Oval Definition:	oval:org.opensuse.security:def:4360
Revision Date: 2020-12-02 Version: 1 Title: Security update for the Linux Kernel (Live Patch 17 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-150_47 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1176722) - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518). Family: unix Class: patch Status: Reference(s): 1012382 1043912 1044189 1046302 1046306 1046307 1046543 1050244 1051510 1054914 1055014 1055117 1058659 1060463 1064232 1065600 1065729 1068032 1069138 1071995 1077761 1077989 1078720 1080157 1082555 1083647 1083663 1084332 1085042 1085262 1086282 1089663 1090528 1092903 1093389 1094244 1094420 1095344 1096748 1097105 1098459 1098822 1099922 1099999 1100000 1100001 1100132 1101557 1101669 1102346 1102870 1102875 1102877 1102879 1102882 1102896 1103363 1103387 1103421 1103948 1103949 1103961 1104172 1104353 1104824 1105247 1105524 1105536 1105597 1105603 1105672 1105907 1106007 1106016 1106105 1106121 1106170 1106178 1106191 1106229 1106230 1106231 1106233 1106235 1106236 1106237 1106238 1106240 1106291 1106297 1106333 1106369 1106426 1106427 1106464 1106509 1106511 1106594 1106636 1106688 1106697 1106743 1106779 1106800 1106890 1106891 1106892 1106893 1106894 1106896 1106897 1106898 1106899 1106900 1106901 1106902 1106903 1106905 1106906 1106948 1106995 1107008 1107060 1107061 1107065 1107073 1107074 1107078 1107265 1107319 1107320 1107522 1107535 1107689 1107735 1107756 1107870 1107924 1107945 1107966 1108010 1108093 1108243 1108520 1108870 1109269 1109511 1114828 1116600 1144524 1146848 1150711 1154824 1155690 1156202 1156353 1158108 1158109 1159548 1159913 1160682 1160850 1160888 1160904 1160906 1165631 1166847 1168422 1171477 1172466 1172686 1173937 1174117 1174121 1175992 1176012 1176072 1176382 1176589 1176896 920344 CVE-2018-10938 CVE-2018-10940 CVE-2018-1128 CVE-2018-1129 CVE-2018-12896 CVE-2018-13093 CVE-2018-13094 CVE-2018-13095 CVE-2018-14613 CVE-2018-14617 CVE-2018-16471 CVE-2018-16658 CVE-2018-6554 CVE-2018-6555 CVE-2019-13456 CVE-2019-14861 CVE-2019-14870 CVE-2019-14902 CVE-2019-14907 CVE-2019-16782 CVE-2019-17185 CVE-2019-18903 CVE-2019-20372 CVE-2019-5108 CVE-2020-0431 CVE-2020-0543 CVE-2020-0548 CVE-2020-0549 CVE-2020-10722 CVE-2020-10723 CVE-2020-10724 CVE-2020-10725 CVE-2020-10726 CVE-2020-13934 CVE-2020-13935 CVE-2020-14381 CVE-2020-14386 CVE-2020-15095 CVE-2020-1749 CVE-2020-24394 CVE-2020-25212 CVE-2020-3898 CVE-2020-7217 CVE-2020-8252 SUSE-SU-2018:1952-1 SUSE-SU-2018:2980-1 SUSE-SU-2019:3318-1 SUSE-SU-2020:0224-1 SUSE-SU-2020:0359-1 SUSE-SU-2020:0370-1 SUSE-SU-2020:0940-1 SUSE-SU-2020:1023-1 SUSE-SU-2020:1083-1 SUSE-SU-2020:1171-1 SUSE-SU-2020:1334-1 SUSE-SU-2020:1600-1 SUSE-SU-2020:2047-1 SUSE-SU-2020:2829-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Availability 15 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP3 SUSE Linux Enterprise Live Patching 12 SP4 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SP2 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-pymongo-2.6.3-2 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information libreoffice-4.3.5.2-10 is installed OR libreoffice-sdk-4.3.5.2-10 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND kernel-zfcpdump-3.12.51-60.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information cron-4.2-55 is installed OR cronie-1.4.11-55 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information dbus-1-glib-0.100.2-3 is installed OR dbus-1-glib-32bit-0.100.2-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND dnsmasq-2.71-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information augeas-1.2.0-15 is installed OR augeas-lenses-1.2.0-15 is installed OR libaugeas0-1.2.0-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 SP2 is installed AND fence-agents-4.0.22+git.1455008135.15c5e92-8 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 is installed AND Package Information