| Revision Date: | 2020-12-02 | Version: | 1 |
| Title: | Security update for the Linux Kernel (Live Patch 7 for SLE 15) (Important) |
| Description: |
This update for the Linux Kernel 4.12.14-25_25 fixes several issues.
The following security issues were fixed:
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics may allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135280).
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1021689
1091764
1097375
1097401
1097404
1117632
1119835
1119947
1125601
1127153
1130245
1133191
1134452
1135280
1136446
1136935
1137597
1144902
1146403
1146687
1146690
1146691
1146692
1146766
1146776
1146784
1146785
1146787
1154289
1154598
1154999
1159819
1163985
1168404
1168407
1169066
1169746
1171477
1171978
1172175
1172176
1172225
1172356
1174543
CVE-2018-1000168
CVE-2018-16476
CVE-2018-16884
CVE-2018-20105
CVE-2018-7161
CVE-2018-7167
CVE-2019-10218
CVE-2019-11043
CVE-2019-11085
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-14833
CVE-2019-14847
CVE-2019-17006
CVE-2019-20807
CVE-2019-3846
CVE-2020-10722
CVE-2020-10723
CVE-2020-10724
CVE-2020-10725
CVE-2020-10726
CVE-2020-11076
CVE-2020-11077
CVE-2020-12399
CVE-2020-1720
CVE-2020-1927
CVE-2020-1934
CVE-2020-1938
SUSE-SU-2018:1918-1
SUSE-SU-2018:3996-1
SUSE-SU-2019:0236-1
SUSE-SU-2019:2819-1
SUSE-SU-2019:2868-1
SUSE-SU-2020:0578-1
SUSE-SU-2020:0752-1
SUSE-SU-2020:1089-1
SUSE-SU-2020:1126-1
SUSE-SU-2020:1334-1
SUSE-SU-2020:1551-1
SUSE-SU-2020:1677-1
SUSE-SU-2020:1919-1
SUSE-SU-2020:2160-1
|
| Platform(s): | SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise for SAP 12 SP1
SUSE Linux Enterprise for SAP 12 SP2
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 15
SUSE Linux Enterprise High Availability 15 SP1
SUSE Linux Enterprise High Availability Extension 11 SP3
SUSE Linux Enterprise High Availability Extension 11 SP4
SUSE Linux Enterprise High Performance Computing 15-ESPOS
SUSE Linux Enterprise High Performance Computing 15-LTSS
SUSE Linux Enterprise Live Patching 12 SP3
SUSE Linux Enterprise Live Patching 12 SP4
SUSE Linux Enterprise Module for Containers 12
SUSE Linux Enterprise Module for Legacy Software 12
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Public Cloud 12
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Module for Toolchain 12
SUSE Linux Enterprise Module for Web Scripting 12
SUSE Linux Enterprise Module for Web Scripting 15
SUSE Linux Enterprise Real Time Extension 11 SP1
SUSE Linux Enterprise Real Time Extension 11 SP4
SUSE Linux Enterprise Server 11 SP1-LTSS
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP2-LTSS
SUSE Linux Enterprise Server 11 SP3
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Server for VMWare 11 SP2
SUSE Linux Enterprise Server for VMWare 11 SP3
SUSE Linux Enterprise Software Development Kit 11 SP2
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Software Development Kit 12 SP2
SUSE Linux Enterprise Software Development Kit 12 SP3
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
SUSE Linux Enterprise Workstation Extension 12 SP2
SUSE Linux Enterprise Workstation Extension 12 SP3
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE Package Hub for SUSE Linux Enterprise 12 SP1
| Product(s): | |
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 11 SP4 is installed AND sblim-sfcb-1.3.11-0.25.4 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 is installed
AND Package Information
bzip2-1.0.6-27 is installed
OR libbz2-1-1.0.6-27 is installed
OR libbz2-1-32bit-1.0.6-27 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
ImageMagick-6.8.8.1-8 is installed
