Oval Definition:	oval:org.opensuse.security:def:4480
Revision Date: 2021-09-16 Version: 1 Title: Security update for the Linux Kernel (Live Patch 10 for SLE 12 SP5) (Important) Description: This update for the Linux Kernel 4.12.14-122_41 fixes several issues. The following security issues were fixed: - CVE-2021-3653: Fixed missing validation of the KVM `int_ctl` VMCB field that would have allowed a malicious L1 guest to enable AVIC support for the L2 guest (bsc#1189420). - CVE-2021-3656: Fixed KVM nSVM nested VMLOAD/VMSAVE interception (bsc#1189418). - CVE-2021-38198: Fixed KVM MMU to use the correct inherited permissions to get shadow page (bsc#1189278). Family: unix Class: patch Status: Reference(s): 1058115 1065600 1065729 1066382 1071995 1084671 1085030 1092920 1106383 1123156 1133495 1133719 1137137 1138734 1140844 1145586 1148643 1148868 1149032 1149100 1151377 1152472 1152489 1152692 1152990 1152992 1152994 1152995 1153274 1154256 1154353 1154492 1155207 1155327 1155518 1155574 1155798 1156213 1156395 1156482 1157169 1158050 1158242 1158265 1158485 1158748 1158765 1158983 1159781 1159814 1159867 1160594 1160764 1160947 1161066 1161436 1161495 1161779 1162002 1162063 1162108 1162396 1162400 1162689 1162691 1162702 1163018 1163592 1163922 1163985 1164648 1164777 1164780 1164804 1165211 1165776 1165933 1165975 1166240 1166881 1166985 1167104 1167373 1167651 1167773 1168230 1168345 1168404 1168407 1168683 1168779 1168838 1168959 1169021 1169066 1169094 1169194 1169514 1169659 1169681 1169771 1170011 1170284 1170313 1170415 1170442 1170617 1170643 1170774 1170879 1170891 1170895 1170940 1171150 1171189 1171191 1171219 1171220 1171246 1171417 1171513 1171529 1171530 1171662 1171688 1171699 1171732 1171739 1171743 1171759 1171828 1171857 1171868 1171904 1171915 1171924 1171982 1171983 1171988 1172017 1172046 1172061 1172062 1172063 1172064 1172065 1172066 1172067 1172068 1172069 1172073 1172086 1172095 1172169 1172170 1172201 1172208 1172223 1172342 1172343 1172344 1172365 1172366 1172374 1172391 1172393 1172394 1172453 1172458 1172467 1172484 1172537 1172543 1172687 1172719 1172739 1172751 1172759 1172775 1172781 1172782 1172783 1172814 1172823 1172841 1172871 1172938 1172939 1172940 1172956 1172983 1172984 1172985 1172986 1172987 1172988 1172989 1172990 1172999 1173060 1173068 1173074 1173085 1173139 1173206 1173271 1173274 1173280 1173284 1173428 1173438 1173461 1173514 1173552 1173573 1173625 1173746 1173776 1173817 1173818 1173820 1173822 1173823 1173824 1173825 1173826 1173827 1173828 1173830 1173831 1173832 1173833 1173834 1173836 1173837 1173838 1173839 1173841 1173843 1173844 1173845 1173847 1173849 1173860 1173894 1173941 1174018 1174072 1174116 1174126 1174127 1174128 1174129 1174185 1174244 1174263 1174264 1174331 1174332 1174333 1174345 1174356 1174396 1174398 1174407 1174409 1174411 1174438 1174462 1174513 1174527 1174543 1174627 1174628 1175721 1175749 1176354 1177281 1177513 1177729 1177766 1177799 1177801 1178166 1178173 1178175 1178176 1178177 1178183 1178184 1178185 1178186 1178190 1178191 1178255 1178307 1178330 1178395 1185013 1189278 1189418 1189420 962849 CVE-2012-6708 CVE-2015-9251 CVE-2019-12519 CVE-2019-12521 CVE-2019-12528 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-18860 CVE-2019-19462 CVE-2019-20382 CVE-2019-20386 CVE-2019-20810 CVE-2019-20812 CVE-2019-3688 CVE-2019-3690 CVE-2019-6778 CVE-2020-0305 CVE-2020-10135 CVE-2020-10703 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10773 CVE-2020-10781 CVE-2020-11501 CVE-2020-11945 CVE-2020-12351 CVE-2020-12656 CVE-2020-12769 CVE-2020-12771 CVE-2020-12888 CVE-2020-13143 CVE-2020-13974 CVE-2020-14344 CVE-2020-14416 CVE-2020-14422 CVE-2020-15393 CVE-2020-15780 CVE-2020-1711 CVE-2020-1712 CVE-2020-1720 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 CVE-2020-1983 CVE-2020-25645 CVE-2020-25656 CVE-2020-25705 CVE-2020-3899 CVE-2020-7039 CVE-2020-8013 CVE-2020-8130 CVE-2020-8517 CVE-2020-8608 CVE-2020-8694 CVE-2021-3504 CVE-2021-3653 CVE-2021-3656 CVE-2021-38198 SUSE-SU-2020:0335-1 SUSE-SU-2020:0737-1 SUSE-SU-2020:0948-1 SUSE-SU-2020:1126-1 SUSE-SU-2020:1156-1 SUSE-SU-2020:1163-1 SUSE-SU-2020:1198-1 SUSE-SU-2020:1250-1 SUSE-SU-2020:1523-1 SUSE-SU-2020:1822-1 SUSE-SU-2020:2149-1 SUSE-SU-2020:2197-1 SUSE-SU-2020:3273-1 SUSE-SU-2021:1761-1 