Oval Definition:	oval:org.opensuse.security:def:4488
Revision Date: 2021-09-16 Version: 1 Title: Security update for the Linux Kernel (Live Patch 18 for SLE 12 SP5) (Important) Description: This update for the Linux Kernel 4.12.14-122_71 fixes several issues. The following security issues were fixed: - CVE-2021-3653: Fixed missing validation of the KVM `int_ctl` VMCB field that would have allowed a malicious L1 guest to enable AVIC support for the L2 guest (bsc#1189420). - CVE-2021-3656: Fixed KVM nSVM nested VMLOAD/VMSAVE interception (bsc#1189418). - CVE-2021-38198: Fixed KVM MMU to use the correct inherited permissions to get shadow page (bsc#1189278). Family: unix Class: patch Status: Reference(s): 1050244 1051510 1051858 1058115 1061840 1065600 1065729 1071995 1085030 1086301 1086313 1086314 1089895 1109911 1114279 1118338 1120386 1133719 1134973 1137137 1138734 1143959 1144333 1145586 1149100 1151910 1151927 1153917 1154243 1154824 1156286 1157155 1157157 1157465 1157692 1158013 1158021 1158026 1158095 1158265 1158819 1159028 1159198 1159271 1159284 1159285 1159329 1159394 1159483 1159484 1159569 1159588 1159841 1159908 1159909 1159910 1159911 1159913 1159955 1160195 1160210 1160211 1160218 1160433 1160442 1160476 1160560 1160594 1160611 1160612 1160613 1160614 1160615 1160755 1160756 1160764 1160784 1160787 1160802 1160803 1160804 1160917 1160966 1160968 1161087 1161514 1161518 1161522 1161523 1161549 1161552 1161555 1161674 1161719 1161779 1161931 1161933 1161934 1161935 1161936 1161937 1161951 1162067 1162109 1162139 1162327 1162689 1162691 1162928 1162929 1162931 1163809 1163922 1163971 1164051 1164069 1164078 1164705 1164712 1164727 1164728 1164729 1164730 1164731 1164732 1164733 1164734 1164735 1164871 1165111 1165528 1165572 1165631 1165741 1165873 1165881 1165984 1165985 1166969 1167373 1167421 1167423 1167437 1167629 1168075 1168276 1168295 1168340 1168424 1168670 1168683 1168829 1168854 1169390 1169514 1169604 1169625 1169658 1169659 1169800 1170056 1170104 1170288 1170313 1170345 1170595 1170617 1170618 1170621 1170643 1170778 1170901 1171098 1171189 1171191 1171195 1171202 1171205 1171217 1171218 1171219 1171220 1171456 1171457 1171458 1171689 1171906 1171982 1171983 1172075 1172221 1172317 1172453 1172458 1173072 1174165 1174910 1174913 1176382 1186328 1189278 1189418 1189420 CVE-2018-1000199 CVE-2019-12519 CVE-2019-12521 CVE-2019-12528 CVE-2019-14615 CVE-2019-14889 CVE-2019-14896 CVE-2019-14897 CVE-2019-16994 CVE-2019-18860 CVE-2019-18897 CVE-2019-19036 CVE-2019-19045 CVE-2019-19054 CVE-2019-19318 CVE-2019-19319 CVE-2019-19447 CVE-2019-19462 CVE-2019-19768 CVE-2019-19770 CVE-2019-19965 CVE-2019-19966 CVE-2019-20054 CVE-2019-20095 CVE-2019-20096 CVE-2019-20810 CVE-2019-20812 CVE-2019-2126 CVE-2019-3688 CVE-2019-3690 CVE-2019-3701 CVE-2019-5108 CVE-2019-8835 CVE-2019-8844 CVE-2019-8846 CVE-2019-9232 CVE-2019-9325 CVE-2019-9371 CVE-2019-9433 CVE-2019-9455 CVE-2019-9458 CVE-2020-0543 CVE-2020-10018 CVE-2020-10690 CVE-2020-10703 CVE-2020-10711 CVE-2020-10720 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-10942 CVE-2020-10957 CVE-2020-10958 CVE-2020-10967 CVE-2020-11494 CVE-2020-11608 CVE-2020-11609 CVE-2020-11651 CVE-2020-11652 CVE-2020-11669 CVE-2020-11793 CVE-2020-11945 CVE-2020-12114 CVE-2020-12464 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12655 CVE-2020-12656 CVE-2020-12657 CVE-2020-12769 CVE-2020-13143 CVE-2020-14361 CVE-2020-14362 CVE-2020-15522 CVE-2020-1749 CVE-2020-25212 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-2732 CVE-2020-3862 CVE-2020-3864 CVE-2020-3865 CVE-2020-3867 CVE-2020-3868 CVE-2020-3899 CVE-2020-7053 CVE-2020-8013 CVE-2020-8428 CVE-2020-8517 CVE-2020-8647 CVE-2020-8648 CVE-2020-8649 CVE-2020-8834 CVE-2020-8992 CVE-2020-9383 CVE-2021-3653 CVE-2021-3656 CVE-2021-38198 SUSE-SU-2020:0130-1 SUSE-SU-2020:0143-1 SUSE-SU-2020:0231-1 SUSE-SU-2020:0468-1 SUSE-SU-2020:1109-1 SUSE-SU-2020:1156-1 SUSE-SU-2020:1163-1 SUSE-SU-2020:1198-1 SUSE-SU-2020:1250-1 SUSE-SU-2020:1379-1 SUSE-SU-2020:1663-1 SUSE-SU-2020:1973-1 SUSE-SU-2020:2398-1 