OR libMagick++-6_Q16-3-6.8.8.1-8 is installed
OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed
OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed
OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP2 is installed
AND Package Information
aaa_base-13.2+git20140911.61c1681-28 is installed
OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP3 is installed
AND Package Information
ImageMagick-6.8.8.1-70 is installed
OR libMagick++-6_Q16-3-6.8.8.1-70 is installed
OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed
OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed
OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
ImageMagick-6.8.8.1-71.85 is installed
OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed
OR libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed
OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed
OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise for SAP 12 SP1 is installed
AND Package Information
libspice-server1-0.12.5-10.1 is installed
OR spice-0.12.5-10.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise for SAP 12 SP2 is installed
AND cryptctl-1.2.6-5.3.11 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP2 is installed
AND Package Information
libpacemaker3-1.1.15-19 is installed
OR pacemaker-1.1.15-19 is installed
OR pacemaker-cli-1.1.15-19 is installed
OR pacemaker-cts-1.1.15-19 is installed
OR pacemaker-remote-1.1.15-19 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP3 is installed
AND haproxy-1.6.11-10 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 12 SP4 is installed
AND ctdb-4.6.16+git.124.aee309c5c18-3.32 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 15 is installed
AND Package Information
ruby2.5-rubygem-activejob-5_1-5.1.4-3.3 is installed
OR rubygem-activejob-5_1-5.1.4-3.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise High Availability 15 SP1 is installed
AND Package Information
ldirectord-4.3.0184.6ee15eb2-4.22 is installed
OR monitoring-plugins-metadata-4.3.0184.6ee15eb2-4.22 is installed
OR resource-agents-4.3.0184.6ee15eb2-4.22 is installed
|
| Definition Synopsis |
| Release Information
SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed
AND
apache2-2.4.33-3.30 is installed
OR apache2-devel-2.4.33-3.30 is installed
OR apache2-doc-2.4.33-3.30 is installed
OR apache2-prefork-2.4.33-3.30 is installed
OR apache2-utils-2.4.33-3.30 is installed
OR apache2-worker-2.4.33-3.30 is installed
OR Package Information
SUSE Linux Enterprise High Performance Computing 15-LTSS is installed
AND
apache2-2.4.33-3.30 is installed
OR apache2-devel-2.4.33-3.30 is installed
OR apache2-doc-2.4.33-3.30 is installed
OR apache2-prefork-2.4.33-3.30 is installed
OR apache2-utils-2.4.33-3.30 is installed
OR apache2-worker-2.4.33-3.30 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Live Patching 12 SP3 is installed
AND Package Information
kgraft-patch-4_4_132-94_33-default-5-2 is installed
OR kgraft-patch-SLE12-SP3_Update_13-5-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Live Patching 12 SP4 is installed
AND Package Information
kgraft-patch-4_12_14-95_16-default-1-6.3 is installed
OR kgraft-patch-SLE12-SP4_Update_4-1-6.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Containers 12 is installed
AND python-PyYAML-3.10-15 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Legacy Software 12 is installed
AND Package Information
libopenssl0_9_8-0.9.8j-59 is installed
OR libopenssl0_9_8-32bit-0.9.8j-59 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Live Patching 15 is installed
AND Package Information
kernel-livepatch-4_12_14-25_25-default-4-2 is installed
