Oval Definition:	oval:org.opensuse.security:def:1406
Revision Date: 2022-06-27 Version: 1 Title: Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP3) (Important) (in QA) Description: This update for the Linux Kernel 5.3.18-150300_59_63 fixes several issues. The following security issues were fixed: - CVE-2022-32250: Fixed an use-after-free bug in the netfilter subsystem. This flaw allowed a local attacker with user access to cause a privilege escalation issue. (bnc#1200015) - CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to privilege escalation. (bsc#1200019) - CVE-2022-1116: Fixed an integer overflow vulnerability in io_uring that allows local attacker to cause memory corruption and escalate privileges to root. (bsc#1199647) versions. - CVE-2022-1734: Fixed a r/w use-after-free when non synchronized between cleanup routine and firmware download routine. (bnc#1199605) This patch is currently in QA and not yet available for download. Family: unix Class: patch Status: Reference(s): 1119069 1120374 1122983 1199606 1199648 1200266 1200268 CVE-2016-1856 CVE-2016-1857 CVE-2016-4590 CVE-2016-4591 CVE-2016-4622 CVE-2016-4624 CVE-2016-4692 CVE-2016-4743 CVE-2016-7586 CVE-2016-7587 CVE-2016-7589 CVE-2016-7592 CVE-2016-7598 CVE-2016-7599 CVE-2016-7610 CVE-2016-7623 CVE-2016-7632 CVE-2016-7635 CVE-2016-7639 CVE-2016-7641 CVE-2016-7645 CVE-2016-7652 CVE-2016-7654 CVE-2016-7656 CVE-2017-13788 CVE-2017-13798 CVE-2017-13803 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 CVE-2017-13884 CVE-2017-13885 CVE-2017-2350 CVE-2017-2354 CVE-2017-2355 CVE-2017-2356 CVE-2017-2362 CVE-2017-2363 CVE-2017-2364 CVE-2017-2365 CVE-2017-2366 CVE-2017-2369 CVE-2017-2371 CVE-2017-2373 CVE-2017-2496 CVE-2017-2510 CVE-2017-2538 CVE-2017-2539 CVE-2017-5645 CVE-2017-5715 CVE-2017-5753 CVE-2017-7006 CVE-2017-7011 CVE-2017-7012 CVE-2017-7018 CVE-2017-7019 CVE-2017-7020 CVE-2017-7030 CVE-2017-7034 CVE-2017-7037 CVE-2017-7038 CVE-2017-7039 CVE-2017-7040 CVE-2017-7041 CVE-2017-7042 CVE-2017-7043 CVE-2017-7046 CVE-2017-7048 CVE-2017-7049 CVE-2017-7052 CVE-2017-7055 CVE-2017-7056 CVE-2017-7059 CVE-2017-7061 CVE-2017-7064 CVE-2017-7081 CVE-2017-7087 CVE-2017-7089 CVE-2017-7090 CVE-2017-7091 CVE-2017-7092 CVE-2017-7093 CVE-2017-7094 CVE-2017-7095 CVE-2017-7096 CVE-2017-7098 CVE-2017-7099 CVE-2017-7100 CVE-2017-7102 CVE-2017-7104 CVE-2017-7107 CVE-2017-7109 CVE-2017-7111 CVE-2017-7117 CVE-2017-7120 CVE-2017-7142 CVE-2017-7153 CVE-2017-7156 CVE-2017-7157 CVE-2017-7160 CVE-2017-7161 CVE-2017-7165 CVE-2018-12404 CVE-2018-12404 CVE-2018-18500 CVE-2018-18500 CVE-2018-18501 CVE-2018-18501 CVE-2018-18505 CVE-2018-18505 CVE-2018-4088 CVE-2018-4096 CVE-2018-4101 CVE-2018-4113 CVE-2018-4114 CVE-2018-4117 CVE-2018-4118 CVE-2018-4119 CVE-2018-4120 CVE-2018-4122 CVE-2018-4125 CVE-2018-4127 CVE-2018-4128 CVE-2018-4129 CVE-2018-4133 CVE-2018-4146 CVE-2018-4161 CVE-2018-4162 CVE-2018-4163 CVE-2018-4165 CVE-2018-4200 CVE-2019-17571 CVE-2022-1116 CVE-2022-1734 CVE-2022-1966 CVE-2022-1972 CVE-2022-32250 SUSE-SU-2019:0273-1 Platform(s): SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for CAP 15 SUSE Linux Enterprise Module for Containers 15 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP3 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libXxf86vm1-1.1.3-3 is