OVAL Reference oval:org.opensuse.security:def:4317

Oval Definition:

oval:org.opensuse.security:def:4317

Revision Date:	2020-12-02	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 4 for SLE 15) (Important)
Description:	This update for the Linux Kernel 4.12.14-25_16 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglected to set a NULL value for a certain structure member, which could have led to a use-after-free in sockfs_setattr (bsc#1126284). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).
Family:	unix	Class:	patch
Status:		Reference(s):	1094846 1100787 1108683 1124729 1124734 1126284 1128378 1134208 1140290 1141320 1145095 1146360 1149792 1151793 1158108 1158109 1159352 1159922 1159923 1159924 1159927 1162629 1162632 1162680 1163581 1165280 1165289 1168994 1169095 1169521 1169850 1169851 1171437 1171456 1171457 1171458 1171746 1172307 1172437 1173159 1173160 1173161 1173359 1174120 1174662 1175626 1175656 1176262 1176569 CVE-2018-1000199 CVE-2018-11469 CVE-2018-14645 CVE-2019-11041 CVE-2019-11042 CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050 CVE-2019-13173 CVE-2019-14861 CVE-2019-14870 CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 CVE-2019-20916 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 CVE-2020-10700 CVE-2020-10704 CVE-2020-10713 CVE-2020-10730 CVE-2020-10745 CVE-2020-10757 CVE-2020-10760 CVE-2020-10957 CVE-2020-10958 CVE-2020-10967 CVE-2020-14303 CVE-2020-7059 CVE-2020-7060 CVE-2020-7062 CVE-2020-7063 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 SUSE-SU-2018:3249-1 SUSE-SU-2019:2081-1 SUSE-SU-2019:2503-1 SUSE-SU-2019:3319-1 SUSE-SU-2020:0043-1 SUSE-SU-2020:0101-1 SUSE-SU-2020:0622-1 SUSE-SU-2020:1379-1 SUSE-SU-2020:1948-1 SUSE-SU-2020:2198-1 SUSE-SU-2020:2626-1 SUSE-SU-2020:2784-1 SUSE-SU-2020:2928-1
Platform(s):	SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 11 SP4 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Availability 12 SP4 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Availability 15 SP1 SUSE Linux Enterprise High Availability 15 SP2 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Real Time Extension 11 SP3 SUSE Linux Enterprise Real Time Extension 11 SP4 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2	Product(s):
Definition Synopsis
SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information openstack-cinder-2014.2.3.dev13-1 is installed OR openstack-cinder-volume-2014.2.3.dev13-1 is installed OR python-cinder-2014.2.3.dev13-1 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND kernel-zfcpdump-3.12.39-47 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information cron-4.2-55 is installed OR cronie-1.4.11-55 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND argyllcms-1.6.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND argyllcms-1.6.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP2 is installed AND Package Information cluster-md-kmp-default-4.4.21-69 is installed OR cluster-network-kmp-default-4.4.21-69 is installed OR dlm-kmp-default-4.4.21-69 is installed OR gfs2-kmp-default-4.4.21-69 is installed OR ocfs2-kmp-default-4.4.21-69 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP3 is installed AND fence-agents-4.0.25+git.1485179354.eb43835-2 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 12 SP4 is installed AND haproxy-1.6.11-10 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 is installed AND haproxy-1.8.14~git0.52e4d43b-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP1 is installed AND Package Information ctdb-4.9.5+git.224.86a8e66adea-3.18 is installed OR samba-4.9.5+git.224.86a8e66adea-3.18 is installed
