Oval Definition:	oval:org.opensuse.security:def:4484
Revision Date: 2021-09-16 Version: 1 Title: Security update for the Linux Kernel (Live Patch 14 for SLE 12 SP5) (Important) Description: This update for the Linux Kernel 4.12.14-122_57 fixes several issues. The following security issues were fixed: - CVE-2021-3653: Fixed missing validation of the KVM `int_ctl` VMCB field that would have allowed a malicious L1 guest to enable AVIC support for the L2 guest (bsc#1189420). - CVE-2021-3656: Fixed KVM nSVM nested VMLOAD/VMSAVE interception (bsc#1189418). - CVE-2021-38198: Fixed KVM MMU to use the correct inherited permissions to get shadow page (bsc#1189278). Family: unix Class: patch Status: Reference(s): 1046303 1050244 1050549 1051510 1051858 1061840 1065600 1065729 1071995 1083647 1085030 1086301 1086313 1086314 1088810 1090888 1103989 1103990 1103991 1104353 1104427 1104745 1105392 1109837 1111666 1112178 1112374 1112504 1113956 1114279 1114685 1115026 1118338 1118661 1123328 1126206 1127371 1127611 1127682 1129551 1129770 1133021 1133147 1134973 1136020 1140025 1142685 1143959 1144162 1144333 1146519 1146544 1151548 1151910 1151927 1152107 1152631 1152692 1153535 1153917 1154243 1154601 1154768 1154916 1155327 1155331 1155334 1155689 1156259 1156286 1156462 1157155 1157157 1157169 1157303 1157424 1157480 1157692 1157853 1157895 1157908 1157966 1158013 1158021 1158026 1158071 1158094 1158095 1158132 1158381 1158533 1158637 1158638 1158639 1158640 1158641 1158643 1158644 1158645 1158646 1158647 1158649 1158651 1158652 1158819 1158823 1158824 1158827 1158834 1158893 1158900 1158903 1158904 1158954 1159024 1159028 1159271 1159297 1159377 1159394 1159483 1159484 1159500 1159569 1159588 1159841 1159908 1159909 1159910 1159911 1159955 1160147 1160195 1160210 1160211 1160218 1160433 1160442 1160469 1160470 1160476 1160560 1160594 1160618 1160678 1160755 1160756 1160764 1160784 1160787 1160802 1160803 1160804 1160850 1160888 1160917 1160922 1160966 1160979 1161087 1161243 1161360 1161472 1161514 1161518 1161522 1161523 1161549 1161552 1161674 1161702 1161779 1161907 1161931 1161933 1161934 1161935 1161936 1161937 1162028 1162067 1162109 1162139 1162202 1162296 1162557 1162617 1162618 1162619 1162623 1162675 1162928 1162943 1163206 1163383 1163384 1163762 1163774 1163836 1163840 1163841 1163842 1163843 1163844 1163845 1163846 1163849 1163850 1163851 1163852 1163853 1163855 1163856 1163857 1163858 1163859 1163860 1163861 1163862 1163863 1163867 1163869 1163880 1163922 1163971 1164051 1164069 1164098 1164115 1164314 1164315 1164388 1164471 1164598 1164632 1164705 1164712 1164727 1164728 1164729 1164730 1164731 1164732 1164733 1164734 1164735 1165528 1165548 1166881 1166916 1168345 1168404 1168407 1168554 1169066 1169658 1170643 1171883 1171928 1172442 1172443 1174922 1174923 1176069 1186651 1189278 1189418 1189420 CVE-2019-14615 CVE-2019-14889 CVE-2019-14896 CVE-2019-14897 CVE-2019-14902 CVE-2019-14907 CVE-2019-15213 CVE-2019-16746 CVE-2019-16994 CVE-2019-18634 CVE-2019-18808 CVE-2019-18904 CVE-2019-19036 CVE-2019-19045 CVE-2019-19051 CVE-2019-19054 CVE-2019-19066 CVE-2019-19318 CVE-2019-19319 CVE-2019-19332 CVE-2019-19338 CVE-2019-19447 CVE-2019-19523 CVE-2019-19526 CVE-2019-19527 CVE-2019-19532 CVE-2019-19533 CVE-2019-19535 CVE-2019-19537 CVE-2019-19767 CVE-2019-19927 CVE-2019-19965 CVE-2019-19966 CVE-2019-20054 CVE-2019-20095 CVE-2019-20096 CVE-2019-3688 CVE-2019-3690 CVE-2020-10018 CVE-2020-11080 CVE-2020-11501 CVE-2020-11793 CVE-2020-12673 CVE-2020-12674 CVE-2020-14386 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 CVE-2020-2732 CVE-2020-3899 CVE-2020-7053 CVE-2020-7598 CVE-2020-8013 CVE-2020-8174 CVE-2020-8428 CVE-2020-8648 CVE-2020-8992 CVE-2020-9484 CVE-2021-29505 CVE-2021-3653 CVE-2021-3656 CVE-2021-38198 SUSE-SU-2020:0130-1 SUSE-SU-2020:0224-1 SUSE-SU-2020:0408-1 