Platform(s): SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Availability 15 SP2 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP5 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 SUSE Package Hub for SUSE Linux Enterprise 12 Product(s): Definition Synopsis SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information libreoffice-4.3.5.2-10 is installed OR libreoffice-sdk-4.3.5.2-10 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND kernel-zfcpdump-3.12.51-60.20 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND Package Information ghostscript-mini-9.15-17 is installed OR ghostscript-mini-devel-9.15-17 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND Package Information libudev-mini-devel-228-150.9 is installed OR libudev-mini1-228-150.9 is installed OR systemd-mini-228-150.9 is installed OR systemd-mini-devel-228-150.9 is installed OR udev-mini-228-150.9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information curl-7.37.0-2 is installed OR libcurl4-7.37.0-2 is installed OR libcurl4-32bit-7.37.0-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-9 is installed OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information ecryptfs-utils-103-7 is installed OR ecryptfs-utils-32bit-103-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND Package Information ocaml-hivex-1.3.14-5.3.1 is installed OR ocaml-hivex-devel-1.3.14-5.3.1 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_48-52_27-default-5-2.2 is installed OR kgraft-patch-3_12_48-52_27-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_8-5-2.2 is installed Definition Synopsis SUSE Linux Enterprise High Availability 15 SP2 is installed AND Package Information cluster-md-kmp-default-5.3.18-24.37 is installed OR dlm-kmp-default-5.3.18-24.37 is installed OR gfs2-kmp-default-5.3.18-24.37 is installed OR kernel-default-5.3.18-24.37 is installed OR ocfs2-kmp-default-5.3.18-24.37 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND apache2-2.4.33-3.30 is installed OR apache2-devel-2.4.33-3.30 is installed OR apache2-doc-2.4.33-3.30 is installed OR apache2-prefork-2.4.33-3.30 is installed OR apache2-utils-2.4.33-3.30 is installed OR apache2-worker-2.4.33-3.30 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND apache2-2.4.33-3.30 is installed OR apache2-devel-2.4.33-3.30 is installed OR apache2-doc-2.4.33-3.30 is installed OR apache2-prefork-2.4.33-3.30 is installed OR apache2-utils-2.4.33-3.30 is installed OR apache2-worker-2.4.33-3.30 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP5 is installed AND kgraft-patch-4_12_14-122_41-default-15-2.2 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-78 is installed OR libopenssl0_9_8-0.9.8j-78 is installed OR libopenssl0_9_8-32bit-0.9.8j-78 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_37-default-7-2 is installed OR kernel-livepatch-SLE15-SP1_Update_10-7-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.9 is installed OR kernel-default-livepatch-5.3.18-24.9 is installed OR kernel-default-livepatch-devel-5.3.18-24.9 is installed OR kernel-livepatch-5_3_18-24_9-default-1-5.3 is installed OR kernel-livepatch-SLE15-SP2_Update_1-1-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.67-60.64.24 is installed OR kernel-ec2-devel-3.12.67-60.64.24 is installed OR kernel-ec2-extra-3.12.67-60.64.24 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-73 is installed OR php5-5.5.14-73 is installed OR php5-bcmath-5.5.14-73 is installed OR php5-bz2-5.5.14-73 is installed OR php5-calendar-5.5.14-73 is installed OR php5-ctype-5.5.14-73 is installed OR php5-curl-5.5.14-73 is installed OR php5-dba-5.5.14-73 is installed OR php5-dom-5.5.14-73 is installed OR php5-enchant-5.5.14-73 is installed OR php5-exif-5.5.14-73 is installed OR php5-fastcgi-5.5.14-73 is installed OR php5-fileinfo-5.5.14-73 is installed OR php5-fpm-5.5.14-73 is installed OR php5-ftp-5.5.14-73 is installed OR php5-gd-5.5.14-73 is installed OR php5-gettext-5.5.14-73 is installed OR php5-gmp-5.5.14-73 is installed OR php5-iconv-5.5.14-73 is installed OR php5-imap-5.5.14-73 is installed OR php5-intl-5.5.14-73 is installed OR php5-json-5.5.14-73 is installed OR php5-ldap-5.5.14-73 is installed OR php5-mbstring-5.5.14-73 is installed OR php5-mcrypt-5.5.14-73 is installed OR php5-mysql-5.5.14-73 is installed OR php5-odbc-5.5.14-73 is installed OR php5-opcache-5.5.14-73 is