OR kernel-livepatch-SLE15_Update_7-4-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
AND yast2-rmt-1.3.0-3.5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
AND Package Information
libfreebl3-hmac-3.53-3.40 is installed
OR libsoftokn3-hmac-3.53-3.40 is installed
OR mozilla-nss-3.53-3.40 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Toolchain 12 is installed
AND Package Information
cpp5-5.3.1+r233831-9.1 is installed
OR gcc5-5.3.1+r233831-9.1 is installed
OR gcc5-32bit-5.3.1+r233831-9.1 is installed
OR gcc5-ada-5.3.1+r233831-9.1 is installed
OR gcc5-ada-32bit-5.3.1+r233831-9.1 is installed
OR gcc5-c++-5.3.1+r233831-9.1 is installed
OR gcc5-c++-32bit-5.3.1+r233831-9.1 is installed
OR gcc5-fortran-5.3.1+r233831-9.1 is installed
OR gcc5-fortran-32bit-5.3.1+r233831-9.1 is installed
OR gcc5-info-5.3.1+r233831-9.1 is installed
OR gcc5-locale-5.3.1+r233831-9.1 is installed
OR libada5-5.3.1+r233831-9.1 is installed
OR libada5-32bit-5.3.1+r233831-9.1 is installed
OR libffi-devel-gcc5-5.3.1+r233831-9.1 is installed
OR libffi-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed
OR libffi-gcc5-5.3.1+r233831-9.1 is installed
OR libstdc++6-devel-gcc5-5.3.1+r233831-9.1 is installed
OR libstdc++6-devel-gcc5-32bit-5.3.1+r233831-9.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Web Scripting 12 is installed
AND Package Information
apache2-mod_php5-5.5.14-73.1 is installed
OR php5-5.5.14-73.1 is installed
OR php5-bcmath-5.5.14-73.1 is installed
OR php5-bz2-5.5.14-73.1 is installed
OR php5-calendar-5.5.14-73.1 is installed
OR php5-ctype-5.5.14-73.1 is installed
OR php5-curl-5.5.14-73.1 is installed
OR php5-dba-5.5.14-73.1 is installed
OR php5-dom-5.5.14-73.1 is installed
OR php5-enchant-5.5.14-73.1 is installed
OR php5-exif-5.5.14-73.1 is installed
OR php5-fastcgi-5.5.14-73.1 is installed
OR php5-fileinfo-5.5.14-73.1 is installed
OR php5-fpm-5.5.14-73.1 is installed
OR php5-ftp-5.5.14-73.1 is installed
OR php5-gd-5.5.14-73.1 is installed
OR php5-gettext-5.5.14-73.1 is installed
OR php5-gmp-5.5.14-73.1 is installed
OR php5-iconv-5.5.14-73.1 is installed
OR php5-imap-5.5.14-73.1 is installed
OR php5-intl-5.5.14-73.1 is installed
OR php5-json-5.5.14-73.1 is installed
OR php5-ldap-5.5.14-73.1 is installed
OR php5-mbstring-5.5.14-73.1 is installed
OR php5-mcrypt-5.5.14-73.1 is installed
OR php5-mysql-5.5.14-73.1 is installed
OR php5-odbc-5.5.14-73.1 is installed
OR php5-opcache-5.5.14-73.1 is installed
OR php5-openssl-5.5.14-73.1 is installed
OR php5-pcntl-5.5.14-73.1 is installed
OR php5-pdo-5.5.14-73.1 is installed
OR php5-pear-5.5.14-73.1 is installed
OR php5-pgsql-5.5.14-73.1 is installed
OR php5-phar-5.5.14-73.1 is installed
OR php5-posix-5.5.14-73.1 is installed
OR php5-pspell-5.5.14-73.1 is installed
OR php5-shmop-5.5.14-73.1 is installed
OR php5-snmp-5.5.14-73.1 is installed
OR php5-soap-5.5.14-73.1 is installed
OR php5-sockets-5.5.14-73.1 is installed
OR php5-sqlite-5.5.14-73.1 is installed
OR php5-suhosin-5.5.14-73.1 is installed
OR php5-sysvmsg-5.5.14-73.1 is installed
OR php5-sysvsem-5.5.14-73.1 is installed
OR php5-sysvshm-5.5.14-73.1 is installed
OR php5-tokenizer-5.5.14-73.1 is installed
OR php5-wddx-5.5.14-73.1 is installed
OR php5-xmlreader-5.5.14-73.1 is installed
OR php5-xmlrpc-5.5.14-73.1 is installed
OR php5-xmlwriter-5.5.14-73.1 is installed
OR php5-xsl-5.5.14-73.1 is installed
OR php5-zip-5.5.14-73.1 is installed
OR php5-zlib-5.5.14-73.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Module for Web Scripting 15 is installed
AND Package Information
nodejs8-8.11.3-3.5 is installed
OR nodejs8-devel-8.11.3-3.5 is installed