SUSE-SU-2020:0560-1 SUSE-SU-2020:0948-1 SUSE-SU-2020:1109-1 SUSE-SU-2020:1126-1 SUSE-SU-2020:1163-1 SUSE-SU-2020:1179-1 SUSE-SU-2020:1198-1 SUSE-SU-2020:1364-1 SUSE-SU-2020:1576-1 SUSE-SU-2020:1858-1 SUSE-SU-2020:2266-1 SUSE-SU-2020:2577-1 SUSE-SU-2021:1995-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP5 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND Package Information openstack-cinder-2014.2.3.dev13-1 is installed OR openstack-cinder-volume-2014.2.3.dev13-1 is installed OR python-cinder-2014.2.3.dev13-1 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 is installed AND kernel-zfcpdump-3.12.39-47 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND kernel-zfcpdump-3.12.59-60.45 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.21-90 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND Package Information libpoppler-cpp0-0.43.0-16.5 is installed OR poppler-0.43.0-16.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information dbus-1-glib-0.100.2-3 is installed OR dbus-1-glib-32bit-0.100.2-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND autofs-5.0.9-8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information eog-3.20.4-7 is installed OR eog-lang-3.20.4-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information audiofile-0.3.6-10 is installed OR libaudiofile1-0.3.6-10 is installed OR libaudiofile1-32bit-0.3.6-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR libMagick++-6_Q16-3-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-71.85 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND xstream-1.4.17-3.11.2 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information apache2-2.4.10-14.17.1 is installed OR apache2-doc-2.4.10-14.17.1 is installed OR apache2-example-pages-2.4.10-14.17.1 is installed OR apache2-prefork-2.4.10-14.17.1 is installed OR apache2-utils-2.4.10-14.17.1 is installed OR apache2-worker-2.4.10-14.17.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND apache2-2.4.33-3.30 is installed OR apache2-devel-2.4.33-3.30 is installed OR apache2-doc-2.4.33-3.30 is installed OR apache2-prefork-2.4.33-3.30 is installed OR apache2-utils-2.4.33-3.30 is installed OR apache2-worker-2.4.33-3.30 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND apache2-2.4.33-3.30 is installed OR apache2-devel-2.4.33-3.30 is installed OR apache2-doc-2.4.33-3.30 is installed OR apache2-prefork-2.4.33-3.30 is installed OR apache2-utils-2.4.33-3.30 is installed OR apache2-worker-2.4.33-3.30 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP5 is installed AND kgraft-patch-4_12_14-122_57-default-11-2.2 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.3-12 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.3-12 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.3-12 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.3-12 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.34 is installed OR kernel-default-livepatch-4.12.14-197.34 is installed OR kernel-default-livepatch-devel-4.12.14-197.34 is installed OR kernel-livepatch-4_12_14-197_34-default-1-3.5 is installed OR kernel-livepatch-SLE15-SP1_Update_9-1-3.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.15 is installed OR kernel-default-livepatch-5.3.18-24.15 is installed OR kernel-default-livepatch-devel-5.3.18-24.15 is installed OR kernel-livepatch-5_3_18-24_15-default-1-5.3 is installed OR kernel-livepatch-SLE15-SP2_Update_3-1-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.57-60.35 is installed OR kernel-ec2-devel-3.12.57-60.35 is installed OR kernel-ec2-extra-3.12.57-60.35 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information libpython3_4m1_0-3.4.5-17 is installed OR python3-3.4.5-17 is installed OR python3-base-3.4.5-17 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 12 SP1 is installed AND Package Information