Oval Definition:	oval:org.opensuse.security:def:4315
Revision Date: 2020-12-02 Version: 1 Title: Security update for the Linux Kernel (Live Patch 6 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-25_22 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglected to set a NULL value for a certain structure member, which could have led to a use-after-free in sockfs_setattr (bsc#1126284). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729). Family: unix Class: patch Status: Reference(s): 1012382 1043912 1044189 1046302 1046306 1046307 1046543 1050244 1051510 1051858 1054914 1055014 1055117 1058115 1058659 1060463 1061840 1064232 1065600 1065729 1068032 1069138 1071995 1077761 1077989 1078720 1080157 1082318 1082555 1083647 1083663 1084332 1085030 1085042 1085262 1086282 1086301 1086313 1086314 1089663 1089895 1090528 1092903 1093389 1094244 1095344 1096748 1097105 1098459 1098822 1099922 1099999 1100000 1100001 1100132 1101557 1101669 1102346 1102870 1102875 1102877 1102879 1102882 1102896 1103363 1103387 1103421 1103948 1103949 1103961 1104172 1104353 1104824 1105247 1105524 1105536 1105597 1105603 1105672 1105907 1106007 1106016 1106105 1106121 1106170 1106178 1106191 1106229 1106230 1106231 1106233 1106235 1106236 1106237 1106238 1106240 1106291 1106297 1106333 1106369 1106426 1106427 1106464 1106509 1106511 1106594 1106636 1106688 1106697 1106743 1106779 1106800 1106890 1106891 1106892 1106893 1106894 1106896 1106897 1106898 1106899 1106900 1106901 1106902 1106903 1106905 1106906 1106948 1106995 1107008 1107060 1107061 1107065 1107073 1107074 1107078 1107265 1107319 1107320 1107522 1107535 1107689 1107735 1107756 1107870 1107924 1107945 1107966 1108010 1108093 1108243 1108520 1108870 1109269 1109511 1109911 1111966 1114279 1118338 1120386 1124729 1124734 1126284 1127532 1128378 1131055 1132091 1134973 1136085 1143959 1144333 1146090 1146091 1146093 1146094 1146095 1146097 1146099 1146100 1149792 1151910 1151927 1153917 1154243 1154824 1154980 1156286 1157155 1157157 1157692 1157712 1157714 1158013 1158021 1158026 1158265 1158819 1159028 1159198 1159271 1159285 1159352 1159394 1159483 1159484 1159569 1159588 1159812 1159841 1159908 1159909 1159910 1159911 1159955 1160195 1160210 1160211 1160218 1160433 1160442 1160476 1160560 1160755 1160756 1160784 1160787 1160802 1160803 1160804 1160917 1160966 1161087 1161514 1161518 1161522 1161523 1161549 1161552 1161555 1161674 1161931 1161933 1161934 1161935 1161936 1161937 1161951 1162067 1162109 1162139 1162928 1162929 1162931 1163102 1163103 1163104 1163971 1164051 1164069 1164078 1164705 1164712 1164727 1164728 1164729 1164730 1164731 1164732 1164733 1164734 1164735 1164871 1165111 1165741 1165873 1165881 1165984 1165985 1166969 1167421 1167423 1167629 1168075 1168276 1168295 1168424 1168670 1168829 1168854 1169390 1169514 1169625 1170056 1170345 1170617 1170618 1170621 1170778 1170901 1171098 1171189 1171191 1171195 1171202 1171205 1171217 1171218 1171219 1171220 1171477 1171689 1171982 1171983 1172004 1172186 1172221 1172317 1172356 1172453 1172458 1172515 1174543 1176315 920344 CVE-2018-1000199 CVE-2018-10938 CVE-2018-10940 CVE-2018-1128 CVE-2018-1129 CVE-2018-12896 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095 CVE-2018-14613 CVE-2018-14617 CVE-2018-16658 CVE-2018-6554 CVE-2018-6555 CVE-2019-0199 CVE-2019-0221 CVE-2019-11023 CVE-2019-14615 CVE-2019-14896 CVE-2019-14897 CVE-2019-15604 CVE-2019-15605 CVE-2019-15606 CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 CVE-2019-16994 CVE-2019-18277 CVE-2019-19036 CVE-2019-19045 CVE-2019-19054 CVE-2019-19318 CVE-2019-19319 CVE-2019-19447 CVE-2019-19462 CVE-2019-19727 CVE-2019-19768 CVE-2019-19770 CVE-2019-19965 CVE-2019-19966 CVE-2019-20054 CVE-2019-20095 CVE-2019-20096 CVE-2019-20810 CVE-2019-20812 CVE-2019-3701 CVE-2019-5737 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 CVE-2019-9455 CVE-2019-9458 CVE-2019-9511 CVE-2019-9512 CVE-2019-9513 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9517 CVE-2019-9518 CVE-2020-0543 CVE-2020-10690 CVE-2020-10711 CVE-2020-10720 CVE-2020-10722 CVE-2020-10723 CVE-2020-10724 CVE-2020-10725 CVE-2020-10726 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-10942 CVE-2020-11494 