OVAL Reference oval:org.opensuse.security:def:4262

Oval Definition:

oval:org.opensuse.security:def:4262

Revision Date:	2020-12-02	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)
Description:	This update for the Linux Kernel 4.12.14-25_3 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424). This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).
Family:	unix	Class:	patch
Status:		Reference(s):	1082318 1097158 1097748 1105019 1119947 1129271 1129272 1132091 1133297 1136446 1137597 1140747 1154980 1157712 1157714 1159530 1159819 1159922 1159923 1159924 1159927 1160850 1160888 1162689 1162691 1165715 1167240 1167373 1169659 1169746 1170313 1171978 1172461 1172506 1172745 1174421 CVE-2018-0732 CVE-2018-12115 CVE-2018-16884 CVE-2019-10214 CVE-2019-11023 CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 CVE-2019-11477 CVE-2019-11478 CVE-2019-12519 CVE-2019-12521 CVE-2019-12528 CVE-2019-14902 CVE-2019-14907 CVE-2019-17006 CVE-2019-18277 CVE-2019-18860 CVE-2019-3846 CVE-2019-5418 CVE-2019-5419 CVE-2020-11945 CVE-2020-12399 CVE-2020-13777 CVE-2020-15705 CVE-2020-5267 CVE-2020-8517 SUSE-SU-2018:2812-1 SUSE-SU-2019:1267-3 SUSE-SU-2019:1882-1 SUSE-SU-2019:3125-1 SUSE-SU-2020:0101-1 SUSE-SU-2020:0224-1 SUSE-SU-2020:0712-1 SUSE-SU-2020:1156-1 SUSE-SU-2020:1178-1 SUSE-SU-2020:1396-2 SUSE-SU-2020:1584-1 SUSE-SU-2020:1677-1 SUSE-SU-2020:2306-1
Platform(s):	SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 11 SP1 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Availability Extension 11 SP4 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Point of Sale 11 SP2 SUSE Linux Enterprise Real Time Extension 11 SP2 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Package Hub for SUSE Linux Enterprise 12	Product(s):
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libtidy-1.0-37.1 is installed OR tidy-1.0-37.1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information colord-1.1.7-2 is installed OR colord-gtk-lang-0.1.25-3 is installed OR colord-lang-1.1.7-2 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-2 is installed OR libcolord2-32bit-1.1.7-2 is installed OR libcolorhug2-1.1.7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND argyllcms-1.6.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-105.1 is installed OR libopenssl0_9_8-0.9.8j-105.1 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND python-requests-2.8.1-6.11 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND Package Information cluster-md-kmp-default-4.4.73-5 is installed OR dlm-kmp-default-4.4.73-5 is installed OR gfs2-kmp-default-4.4.73-5 is installed OR ocfs2-kmp-default-4.4.73-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND conntrack-tools-1.4.2-5 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND Package Information ruby2.5-rubygem-actionpack-5_1-5.1.4-3.3 is installed OR rubygem-actionpack-5_1-5.1.4-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP1 is installed AND Package Information ruby2.5-rubygem-actionview-5_1-5.1.4-3.3 is installed OR rubygem-actionview-5_1-5.1.4-3.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND squid-4.11-5.17 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND squid-4.11-5.17 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_143-94_47-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_16-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP4 is installed AND Package Information kgraft-patch-4_12_14-95_19-default-1-6.3 is installed OR kgraft-patch-SLE12-SP4_Update_5-1-6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.1-5 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-11-2 is installed OR kernel-livepatch-SLE15_Update_1-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND python-requests-2.3.0-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND skopeo-0.1.41-4.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information libfreebl3-hmac-3.53-3.40 is installed OR libsoftokn3-hmac-3.53-3.40 is installed OR mozilla-nss-3.53-3.40 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-22.1 is installed OR php5-5.5.14-22.1 is installed OR php5-bcmath-5.5.14-22.1 is installed OR php5-bz2-5.5.14-22.1 is installed OR php5-calendar-5.5.14-22.1 is installed OR php5-ctype-5.5.14-22.1 is installed OR php5-curl-5.5.14-22.1 is installed OR php5-dba-5.5.14-22.1 is installed OR php5-dom-5.5.14-22.1 is installed OR php5-enchant-5.5.14-22.1 is installed OR php5-exif-5.5.14-22.1 is installed OR php5-fastcgi-5.5.14-22.1 is installed OR php5-fileinfo-5.5.14-22.1 is installed OR php5-fpm-5.5.14-22.1 is