installed OR php5-openssl-5.5.14-73 is installed OR php5-pcntl-5.5.14-73 is installed OR php5-pdo-5.5.14-73 is installed OR php5-pear-5.5.14-73 is installed OR php5-pgsql-5.5.14-73 is installed OR php5-phar-5.5.14-73 is installed OR php5-posix-5.5.14-73 is installed OR php5-pspell-5.5.14-73 is installed OR php5-shmop-5.5.14-73 is installed OR php5-snmp-5.5.14-73 is installed OR php5-soap-5.5.14-73 is installed OR php5-sockets-5.5.14-73 is installed OR php5-sqlite-5.5.14-73 is installed OR php5-suhosin-5.5.14-73 is installed OR php5-sysvmsg-5.5.14-73 is installed OR php5-sysvsem-5.5.14-73 is installed OR php5-sysvshm-5.5.14-73 is installed OR php5-tokenizer-5.5.14-73 is installed OR php5-wddx-5.5.14-73 is installed OR php5-xmlreader-5.5.14-73 is installed OR php5-xmlrpc-5.5.14-73 is installed OR php5-xmlwriter-5.5.14-73 is installed OR php5-xsl-5.5.14-73 is installed OR php5-zip-5.5.14-73 is installed OR php5-zlib-5.5.14-73 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information MozillaFirefox-17.0.8esr-0.4.2.1 is installed OR MozillaFirefox-translations-17.0.8esr-0.4.2.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information nagios-nrpe-2.12-24.4.10.1 is installed OR nagios-nrpe-doc-2.12-24.4.10.1 is installed OR nagios-plugins-nrpe-2.12-24.4.10.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information ibus-chewing-1.4.10.1-2 is installed OR ibus-pinyin-1.5.0-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR avahi-utils-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_49-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_49-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_14-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.2-3.54 is installed OR libwebkit2gtk-4_0-37-2.28.2-3.54 is installed OR libwebkit2gtk3-lang-2.28.2-3.54 is installed OR webkit2gtk-4_0-injected-bundles-2.28.2-3.54 is installed OR webkit2gtk3-2.28.2-3.54 is installed OR webkit2gtk3-devel-2.28.2-3.54 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information dhcp-4.3.3-9 is installed OR dhcp-client-4.3.3-9 is installed OR dhcp-relay-4.3.3-9 is installed OR dhcp-server-4.3.3-9 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND squid-4.11-5.17 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND postgresql91-devel-9.1.9-0.3.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information libwmf-0.2.8.4-206.29.29.1 is installed OR libwmf-32bit-0.2.8.4-206.29.29.1 is installed OR libwmf-devel-0.2.8.4-206.29.29.1 is installed OR libwmf-gnome-0.2.8.4-206.29.29.1 is installed OR libwmf-gnome-32bit-0.2.8.4-206.29.29.1 is installed OR libwmf-gnome-x86-0.2.8.4-206.29.29.1 is installed OR libwmf-x86-0.2.8.4-206.29.29.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information FastCGI-2.4.0-167 is installed OR perl-FastCGI-2.4.0-167 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND accountsservice-devel-0.6.35-3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information MozillaFirefox-45.5.0esr-88.1 is installed OR MozillaFirefox-devel-45.5.0esr-88.1 is installed OR mozilla-nss-3.21.3-50.1 is installed OR mozilla-nss-devel-3.21.3-50.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information flash-player-11.2.202.425-19.1 is installed OR flash-player-gnome-11.2.202.425-19.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information kernel-default-3.12.59-60.45.2 is installed OR kernel-default-extra-3.12.59-60.45.2 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND bogofilter-1.2.4-5 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information ffmpeg-3.4.2-4.5 is installed OR libavcodec-devel-3.4.2-4.5 is installed OR libavformat-devel-3.4.2-4.5 is installed OR libavformat57-3.4.2-4.5 is installed OR libavresample-devel-3.4.2-4.5 is installed OR libavresample3-3.4.2-4.5 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.7.0-3.36 is installed OR MozillaThunderbird-translations-common-60.7.0-3.36 is installed OR MozillaThunderbird-translations-other-60.7.0-3.36 is installed Definition Synopsis SUSE Package Hub for SUSE Linux Enterprise 12 is installed AND Package Information chromedriver-53.0.2785.89-96 is installed OR chromium-53.0.2785.89-96 is installed OR chromium-desktop-gnome-53.0.2785.89-96 is installed OR chromium-desktop-kde-53.0.2785.89-96 is installed OR chromium-ffmpegsumo-53.0.2785.89-96 is installed
BACK