OVAL Reference oval:org.opensuse.security:def:1449

Oval Definition:

oval:org.opensuse.security:def:1449

Revision Date:	2022-03-29	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP3) (Important)
Description:	This update for the Linux Kernel 5.3.18-57 fixes several issues. The following security issues were fixed: - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299). - CVE-2021-4001: Fixed a race condition when the EBPF map is frozen (bsc#1192990). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516).
Family:	unix	Class:	patch
Status:		Reference(s):	1063993 1079730 1100408 1101982 1112646 1114957 1116717 1117275 1119493 1121600 1123156 1123179 1192991 1195908 1195949 1196301 CVE-2006-7250 CVE-2008-5077 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2939 CVE-2010-3864 CVE-2010-5298 CVE-2011-0014 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2686 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-2003 CVE-2013-4353 CVE-2013-6449 CVE-2013-6450 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-3470 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3567 CVE-2014-3568 CVE-2014-3569 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-5139 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1793 CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3197 CVE-2016-0701 CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0800 CVE-2016-2105 CVE-2016-2106 CVE-2016-2107 CVE-2016-2109 CVE-2016-2176 CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306 CVE-2016-7052 CVE-2016-7055 CVE-2016-7056 CVE-2017-16612 CVE-2017-3731 CVE-2017-3732 CVE-2017-3735 CVE-2017-3736 CVE-2017-3737 CVE-2017-3738 CVE-2018-0732 CVE-2018-0734 CVE-2018-0737 CVE-2018-16872 CVE-2018-16872 CVE-2018-18954 CVE-2018-18954 CVE-2018-19364 CVE-2018-19364 CVE-2018-19489 CVE-2018-19489 CVE-2018-5407 CVE-2019-1559 CVE-2019-6778 CVE-2019-6778 CVE-2021-4001 CVE-2022-0487 CVE-2022-0492 CVE-2022-25636 SUSE-SU-2019:0423-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise High Performance Computing 15 SP3 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Containers 15 SUSE Linux Enterprise Module for Containers 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP3 SUSE Linux Enterprise Module for Public Cloud 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server 15 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information libpython2_7-1_0-2.7.7-2 is installed OR libpython2_7-1_0-32bit-2.7.7-2 is installed OR python-base-2.7.7-2 is installed OR python-devel-2.7.7-2 is installed OR python-xml-2.7.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND autofs-5.0.9-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cyrus-sasl-2.1.26-7 is installed OR cyrus-sasl-32bit-2.1.26-7 is installed OR cyrus-sasl-crammd5-2.1.26-7 is installed OR cyrus-sasl-crammd5-32bit-2.1.26-7 is installed OR cyrus-sasl-digestmd5-2.1.26-7 is installed OR cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed OR cyrus-sasl-gssapi-2.1.26-7 is installed OR cyrus-sasl-gssapi-32bit-2.1.26-7 is installed OR cyrus-sasl-plain-2.1.26-7 is installed OR cyrus-sasl-plain-32bit-2.1.26-7 is installed OR cyrus-sasl-saslauthd-2.1.26-7 is installed OR libsasl2-3-2.1.26-7 is installed OR libsasl2-3-32bit-2.1.26-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND libXcursor1-32bit-1.1.15-1.18 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15 SP3 is installed OR SUSE Linux Enterprise Micro 5.1 is installed OR SUSE Linux Enterprise Micro 5.2 is installed OR SUSE Linux Enterprise Module for Live Patching 15 SP3 is installed OR SUSE Linux Enterprise Server 15 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 15 SP3 is installed AND kernel-livepatch-5_3_18-57-default-13-150200.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information binutils-2.32-6.8 is installed OR binutils-gold-2.32-6.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information qemu-2.11.2-9.20 is installed OR qemu-tools-2.11.2-9.20 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND nmap-7.70-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 is installed AND docker-runc-1.0.0rc5+gitr3562_69663f0bd4b6-6.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 15 SP1 is installed AND Package Information docker-18.09.6_ce-6.20 is installed OR docker-bash-completion-18.09.6_ce-6.20 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information typelib-1_0-JavaScriptCore-4_0-2.20.3-3.3 is installed OR typelib-1_0-WebKit2-4_0-2.20.3-3.3 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.20.3-3.3 is installed OR webkit2gtk3-2.20.3-3.3 is installed OR webkit2gtk3-devel-2.20.3-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information libopenssl-1_0_0-devel-1.0.2p-3.14 is installed OR libopenssl1_0_0-1.0.2p-3.14 is installed OR openssl-1_0_0-1.0.2p-3.14 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 is installed AND Package Information kernel-azure-4.12.14-5.16 is installed OR kernel-azure-base-4.12.14-5.16 is installed OR kernel-azure-devel-4.12.14-5.16 is installed OR kernel-devel-azure-4.12.14-5.16 is installed OR kernel-source-azure-4.12.14-5.16 is installed OR kernel-syms-azure-4.12.14-5.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information openslp-2.0.0-6.3 is installed OR openslp-server-2.0.0-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND davfs2-1.5.2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND libarchive13-3.1.2-22.1 is installed

BACK