drbd-9.0.13+git.b83ade31-3.2 is installed OR drbd-kmp-default-9.0.13+git.b83ade31_k4.12.14_23-3.2 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND cups-2.2.7-3.17 is installed OR cups-client-2.2.7-3.17 is installed OR cups-config-2.2.7-3.17 is installed OR cups-ddk-2.2.7-3.17 is installed OR cups-devel-2.2.7-3.17 is installed OR libcups2-2.2.7-3.17 is installed OR libcups2-32bit-2.2.7-3.17 is installed OR libcupscgi1-2.2.7-3.17 is installed OR libcupsimage2-2.2.7-3.17 is installed OR libcupsmime1-2.2.7-3.17 is installed OR libcupsppdc1-2.2.7-3.17 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND cups-2.2.7-3.17 is installed OR cups-client-2.2.7-3.17 is installed OR cups-config-2.2.7-3.17 is installed OR cups-ddk-2.2.7-3.17 is installed OR cups-devel-2.2.7-3.17 is installed OR libcups2-2.2.7-3.17 is installed OR libcups2-32bit-2.2.7-3.17 is installed OR libcupscgi1-2.2.7-3.17 is installed OR libcupsimage2-2.2.7-3.17 is installed OR libcupsmime1-2.2.7-3.17 is installed OR libcupsppdc1-2.2.7-3.17 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP3 is installed AND Package Information kgraft-patch-4_4_138-94_39-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_14-7-2 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP4 is installed AND Package Information kgraft-patch-4_12_14-95_37-default-1-6.5 is installed OR kgraft-patch-SLE12-SP4_Update_9-1-6.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information salt-2016.11.4-46.7 is installed OR salt-api-2016.11.4-46.7 is installed OR salt-bash-completion-2016.11.4-46.7 is installed OR salt-cloud-2016.11.4-46.7 is installed OR salt-doc-2016.11.4-46.7 is installed OR salt-master-2016.11.4-46.7 is installed OR salt-minion-2016.11.4-46.7 is installed OR salt-proxy-2016.11.4-46.7 is installed OR salt-ssh-2016.11.4-46.7 is installed OR salt-syndic-2016.11.4-46.7 is installed OR salt-zsh-completion-2016.11.4-46.7 is installed Definition Synopsis SUSE Linux Enterprise Module for Containers 12 is installed AND Package Information ruby2.1-rubygem-passenger-5.0.18-12.5 is installed OR rubygem-passenger-5.0.18-12.5 is installed OR rubygem-passenger-apache2-5.0.18-12.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.15-27 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.15-27 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.15-27 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.15-27 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_47-default-7-2 is installed OR kernel-livepatch-SLE15_Update_17-7-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-4 is installed OR php5-5.5.14-4 is installed OR php5-bcmath-5.5.14-4 is installed OR php5-bz2-5.5.14-4 is installed OR php5-calendar-5.5.14-4 is installed OR php5-ctype-5.5.14-4 is installed OR php5-curl-5.5.14-4 is installed OR php5-dba-5.5.14-4 is installed OR php5-dom-5.5.14-4 is installed OR php5-enchant-5.5.14-4 is installed OR php5-exif-5.5.14-4 is installed OR php5-fastcgi-5.5.14-4 is installed OR php5-fileinfo-5.5.14-4 is installed OR php5-fpm-5.5.14-4 is installed OR php5-ftp-5.5.14-4 is installed OR php5-gd-5.5.14-4 is installed OR php5-gettext-5.5.14-4 is installed OR php5-gmp-5.5.14-4 is installed OR php5-iconv-5.5.14-4 is installed OR php5-intl-5.5.14-4 is installed OR php5-json-5.5.14-4 is installed OR php5-ldap-5.5.14-4 is installed OR php5-mbstring-5.5.14-4 is installed OR php5-mcrypt-5.5.14-4 is installed OR php5-mysql-5.5.14-4 is installed OR php5-odbc-5.5.14-4 is installed OR php5-openssl-5.5.14-4 is installed OR php5-pcntl-5.5.14-4 is installed OR php5-pdo-5.5.14-4 is installed OR php5-pear-5.5.14-4 is installed OR php5-pgsql-5.5.14-4 is installed OR php5-pspell-5.5.14-4 is installed OR php5-shmop-5.5.14-4 is installed OR php5-snmp-5.5.14-4 is installed OR php5-soap-5.5.14-4 is installed OR php5-sockets-5.5.14-4 is installed OR php5-sqlite-5.5.14-4 is installed OR php5-suhosin-5.5.14-4 is installed OR php5-sysvmsg-5.5.14-4 