SUSE-SU-2020:3181-1 SUSE-SU-2021:2163-1 Platform(s): SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP5 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1 Product(s): Definition Synopsis SUSE Cloud Compute Node for SUSE Linux Enterprise 12 5 is installed AND python-pycrypto-2.6.1-1 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information krb5-mini-1.12.1-16 is installed OR krb5-mini-devel-1.12.1-16 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND Package Information cracklib-2.9.0-7 is installed OR cracklib-dict-small-2.9.0-7 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.74-92.29 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND kernel-zfcpdump-4.4.82-6.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information ecryptfs-utils-103-5 is installed OR ecryptfs-utils-32bit-103-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND binutils-2.25.0-13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND fetchmail-6.3.26-12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND Package Information bouncycastle-1.64-3.3.1 is installed OR bouncycastle-pg-1.64-3.3.1 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed Definition Synopsis Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND permissions-20180125-3.21 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND permissions-20180125-3.21 is installed Definition Synopsis SUSE Linux Enterprise Live Patching 12 SP5 is installed AND kgraft-patch-4_12_14-122_71-default-6-2.2 is installed Definition Synopsis SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information compat-openssl098-0.9.8j-102 is installed OR libopenssl0_9_8-0.9.8j-102 is installed OR libopenssl0_9_8-32bit-0.9.8j-102 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_26-default-3-2 is installed OR kernel-livepatch-SLE15-SP1_Update_7-3-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND Package Information kernel-livepatch-5_3_18-24_24-default-2-2 is installed OR kernel-livepatch-SLE15-SP2_Update_4-2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.74-60.64.48 is installed OR kernel-ec2-devel-3.12.74-60.64.48 is installed OR kernel-ec2-extra-3.12.74-60.64.48 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php7-7.0.7-25 is installed OR php7-7.0.7-25 is installed OR php7-bcmath-7.0.7-25 is installed OR php7-bz2-7.0.7-25 is installed OR php7-calendar-7.0.7-25 is installed OR php7-ctype-7.0.7-25 is installed OR php7-curl-7.0.7-25 is installed OR php7-dba-7.0.7-25 is installed OR php7-dom-7.0.7-25 is installed OR php7-enchant-7.0.7-25 is installed OR php7-exif-7.0.7-25 is installed OR php7-fastcgi-7.0.7-25 is installed OR php7-fileinfo-7.0.7-25 is installed OR php7-fpm-7.0.7-25 is installed OR php7-ftp-7.0.7-25 is installed OR php7-gd-7.0.7-25 is installed OR php7-gettext-7.0.7-25 is installed OR php7-gmp-7.0.7-25 is installed OR php7-iconv-7.0.7-25 is installed OR php7-imap-7.0.7-25 is installed OR php7-intl-7.0.7-25 is installed OR php7-json-7.0.7-25 is installed OR php7-ldap-7.0.7-25 is installed OR php7-mbstring-7.0.7-25 is installed OR php7-mcrypt-7.0.7-25 is installed OR php7-mysql-7.0.7-25 is installed OR php7-odbc-7.0.7-25 is installed OR php7-opcache-7.0.7-25 is installed OR php7-openssl-7.0.7-25 is installed OR php7-pcntl-7.0.7-25 is installed OR php7-pdo-7.0.7-25 is installed OR php7-pear-7.0.7-25 is installed OR php7-pear-Archive_Tar-7.0.7-25 is installed OR php7-pgsql-7.0.7-25 is installed OR php7-phar-7.0.7-25 is installed OR php7-posix-7.0.7-25 is installed OR php7-pspell-7.0.7-25 is installed OR php7-shmop-7.0.7-25 is installed OR php7-snmp-7.0.7-25 is installed OR php7-soap-7.0.7-25 is installed OR php7-sockets-7.0.7-25 is installed OR php7-sqlite-7.0.7-25 is installed OR php7-sysvmsg-7.0.7-25 is installed OR php7-sysvsem-7.0.7-25 is installed OR php7-sysvshm-7.0.7-25 is installed OR php7-tokenizer-7.0.7-25 is installed OR php7-wddx-7.0.7-25 is installed OR php7-xmlreader-7.0.7-25 is installed OR php7-xmlrpc-7.0.7-25 is installed OR php7-xmlwriter-7.0.7-25 is installed OR