OVAL Reference oval:org.opensuse.security:def:44798

Oval Definition:

oval:org.opensuse.security:def:44798

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 26 for SLE 12 SP2) (Important)
Description:	This update for the Linux Kernel 4.4.121-92_98 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191).
Family:	unix	Class:	patch
Status:		Reference(s):	1039034 1042781 1049399 1049404 1049417 1054591 1072665 1082318 1085003 1104668 1115375 1118900 1121571 1121816 1121818 1121821 1122293 1122299 1124493 1125535 1125721 1126455 1128828 1129622 1130675 1131955 1132728 1132729 1132732 1133191 1134297 1136446 1136935 1137597 1141780 1141782 1141783 1141784 1141785 1141786 1141787 1141789 1142614 1145559 1168630 1168874 1172265 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 941922 CVE-2015-5186 CVE-2016-0705 CVE-2017-18922 CVE-2017-3636 CVE-2017-3641 CVE-2017-3653 CVE-2017-3732 CVE-2017-3736 CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9106 CVE-2017-9107 CVE-2017-9108 CVE-2017-9109 CVE-2018-11212 CVE-2018-11212 CVE-2018-12539 CVE-2018-1517 CVE-2018-1656 CVE-2018-20685 CVE-2018-20815 CVE-2018-21247 CVE-2018-2940 CVE-2018-2952 CVE-2018-2964 CVE-2018-2973 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-11500 CVE-2019-20839 CVE-2019-20840 CVE-2019-2422 CVE-2019-2422 CVE-2019-2426 CVE-2019-2426 CVE-2019-2602 CVE-2019-2602 CVE-2019-2684 CVE-2019-2684 CVE-2019-2698 CVE-2019-2698 CVE-2019-2745 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2786 CVE-2019-2816 CVE-2019-2842 CVE-2019-3812 CVE-2019-3820 CVE-2019-3846 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2019-7317 CVE-2019-8934 CVE-2019-9824 CVE-2019-9893 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-14403 CVE-2020-14404 CVE-2020-6819 CVE-2020-6820 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 CVE-2020-6827 CVE-2020-6828 SUSE-SU-2018:0079-1 SUSE-SU-2019:1166-1 SUSE-SU-2019:1392-1 SUSE-SU-2019:2036-1 SUSE-SU-2019:2941-1 SUSE-SU-2020:0928-1 SUSE-SU-2020:0978-1 SUSE-SU-2020:2167-1
Platform(s):	openSUSE Leap 42.3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Desktop Applications 15 SP1 SUSE Linux Enterprise Module for Development Tools 15 SUSE Linux Enterprise Module for Legacy Software 15 SUSE Linux Enterprise Module for Legacy Software 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8	Product(s):
Definition Synopsis
openSUSE Leap 42.3 is installed AND Package Information file-5.19-8 is installed OR file-devel-5.19-8 is installed OR file-magic-5.19-8 is installed OR libmagic1-5.19-8 is installed OR libmagic1-32bit-5.19-8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-1 is installed OR aaa_base-extras-13.2+git20140911.61c1681-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND clamav-0.98.7-13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cups-pk-helper-0.2.5-3 is installed OR cups-pk-helper-lang-0.2.5-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information coreutils-8.25-12 is installed OR coreutils-lang-8.25-12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND ctags-5.8-7 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND djvulibre-3.5.27-3.8 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information libsolv-0.7.10-3.13 is installed OR python-solv-0.7.10-3.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 is installed AND Package Information libvmtools-devel-10.2.5-1 is installed OR libvmtools0-10.2.5-1 is installed OR open-vm-tools-10.2.5-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND libbluetooth3-5.48-5.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information libgypsy-devel-0.9-2 is installed OR libgypsy0-0.9-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed AND Package Information libSoundTouch0-1.8.0-3.11 is installed OR soundtouch-devel-1.8.0-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 is installed AND ctags-5.8-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 is installed AND Package Information kernel-default-4.12.14-150.27 is installed OR reiserfs-kmp-default-4.12.14-150.27 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed AND Package Information java-1_8_0-openjdk-1.8.0.201-3.16 is installed OR java-1_8_0-openjdk-demo-1.8.0.201-3.16 is installed OR java-1_8_0-openjdk-devel-1.8.0.201-3.16 is installed OR java-1_8_0-openjdk-headless-1.8.0.201-3.16 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-23-default-10-28 is installed OR kernel-livepatch-SLE15_Update_0-10-28 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information qemu-2.11.2-9.17 is installed OR qemu-block-dmg-2.11.2-9.17 is installed OR qemu-extra-2.11.2-9.17 is installed OR qemu-linux-user-2.11.2-9.17 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information bzip2-1.0.6-5.3 is installed OR bzip2-doc-1.0.6-5.3 is installed OR libbz2-devel-32bit-1.0.6-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information ovmf-2017+git1510945757.b2662641d5-5.22 is installed OR ovmf-tools-2017+git1510945757.b2662641d5-5.22 is installed OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.22 is installed OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.22 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information 389-ds-1.4.0.26~git0.8a2d3de6f-4.14 is installed OR 389-ds-devel-1.4.0.26~git0.8a2d3de6f-4.14 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed AND Package Information tomcat-9.0.30-4.10 is installed OR tomcat-admin-webapps-9.0.30-4.10 is installed OR tomcat-el-3_0-api-9.0.30-4.10 is installed OR tomcat-jsp-2_3-api-9.0.30-4.10 is installed OR tomcat-lib-9.0.30-4.10 is installed OR tomcat-servlet-4_0-api-9.0.30-4.10 is installed OR tomcat-webapps-9.0.30-4.