5.3 is installed OR ncurses-devel-6.1-5.3 is installed OR ncurses-utils-6.1-5.3 is installed OR tack-6.1-5.3 is installed OR terminfo-6.1-5.3 is installed OR terminfo-base-6.1-5.3 is installed OR terminfo-iterm-6.1-5.3 is installed OR terminfo-screen-6.1-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP2 is installed AND Package Information sane-backends-1.0.27-4 is installed OR sane-backends-autoconfig-1.0.27-4 is installed OR sane-backends-devel-1.0.27-4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.15 is installed OR reiserfs-kmp-default-4.12.14-197.15 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_6-default-4-2 is installed OR kernel-livepatch-SLE15_Update_2-4-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information libXv1-1.0.10-3 is installed OR libXv1-32bit-1.0.10-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information qemu-2.3.1-5.7 is installed OR qemu-block-curl-2.3.1-5.7 is installed OR qemu-block-rbd-2.3.1-5.7 is installed OR qemu-guest-agent-2.3.1-5.7 is installed OR qemu-ipxe-1.0.0-5.7 is installed OR qemu-kvm-2.3.1-5.7 is installed OR qemu-lang-2.3.1-5.7 is installed OR qemu-ppc-2.3.1-5.7 is installed OR qemu-s390-2.3.1-5.7 is installed OR qemu-seabios-1.8.1-5.7 is installed OR qemu-sgabios-8-5.7 is installed OR qemu-tools-2.3.1-5.7 is installed OR qemu-vgabios-1.8.1-5.7 is installed OR qemu-x86-2.3.1-5.7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.19 is installed OR kernel-default-extra-4.12.14-25.19 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 15 is installed AND Package Information irssi-1.1.2-bp150.3.4 is installed OR irssi-devel-1.1.2-bp150.3.4 is installed

BACK