is installed OR php5-sysvsem-5.5.14-4 is installed OR php5-sysvshm-5.5.14-4 is installed OR php5-tokenizer-5.5.14-4 is installed OR php5-wddx-5.5.14-4 is installed OR php5-xmlreader-5.5.14-4 is installed OR php5-xmlrpc-5.5.14-4 is installed OR php5-xmlwriter-5.5.14-4 is installed OR php5-xsl-5.5.14-4 is installed OR php5-zip-5.5.14-4 is installed OR php5-zlib-5.5.14-4 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed AND Package Information tomcat-9.0.36-3.6 is installed OR tomcat-admin-webapps-9.0.36-3.6 is installed OR tomcat-el-3_0-api-9.0.36-3.6 is installed OR tomcat-jsp-2_3-api-9.0.36-3.6 is installed OR tomcat-lib-9.0.36-3.6 is installed OR tomcat-servlet-4_0-api-9.0.36-3.6 is installed OR tomcat-webapps-9.0.36-3.6 is installed Definition Synopsis SUSE Linux Enterprise Server 11 is installed AND Package Information apache2-2.2.10-2.23.22.1 is installed OR apache2-doc-2.2.10-2.23.22.1 is installed OR apache2-example-pages-2.2.10-2.23.22.1 is installed OR apache2-prefork-2.2.10-2.23.22.1 is installed OR apache2-utils-2.2.10-2.23.22.1 is installed OR apache2-worker-2.2.10-2.23.22.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information freeradius-server-2.1.1-7.18.1 is installed OR freeradius-server-dialupadmin-2.1.1-7.18.1 is installed OR freeradius-server-doc-2.1.1-7.18.1 is installed OR freeradius-server-libs-2.1.1-7.18.1 is installed OR freeradius-server-utils-2.1.1-7.18.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information apache-commons-daemon-1.0.15-4 is installed OR apache-commons-daemon-javadoc-1.0.15-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information MozillaFirefox-38.4.0esr-51 is installed OR MozillaFirefox-translations-38.4.0esr-51 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cups-pk-helper-0.2.5-3 is installed OR cups-pk-helper-lang-0.2.5-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND ppp-2.4.7-3 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information freeradius-server-3.0.16-3.6 is installed OR freeradius-server-devel-3.0.16-3.6 is installed OR freeradius-server-krb5-3.0.16-3.6 is installed OR freeradius-server-ldap-3.0.16-3.6 is installed OR freeradius-server-libs-3.0.16-3.6 is installed OR freeradius-server-mysql-3.0.16-3.6 is installed OR freeradius-server-perl-3.0.16-3.6 is installed OR freeradius-server-postgresql-3.0.16-3.6 is installed OR freeradius-server-python-3.0.16-3.6 is installed OR freeradius-server-sqlite-3.0.16-3.6 is installed OR freeradius-server-utils-3.0.16-3.6 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND permissions-20180125-3.21 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information augeas-0.9.0-3.17.2 is installed OR augeas-devel-0.9.0-3.17.2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND cifs-utils-devel-6.4-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information MozillaFirefox-38.5.0esr-54.1 is installed OR MozillaFirefox-devel-38.5.0esr-54.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information MozillaFirefox-45.5.1esr-93.1 is installed OR MozillaFirefox-devel-45.5.1esr-93.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information rhythmbox-3.0.2-1 is installed OR rhythmbox-lang-3.0.2-1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-33 is installed OR libMagick++-6_Q16-3-6.8.8.1-33 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-33 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information colord-1.3.3-12 is installed OR colord-lang-1.3.3-12 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.13 is installed OR kernel-default-extra-4.12.14-25.13 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND enigmail-2.0.11-3.16 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information freerdp-2.1.2-15.7 is installed OR freerdp-devel-2.1.2-15.7 is installed OR libfreerdp2-2.1.2-15.7 is installed OR libwinpr2-2.1.2-15.7 is installed OR winpr2-devel-2.1.2-15.7 is installed
BACK