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libFLAC++6-1.3.0-11 is installed OR libFLAC8-1.3.0-11 is installed OR libFLAC8-32bit-1.3.0-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND kgraft-patch-4_4_121-92_98-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_26-5-2 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS is installed AND kgraft-patch-4_4_121-92_98-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_26-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_45-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_14-8-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libmysqlclient18-10.0.32-29.10 is installed OR libmysqlclient18-32bit-10.0.32-29.10 is installed OR mariadb-10.0.32-29.10 is installed OR mariadb-client-10.0.32-29.10 is installed OR mariadb-errormessages-10.0.32-29.10 is installed OR mariadb-tools-10.0.32-29.10 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND libmysqlclient18-10.0.32-29.10 is installed OR libmysqlclient18-32bit-10.0.32-29.10 is installed OR mariadb-10.0.32-29.10 is installed OR mariadb-client-10.0.32-29.10 is installed OR mariadb-errormessages-10.0.32-29.10 is installed OR mariadb-tools-10.0.32-29.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND autofs-5.0.9-27 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-BCL is installed AND LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-BCL is installed AND LibVNCServer-0.9.9-17.31 is installed OR libvncclient0-0.9.9-17.31 is installed OR libvncserver0-0.9.9-17.31 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND adns-1.4-103.3 is installed OR libadns1-1.4-103.3 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-ESPOS is installed AND adns-1.4-103.3 is installed OR libadns1-1.4-103.3 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-LTSS is installed AND java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gdk-pixbuf-2.34.0-19.17 is installed OR gdk-pixbuf-lang-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4 is installed AND libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND grub2-2.02-12.31 is installed OR grub2-arm64-efi-2.02-12.31 is installed OR grub2-i386-pc-2.02-12.31 is installed OR grub2-powerpc-ieee1275-2.02-12.31 is installed OR grub2-s390x-emu-2.02-12.31 is installed OR grub2-snapper-plugin-2.02-12.31 is installed OR grub2-systemd-sleep-plugin-2.02-12.31 is installed OR grub2-x86_64-efi-2.02-12.31 is installed OR grub2-x86_64-xen-2.02-12.31 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP4-LTSS is installed AND grub2-2.02-12.31 is installed OR grub2-arm64-efi-2.02-12.31 is installed OR grub2-i386-pc-2.02-12.31 is installed OR grub2-powerpc-ieee1275-2.02-12.31 is installed OR grub2-s390x-emu-2.02-12.31 is installed OR grub2-snapper-plugin-2.02-12.31 is installed OR grub2-systemd-sleep-plugin-2.02-12.31 is installed OR grub2-x86_64-efi-2.02-12.31 is installed OR grub2-x86_64-xen-2.02-12.31 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP5 is installed AND ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed OR Package Information SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed AND ghostscript-9.27-23.31 is installed OR ghostscript-x11-9.27-23.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information freeradius-server-3.0.16-3.6 is installed OR freeradius-server-devel-3.0.16-3.6 is installed OR freeradius-server-krb5-3.0.16-3.6 is installed OR freeradius-server-ldap-3.0.16-3.6 is installed OR freeradius-server-libs-3.0.16-3.6 is installed OR freeradius-server-mysql-3.0.16-3.6 is installed OR freeradius-server-perl-3.0.16-3.6 is installed OR freeradius-server-postgresql-3.0.16-3.6 is installed OR freeradius-server-python-3.0.16-3.6 is installed OR freeradius-server-sqlite-3.0.16-3.6 is installed OR freeradius-server-utils-3.0.16-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information kernel-default-3.12.48-52.27 is installed OR kernel-default-extra-3.12.48-52.27 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information libuuid-devel-2.28-44.3 is installed OR util-linux-2.28-44.3 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information libuuid-devel-2.29.2-3.8 is installed OR util-linux-2.29.2-3.8 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.93 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.93 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.93 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.6 is installed OR kernel-default-extra-4.12.14-25.6 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information PackageKit-gstreamer-plugin-1.1.10-10 is installed OR PackageKit-gtk3-module-1.1.10-10 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed

BACK