installed OR php5-ftp-5.5.14-22.1 is installed OR php5-gd-5.5.14-22.1 is installed OR php5-gettext-5.5.14-22.1 is installed OR php5-gmp-5.5.14-22.1 is installed OR php5-iconv-5.5.14-22.1 is installed OR php5-intl-5.5.14-22.1 is installed OR php5-json-5.5.14-22.1 is installed OR php5-ldap-5.5.14-22.1 is installed OR php5-mbstring-5.5.14-22.1 is installed OR php5-mcrypt-5.5.14-22.1 is installed OR php5-mysql-5.5.14-22.1 is installed OR php5-odbc-5.5.14-22.1 is installed OR php5-openssl-5.5.14-22.1 is installed OR php5-pcntl-5.5.14-22.1 is installed OR php5-pdo-5.5.14-22.1 is installed OR php5-pear-5.5.14-22.1 is installed OR php5-pgsql-5.5.14-22.1 is installed OR php5-pspell-5.5.14-22.1 is installed OR php5-shmop-5.5.14-22.1 is installed OR php5-snmp-5.5.14-22.1 is installed OR php5-soap-5.5.14-22.1 is installed OR php5-sockets-5.5.14-22.1 is installed OR php5-sqlite-5.5.14-22.1 is installed OR php5-suhosin-5.5.14-22.1 is installed OR php5-sysvmsg-5.5.14-22.1 is installed OR php5-sysvsem-5.5.14-22.1 is installed OR php5-sysvshm-5.5.14-22.1 is installed OR php5-tokenizer-5.5.14-22.1 is installed OR php5-wddx-5.5.14-22.1 is installed OR php5-xmlreader-5.5.14-22.1 is installed OR php5-xmlrpc-5.5.14-22.1 is installed OR php5-xmlwriter-5.5.14-22.1 is installed OR php5-xsl-5.5.14-22.1 is installed OR php5-zip-5.5.14-22.1 is installed OR php5-zlib-5.5.14-22.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs8-8.11.4-3.8 is installed OR nodejs8-devel-8.11.4-3.8 is installed OR nodejs8-docs-8.11.4-3.8 is installed OR npm8-8.11.4-3.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP3 is installed AND sblim-sfcb-1.3.11-0.19.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information libFLAC++6-1.2.1-68.17.1 is installed OR libFLAC8-1.2.1-68.17.1 is installed OR libFLAC8-32bit-1.2.1-68.17.1 is installed OR libFLAC8-x86-1.2.1-68.17.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information cvs-1.12.12-181 is installed OR cvs-doc-1.12.12-181 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libpcsclite1-1.8.10-7.3 is installed OR pcsc-lite-1.8.10-7.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information freeradius-server-3.0.16-3.6 is installed OR freeradius-server-devel-3.0.16-3.6 is installed OR freeradius-server-krb5-3.0.16-3.6 is installed OR freeradius-server-ldap-3.0.16-3.6 is installed OR freeradius-server-libs-3.0.16-3.6 is installed OR freeradius-server-mysql-3.0.16-3.6 is installed OR freeradius-server-perl-3.0.16-3.6 is installed OR freeradius-server-postgresql-3.0.16-3.6 is installed OR freeradius-server-python-3.0.16-3.6 is installed OR freeradius-server-sqlite-3.0.16-3.6 is installed OR freeradius-server-utils-3.0.16-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.2-3.54 is installed OR libwebkit2gtk-4_0-37-2.28.2-3.54 is installed OR libwebkit2gtk3-lang-2.28.2-3.54 is installed OR webkit2gtk-4_0-injected-bundles-2.28.2-3.54 is installed OR webkit2gtk3-2.28.2-3.54 is installed OR webkit2gtk3-devel-2.28.2-3.54 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information ghostscript-devel-8.62-32.34.1 is installed OR ghostscript-ijs-devel-8.62-32.34.1 is installed OR libgimpprint-devel-4.2.7-32.34.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR ImageMagick-devel-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagick++-devel-6.8.8.1-5 is installed OR perl-PerlMagick-6.8.8.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information libopenssl-devel-1.0.1i-36.1 is installed OR openssl-1.0.1i-36.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information jasper-1.900.14-181.1 is installed OR libjasper-devel-1.900.14-181.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND libyaml-devel-0.1.6-7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND bash-lang-4.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND bash-lang-4.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information NetworkManager-1.0.12-8 is installed OR NetworkManager-lang-1.0.12-8 is installed OR typelib-1_0-NM-1_0-1.0.12-8 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND enigmail-2.0.7-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.10 is installed OR kernel-default-extra-4.12.14-197.10 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncclient0-0.9.10-4.22 is installed OR libvncserver0-0.9.10-4.22 is installed
Definition Synopsis
SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information chromedriver-54.0.2840.59-109 is installed OR chromium-54.0.2840.59-109 is installed OR chromium-ffmpegsumo-54.0.2840.59-109 is installed

BACK