installed OR libXxf86vm1-32bit-1.1.3-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND argyllcms-1.6.3-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information NetworkManager-1.0.12-8 is installed OR NetworkManager-lang-1.0.12-8 is installed OR libnm-glib-vpn1-1.0.12-8 is installed OR libnm-glib4-1.0.12-8 is installed OR libnm-util2-1.0.12-8 is installed OR libnm0-1.0.12-8 is installed OR typelib-1_0-NM-1_0-1.0.12-8 is installed OR typelib-1_0-NMClient-1_0-1.0.12-8 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information typelib-1_0-JavaScriptCore-4_0-2.20.2-1.14 is installed OR typelib-1_0-WebKit2-4_0-2.20.2-1.14 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.20.2-1.14 is installed OR webkit2gtk3-devel-2.20.2-1.14 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Micro 5.1 is installed OR SUSE Linux Enterprise Micro 5.2 is installed OR SUSE Linux Enterprise Module for Live Patching 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed AND kernel-livepatch-5_3_18-150300_59_63-default-4-150300.2.2 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information samba-4.7.11+git.140.6bd0e5b30d8-4.21 is installed OR samba-python-4.7.11+git.140.6bd0e5b30d8-4.21 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libfreebl3-3.41.1-3.13 is installed OR libfreebl3-32bit-3.41.1-3.13 is installed OR libfreebl3-hmac-3.41.1-3.13 is installed OR libfreebl3-hmac-32bit-3.41.1-3.13 is installed OR libsoftokn3-3.41.1-3.13 is installed OR libsoftokn3-32bit-3.41.1-3.13 is installed OR libsoftokn3-hmac-3.41.1-3.13 is installed OR libsoftokn3-hmac-32bit-3.41.1-3.13 is installed OR mozilla-nss-3.41.1-3.13 is installed OR mozilla-nss-32bit-3.41.1-3.13 is installed OR mozilla-nss-certs-3.41.1-3.13 is installed OR mozilla-nss-certs-32bit-3.41.1-3.13 is installed OR mozilla-nss-devel-3.41.1-3.13 is installed OR mozilla-nss-sysinit-3.41.1-3.13 is installed OR mozilla-nss-tools-3.41.1-3.13 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information bzip2-1.0.6-5.3 is installed OR libbz2-1-1.0.6-5.3 is installed OR libbz2-1-32bit-1.0.6-5.3 is installed OR libbz2-devel-1.0.6-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for CAP 15 is installed AND cf-cli-6.43.0-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 15 is installed AND Package Information docker-18.09.6_ce-6.20 is installed OR docker-bash-completion-18.09.6_ce-6.20 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information libtiff5-32bit-4.0.9-5.9 is installed OR tiff-4.0.9-5.9 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND Package Information log4j12-javadoc-1.2.17-2 is installed OR log4j12-manual-1.2.17-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_15-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_4-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.38 is installed OR kernel-azure-base-4.12.14-5.38 is installed OR kernel-azure-devel-4.12.14-5.38 is installed OR kernel-devel-azure-4.12.14-5.38 is installed OR kernel-source-azure-4.12.14-5.38 is installed OR kernel-syms-azure-4.12.14-5.38 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND xlockmore-5.43-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND ant-1.9.4-1.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND gzip-1.6-7.392 is installed
BACK