Definition Synopsis
SUSE Linux Enterprise High Availability 15 SP2 is installed AND Package Information ctdb-4.11.11+git.180.2cf3b203f07-4.5 is installed OR samba-4.11.11+git.180.2cf3b203f07-4.5 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND dovecot23-2.3.10-4.22 is installed OR dovecot23-backend-mysql-2.3.10-4.22 is installed OR dovecot23-backend-pgsql-2.3.10-4.22 is installed OR dovecot23-backend-sqlite-2.3.10-4.22 is installed OR dovecot23-devel-2.3.10-4.22 is installed OR dovecot23-fts-2.3.10-4.22 is installed OR dovecot23-fts-lucene-2.3.10-4.22 is installed OR dovecot23-fts-solr-2.3.10-4.22 is installed OR dovecot23-fts-squat-2.3.10-4.22 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND dovecot23-2.3.10-4.22 is installed OR dovecot23-backend-mysql-2.3.10-4.22 is installed OR dovecot23-backend-pgsql-2.3.10-4.22 is installed OR dovecot23-backend-sqlite-2.3.10-4.22 is installed OR dovecot23-devel-2.3.10-4.22 is installed OR dovecot23-fts-2.3.10-4.22 is installed OR dovecot23-fts-lucene-2.3.10-4.22 is installed OR dovecot23-fts-solr-2.3.10-4.22 is installed OR dovecot23-fts-squat-2.3.10-4.22 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_92-6_30-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_5-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP4 is installed AND Package Information kgraft-patch-4_12_14-95_3-default-1-7 is installed OR kgraft-patch-SLE12-SP4_Update_1-1-7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Containers 12 is installed AND docker-1.8.3-49 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_16-default-5-2 is installed OR kernel-livepatch-SLE15_Update_4-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.40 is installed OR php7-7.2.5-4.40 is installed OR php7-bcmath-7.2.5-4.40 is installed OR php7-bz2-7.2.5-4.40 is installed OR php7-calendar-7.2.5-4.40 is installed OR php7-ctype-7.2.5-4.40 is installed OR php7-curl-7.2.5-4.40 is installed OR php7-dba-7.2.5-4.40 is installed OR php7-devel-7.2.5-4.40 is installed OR php7-dom-7.2.5-4.40 is installed OR php7-enchant-7.2.5-4.40 is installed OR php7-exif-7.2.5-4.40 is installed OR php7-fastcgi-7.2.5-4.40 is installed OR php7-fileinfo-7.2.5-4.40 is installed OR php7-fpm-7.2.5-4.40 is installed OR php7-ftp-7.2.5-4.40 is installed OR php7-gd-7.2.5-4.40 is installed OR php7-gettext-7.2.5-4.40 is installed OR php7-gmp-7.2.5-4.40 is installed OR php7-iconv-7.2.5-4.40 is installed OR php7-intl-7.2.5-4.40 is installed OR php7-json-7.2.5-4.40 is installed OR php7-ldap-7.2.5-4.40 is installed OR php7-mbstring-7.2.5-4.40 is installed OR php7-mysql-7.2.5-4.40 is installed OR php7-odbc-7.2.5-4.40 is installed OR php7-opcache-7.2.5-4.40 is installed OR php7-openssl-7.2.5-4.40 is installed OR php7-pcntl-7.2.5-4.40 is installed OR php7-pdo-7.2.5-4.40 is installed OR php7-pear-7.2.5-4.40 is installed OR php7-pear-Archive_Tar-7.2.5-4.40 is installed OR php7-pgsql-7.2.5-4.40 is installed OR php7-phar-7.2.5-4.40 is installed OR php7-posix-7.2.5-4.40 is installed OR php7-shmop-7.2.5-4.40 is installed OR php7-snmp-7.2.5-4.40 is installed OR php7-soap-7.2.5-4.40 is installed OR php7-sockets-7.2.5-4.40 is installed OR php7-sodium-7.2.5-4.40 is installed OR php7-sqlite-7.2.5-4.40 is installed OR php7-sysvmsg-7.2.5-4.40 is installed OR php7-sysvsem-7.2.5-4.40 is installed OR php7-sysvshm-7.2.5-4.40 is installed OR php7-tokenizer-7.2.5-4.40 is installed OR php7-wddx-7.2.5-4.40 is installed OR php7-xmlreader-7.2.5-4.40 is installed OR php7-xmlrpc-7.2.5-4.40 is installed OR php7-xmlwriter-7.2.5-4.40 is installed OR php7-xsl-7.2.5-4.40 is installed OR php7-zip-7.2.5-4.40 is installed OR php7-zlib-7.2.5-4.40 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information nodejs10-10.16.0-1.9 is installed OR nodejs10-devel-10.16.0-1.9 is installed OR nodejs10-docs-10.16.0-1.9 is installed OR npm10-10.16.0-1.9 is installed