CVE-2020-11608 CVE-2020-11609 CVE-2020-11669 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12655 CVE-2020-12656 CVE-2020-12657 CVE-2020-12693 CVE-2020-12769 CVE-2020-13143 CVE-2020-17507 CVE-2020-2732 CVE-2020-7053 CVE-2020-8165 CVE-2020-8428 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-8834 CVE-2020-8992 CVE-2020-9383 SUSE-SU-2018:2980-1 SUSE-SU-2019:0627-1 SUSE-SU-2019:1267-3 SUSE-SU-2019:1895-1 SUSE-SU-2019:2259-1 SUSE-SU-2019:3126-1 SUSE-SU-2020:0104-1 SUSE-SU-2020:0454-1 SUSE-SU-2020:1334-1 SUSE-SU-2020:2159-1 SUSE-SU-2020:2602-1 SUSE-SU-2020:2748-1 SUSE-SU-2020:2899-1 Platform(s): SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 11 SP4 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Availability 15 SP2 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Real Time Extension 11 SP1 SUSE Linux Enterprise Real Time Extension 11 SP4 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Package Hub for SUSE Linux Enterprise 12 Product(s): Definition Synopsis SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information cups-1.7.5-5 is installed OR cups-ddk-1.7.5-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information cpio-2.11-26 is installed OR cpio-lang-2.11-26 is installed OR tar-1.27.1-2 is installed OR tar-lang-1.27.1-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information MozillaFirefox-45.4.0esr-81 is installed OR MozillaFirefox-translations-45.4.0esr-81 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP3 is installed AND conntrack-tools-1.4.2-5 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP4 is installed AND ctdb-4.6.16+git.124.aee309c5c18-3.32 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 is installed AND Package Information cluster-md-kmp-default-4.12.14-25.19 is installed OR dlm-kmp-default-4.12.14-25.19 is installed OR gfs2-kmp-default-4.12.14-25.19 is installed OR kernel-default-4.12.14-25.19 is installed OR ocfs2-kmp-default-4.12.14-25.19 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 SP1 is installed AND haproxy-2.0.10+git0.ac198b92-8.8 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 SP2 is installed AND Package Information graphviz-addons-2.40.1-6.3 is installed OR graphviz-gd-2.40.1-6.3 is installed OR graphviz-python-2.40.1-6.3 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND dpdk-18.11.3-3.19 is installed OR dpdk-devel-18.11.3-3.19 is installed OR dpdk-kmp-default-18.11.3_k4.12.14_150.47-3.19 is installed OR dpdk-thunderx-18.11.3-3.19 is installed OR dpdk-thunderx-devel-18.11.3-3.19 is installed OR dpdk-thunderx-kmp-default-18.11.3_k4.12.14_150.47-3.19 is installed OR dpdk-tools-18.11.3-3.19 is installed OR libdpdk-18_11-18.11.3-3.19 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND dpdk-18.11.3-3.19 is installed OR dpdk-devel-18.11.3-3.19 is installed OR dpdk-kmp-default-18.11.3_k4.12.14_150.47-3.19 is installed OR dpdk-thunderx-18.11.3-3.19 is installed OR dpdk-thunderx-devel-18.11.3-3.19 is installed OR dpdk-thunderx-kmp-default-18.11.3_k4.12.14_150.47-3.19 is installed OR dpdk-tools-18.11.3-3.19 is installed OR libdpdk-18_11-18.11.3-3.19 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_82-6_6-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_2-7-2 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP4 is installed AND Package Information kgraft-patch-4_12_14-95_6-default-3-2 is installed OR kgraft-patch-SLE12-SP4_Update_2-3-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information ruby2.1-rubygem-passenger-5.0.18-6 is installed OR rubygem-passenger-5.0.18-6 is installed OR rubygem-passenger-apache2-5.0.18-6 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_22-default-4-2 is installed OR kernel-livepatch-SLE15_Update_6-4-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information nodejs10-10.16.3-1.12 is installed OR nodejs10-devel-10.16.3-1.12 is installed OR nodejs10-docs-10.16.3-1.12 is installed OR npm10-10.16.3-1.12 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.21-4.5 is installed OR tomcat-admin-webapps-9.0.21-4.5 is installed OR tomcat-el-3_0-api-9.0.21-4.5 is installed OR tomcat-jsp-2_3-api-9.0.21-4.5 is installed OR tomcat-lib-9.0.21-4.5 is installed OR tomcat-servlet-4_0-api-9.0.21-4.5 is installed