OR nodejs8-docs-8.11.3-3.5 is installed
OR npm8-8.11.3-3.5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 11 SP3 is installed
AND rsync-3.0.4-2.47.28 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 11 SP4 is installed
AND kvm-1.4.2-30.5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 is installed
AND Package Information
cups-filters-1.0.58-2 is installed
OR cups-filters-cups-browsed-1.0.58-2 is installed
OR cups-filters-foomatic-rip-1.0.58-2 is installed
OR cups-filters-ghostscript-1.0.58-2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP1 is installed
AND autofs-5.0.9-8 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
apache-commons-daemon-1.0.15-4 is installed
OR apache-commons-daemon-javadoc-1.0.15-4 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 12 SP4 is installed
AND libotr5-4.0.0-9 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server 15-LTSS is installed
AND Package Information
libjavascriptcoregtk-4_0-18-2.28.2-3.54 is installed
OR libwebkit2gtk-4_0-37-2.28.2-3.54 is installed
OR libwebkit2gtk3-lang-2.28.2-3.54 is installed
OR webkit2gtk-4_0-injected-bundles-2.28.2-3.54 is installed
OR webkit2gtk3-2.28.2-3.54 is installed
OR webkit2gtk3-devel-2.28.2-3.54 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed
AND Package Information
accountsservice-0.6.42-14 is installed
OR accountsservice-lang-0.6.42-14 is installed
OR libaccountsservice0-0.6.42-14 is installed
OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Server for SAP Applications 15 is installed
AND nginx-1.16.1-3.12 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 11 SP2 is installed
AND Package Information
mozilla-nspr-devel-4.9.6-0.3.1 is installed
OR mozilla-nss-devel-3.14.3-0.4.3.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 is installed
AND Package Information
file-5.19-9.1 is installed
OR file-devel-5.19-9.1 is installed
OR python-magic-5.19-9.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 SP1 is installed
AND Package Information
LibVNCServer-0.9.9-16.1 is installed
OR LibVNCServer-devel-0.9.9-16.1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 SP2 is installed
AND Package Information
ghostscript-9.15-17.2 is installed
OR ghostscript-devel-9.15-17.2 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Software Development Kit 12 SP3 is installed
AND libxerces-c-devel-3.1.1-12 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 12 is installed
AND Package Information
finch-2.10.9-5 is installed
OR libpurple-2.10.9-5 is installed
OR libpurple-lang-2.10.9-5 is installed
OR libpurple-meanwhile-2.10.9-5 is installed
OR libpurple-tcl-2.10.9-5 is installed
OR pidgin-2.10.9-5 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 12 SP1 is installed
AND argyllcms-1.6.3-1 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 12 SP2 is installed
AND lcms-1.19-17 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 12 SP3 is installed
AND bash-lang-4.3-82 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 is installed
AND Package Information
kernel-default-4.12.14-25.3 is installed
OR kernel-default-extra-4.12.14-25.3 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
AND enigmail-2.0.11-3.16 is installed
|
| Definition Synopsis |
| SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
AND Package Information
LibVNCServer-0.9.10-4.19 is installed
OR libvncclient0-0.9.10-4.19 is installed
OR libvncserver0-0.9.10-4.19 is installed
|
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 12 SP1 is installed
AND Package Information
kinit-5.20.0-6 is installed
OR kinit-devel-5.20.0-6 is installed
OR kinit-lang-5.20.0-6 is installed
|