Definition Synopsis
SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND Package Information xen-4.2.5_21-27.1 is installed OR xen-kmp-default-4.2.5_21_3.0.101_0.47.86-27.1 is installed OR xen-kmp-pae-4.2.5_21_3.0.101_0.47.86-27.1 is installed OR xen-libs-4.2.5_21-27.1 is installed OR xen-tools-domU-4.2.5_21-27.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND apache2-mod_perl-2.0.4-40.24.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information automake-1.13.4-4 is installed OR m4-1.4.16-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND libyaml-0-2-0.1.6-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND nginx-1.16.1-3.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information freeradius-server-3.0.16-3.6 is installed OR freeradius-server-devel-3.0.16-3.6 is installed OR freeradius-server-krb5-3.0.16-3.6 is installed OR freeradius-server-ldap-3.0.16-3.6 is installed OR freeradius-server-libs-3.0.16-3.6 is installed OR freeradius-server-mysql-3.0.16-3.6 is installed OR freeradius-server-perl-3.0.16-3.6 is installed OR freeradius-server-postgresql-3.0.16-3.6 is installed OR freeradius-server-python-3.0.16-3.6 is installed OR freeradius-server-sqlite-3.0.16-3.6 is installed OR freeradius-server-utils-3.0.16-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND rubygem-activesupport-2_3-2.3.14-0.12.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND alsa-devel-1.0.27.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information MozillaFirefox-38.5.0esr-54.1 is installed OR MozillaFirefox-devel-38.5.0esr-54.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information libX11-1.6.2-8.1 is installed OR libX11-devel-1.6.2-8.1 is installed OR libXfixes-5.0.1-7.1 is installed OR libXfixes-devel-5.0.1-7.1 is installed OR libXi-1.7.4-14.1 is installed OR libXi-devel-1.7.4-14.1 is installed OR libXrender-0.9.8-7.1 is installed OR libXrender-devel-0.9.8-7.1 is installed OR libXtst-1.2.2-7.1 is installed OR libXtst-devel-1.2.2-7.1 is installed OR libXv-1.0.10-7.1 is installed OR libXv-devel-1.0.10-7.1 is installed OR libXvMC-1.0.8-7.1 is installed OR libXvMC-devel-1.0.8-7.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND argyllcms-1.6.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information colord-1.3.3-10 is installed OR colord-lang-1.3.3-10 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information gstreamer-0_10-plugins-base-0.10.36-17 is installed OR gstreamer-0_10-plugins-base-32bit-0.10.36-17 is installed OR gstreamer-0_10-plugins-base-lang-0.10.36-17 is installed OR libgstapp-0_10-0-0.10.36-17 is installed OR libgstapp-0_10-0-32bit-0.10.36-17 is installed OR libgstinterfaces-0_10-0-0.10.36-17 is installed OR libgstinterfaces-0_10-0-32bit-0.10.36-17 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-150.38 is installed OR kernel-default-extra-4.12.14-150.38 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.29 is installed OR kernel-default-extra-4.12.14-197.29 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information MozillaThunderbird-68.10.0-3.88 is installed OR MozillaThunderbird-translations-common-68.10.0-3.88 is installed OR MozillaThunderbird-translations-other-68.10.0-3.88 is installed

BACK