OR tomcat-webapps-9.0.21-4.5 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND Package Information apache2-mod_php53-5.3.17-84.1 is installed OR php53-5.3.17-84.1 is installed OR php53-bcmath-5.3.17-84.1 is installed OR php53-bz2-5.3.17-84.1 is installed OR php53-calendar-5.3.17-84.1 is installed OR php53-ctype-5.3.17-84.1 is installed OR php53-curl-5.3.17-84.1 is installed OR php53-dba-5.3.17-84.1 is installed OR php53-dom-5.3.17-84.1 is installed OR php53-exif-5.3.17-84.1 is installed OR php53-fastcgi-5.3.17-84.1 is installed OR php53-fileinfo-5.3.17-84.1 is installed OR php53-ftp-5.3.17-84.1 is installed OR php53-gd-5.3.17-84.1 is installed OR php53-gettext-5.3.17-84.1 is installed OR php53-gmp-5.3.17-84.1 is installed OR php53-iconv-5.3.17-84.1 is installed OR php53-intl-5.3.17-84.1 is installed OR php53-json-5.3.17-84.1 is installed OR php53-ldap-5.3.17-84.1 is installed OR php53-mbstring-5.3.17-84.1 is installed OR php53-mcrypt-5.3.17-84.1 is installed OR php53-mysql-5.3.17-84.1 is installed OR php53-odbc-5.3.17-84.1 is installed OR php53-openssl-5.3.17-84.1 is installed OR php53-pcntl-5.3.17-84.1 is installed OR php53-pdo-5.3.17-84.1 is installed OR php53-pear-5.3.17-84.1 is installed OR php53-pgsql-5.3.17-84.1 is installed OR php53-pspell-5.3.17-84.1 is installed OR php53-shmop-5.3.17-84.1 is installed OR php53-snmp-5.3.17-84.1 is installed OR php53-soap-5.3.17-84.1 is installed OR php53-suhosin-5.3.17-84.1 is installed OR php53-sysvmsg-5.3.17-84.1 is installed OR php53-sysvsem-5.3.17-84.1 is installed OR php53-sysvshm-5.3.17-84.1 is installed OR php53-tokenizer-5.3.17-84.1 is installed OR php53-wddx-5.3.17-84.1 is installed OR php53-xmlreader-5.3.17-84.1 is installed OR php53-xmlrpc-5.3.17-84.1 is installed OR php53-xmlwriter-5.3.17-84.1 is installed OR php53-xsl-5.3.17-84.1 is installed OR php53-zip-5.3.17-84.1 is installed OR php53-zlib-5.3.17-84.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND apache2-mod_jk-1.2.40-0.2.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND apache2-mod_perl-2.0.8-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libxmltooling6-1.5.6-3.6 is installed OR xmltooling-schemas-1.5.6-3.6 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND squid-4.11-5.17 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-28 is installed OR aaa_base-extras-13.2+git20140911.61c1681-28 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND permissions-20180125-3.21 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND rubygem-actionpack-2_3-2.3.17-0.13.2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND aaa_base-malloccheck-13.2+git20140911.61c1681-1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-33.1 is installed OR ImageMagick-devel-6.8.8.1-33.1 is installed OR libMagick++-6_Q16-3-6.8.8.1-33.1 is installed OR libMagick++-devel-6.8.8.1-33.1 is installed OR perl-PerlMagick-6.8.8.1-33.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information jasper-1.900.14-181.1 is installed OR libjasper-devel-1.900.14-181.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information zlib-devel-1.2.8-11 is installed OR zlib-devel-32bit-1.2.8-11 is installed OR zlib-devel-static-1.2.8-11 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND argyllcms-1.6.3-1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND bash-lang-4.3-78 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND gnome-shell-calendar-3.20.4-76 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-150.17 is installed OR kernel-default-extra-4.12.14-150.17 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information ffmpeg-3.4.2-4.27 is installed OR libavcodec-devel-3.4.2-4.27 is installed OR libavformat-devel-3.4.2-4.27 is installed OR libavformat57-3.4.2-4.27 is installed OR libavresample-devel-3.4.2-4.27 is installed OR libavresample3-3.4.2-4.27 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information LibVNCServer-0.9.10-4.19 is installed OR libvncclient0-0.9.10-4.19 is installed OR libvncserver0-0.9.10-4.19 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information chromedriver-54.0.2840.59-109 is installed OR chromium-54.0.2840.59-109 is installed OR chromium-ffmpegsumo-54.0.2840.59-109 is installed
BACK