kernel-compute-3.12.67-60.27.1 is installed OR kernel-compute-base-3.12.67-60.27.1 is installed OR kernel-compute-devel-3.12.67-60.27.1 is installed OR kernel-compute_debug-3.12.67-60.27.1 is installed OR kernel-compute_debug-devel-3.12.67-60.27.1 is installed OR kernel-devel-rt-3.12.67-60.27.1 is installed OR kernel-rt-3.12.67-60.27.1 is installed OR kernel-rt-base-3.12.67-60.27.1 is installed OR kernel-rt-devel-3.12.67-60.27.1 is installed OR kernel-rt_debug-3.12.67-60.27.1 is installed OR kernel-rt_debug-devel-3.12.67-60.27.1 is installed OR kernel-source-rt-3.12.67-60.27.1 is installed OR kernel-syms-rt-3.12.67-60.27.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information bash-3.2-147.14.22.1 is installed OR bash-doc-3.2-147.14.22.1 is installed OR libreadline5-5.2-147.14.22.1 is installed OR libreadline5-32bit-5.2-147.14.22.1 is installed OR readline-doc-5.2-147.14.22.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information ofed-1.5.4.1-20.26 is installed OR ofed-doc-1.5.4.1-20.26 is installed OR ofed-kmp-default-1.5.4.1_3.0.101_63-20.26 is installed OR ofed-kmp-pae-1.5.4.1_3.0.101_63-20.26 is installed OR ofed-kmp-ppc64-1.5.4.1_3.0.101_63-20.26 is installed OR ofed-kmp-trace-1.5.4.1_3.0.101_63-20.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND kbd-1.15.5-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND busybox-1.21.1-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_51-52_31-default-5-2.2 is installed OR kgraft-patch-3_12_51-52_31-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_9-5-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libssh-0.7.5-6.9 is installed OR libssh-devel-0.7.5-6.9 is installed OR libssh4-0.7.5-6.9 is installed OR libssh4-32bit-0.7.5-6.9 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information dracut-044-87 is installed OR dracut-fips-044-87 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.1-3.49 is installed OR libwebkit2gtk-4_0-37-2.28.1-3.49 is installed OR libwebkit2gtk3-lang-2.28.1-3.49 is installed OR webkit2gtk-4_0-injected-bundles-2.28.1-3.49 is installed OR webkit2gtk3-2.28.1-3.49 is installed OR webkit2gtk3-devel-2.28.1-3.49 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND libotr-devel-3.2.0-10.3.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information libxml2-2.7.6-0.37.1 is installed OR libxml2-devel-2.7.6-0.37.1 is installed OR libxml2-devel-32bit-2.7.6-0.37.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND accountsservice-devel-0.6.35-1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information ImageMagick-6.8.8.1-8 is installed OR ImageMagick-devel-6.8.8.1-8 is installed OR libMagick++-6_Q16-3-6.8.8.1-8 is installed OR libMagick++-devel-6.8.8.1-8 is installed OR perl-PerlMagick-6.8.8.1-8 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information kernel-docs-4.4.21-84.3 is installed OR kernel-obs-build-4.4.21-84.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information flash-player-11.2.202.418-11.1 is installed OR flash-player-gnome-11.2.202.418-11.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information gimp-2.8.10-7.8 is installed OR gimp-lang-2.8.10-7.8 is installed OR gimp-plugins-python-2.8.10-7.8 is installed OR libgimp-2_0-0-2.8.10-7.8 is installed OR libgimpui-2_0-0-2.8.10-7.8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND drm-kmp-default-4.9.33_k4.4.73_5-2 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND enigmail-2.0.8-3.10 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information MozillaThunderbird-60.7.0-3.33 is installed OR MozillaThunderbird-translations-common-60.7.0-3.33 is installed OR MozillaThunderbird-translations-other-60.7.0-3.33 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information libopencv3_3-3.3.1-6.6 is installed OR opencv-3.3.1-6.6 is installed OR opencv-devel-3.3.1-6.6 is installed
BACK