php7-xsl-7.0.7-25 is installed OR php7-zip-7.0.7-25 is installed OR php7-zlib-7.0.7-25 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information cifs-mount-3.4.3-1.54.1 is installed OR ldapsmb-1.34b-11.28.54.1 is installed OR libsmbclient0-3.4.3-1.54.1 is installed OR libsmbclient0-32bit-3.4.3-1.54.1 is installed OR libtalloc1-3.4.3-1.54.1 is installed OR libtalloc1-32bit-3.4.3-1.54.1 is installed OR libtdb1-3.4.3-1.54.1 is installed OR libtdb1-32bit-3.4.3-1.54.1 is installed OR libwbclient0-3.4.3-1.54.1 is installed OR libwbclient0-32bit-3.4.3-1.54.1 is installed OR samba-3.4.3-1.54.1 is installed OR samba-32bit-3.4.3-1.54.1 is installed OR samba-client-3.4.3-1.54.1 is installed OR samba-client-32bit-3.4.3-1.54.1 is installed OR samba-doc-3.4.3-1.54.1 is installed OR samba-krb-printing-3.4.3-1.54.1 is installed OR samba-winbind-3.4.3-1.54.1 is installed OR samba-winbind-32bit-3.4.3-1.54.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information openvpn-2.0.9-143.44.1 is installed OR openvpn-auth-pam-plugin-2.0.9-143.44.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information libHX28-3.18-1 is installed OR libHX28-32bit-3.18-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information colord-gtk-lang-0.1.25-3 is installed OR libcolord-gtk1-0.1.25-3 is installed OR libcolord2-1.1.7-5 is installed OR libcolord2-32bit-1.1.7-5 is installed OR libcolorhug2-1.1.7-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_55-52_42-default-2-2.2 is installed OR kgraft-patch-3_12_55-52_42-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_12-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.1-3.49 is installed OR libwebkit2gtk-4_0-37-2.28.1-3.49 is installed OR libwebkit2gtk3-lang-2.28.1-3.49 is installed OR webkit2gtk-4_0-injected-bundles-2.28.1-3.49 is installed OR webkit2gtk3-2.28.1-3.49 is installed OR webkit2gtk3-devel-2.28.1-3.49 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information elfutils-0.158-6 is installed OR libasm1-0.158-6 is installed OR libdw1-0.158-6 is installed OR libebl1-0.158-6 is installed OR libelf1-0.158-6 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND squid-4.11-5.17 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND libproxy-devel-0.3.1-2.6.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information lxc-0.8.0-0.21.6 is installed OR lxc-devel-0.8.0-0.21.6 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND augeas-devel-1.2.0-1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information DirectFB-devel-1.7.1-4 is installed OR lib++dfb-devel-1.7.1-4 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information libX11-1.6.2-8.1 is installed OR libX11-devel-1.6.2-8.1 is installed OR libXfixes-5.0.1-7.1 is installed OR libXfixes-devel-5.0.1-7.1 is installed OR libXi-1.7.4-14.1 is installed OR libXi-devel-1.7.4-14.1 is installed OR libXrender-0.9.8-7.1 is installed OR libXrender-devel-0.9.8-7.1 is installed OR libXtst-1.2.2-7.1 is installed OR libXtst-devel-1.2.2-7.1 is installed OR libXv-1.0.10-7.1 is installed OR libXv-devel-1.0.10-7.1 is installed OR libXvMC-1.0.8-7.1 is installed OR libXvMC-devel-1.0.8-7.1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information ImageMagick-6.8.8.1-8.2 is installed OR libMagick++-6_Q16-3-6.8.8.1-8.2 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8.2 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information python-base-2.7.9-24.2 is installed OR python-devel-2.7.9-24.2 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND Package Information gcc48-gij-4.8.5-30 is installed OR gcc48-gij-32bit-4.8.5-30 is installed OR libgcj48-4.8.5-30 is installed OR libgcj48-32bit-4.8.5-30 is installed OR libgcj48-jar-4.8.5-30 is installed OR libgcj_bc1-4.8.5-30 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information kernel-default-4.12.14-25.25 is installed OR kernel-default-extra-4.12.14-25.25 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information ffmpeg-3.4.2-4.17 is installed OR libavcodec-devel-3.4.2-4.17 is installed OR libavformat-devel-3.4.2-4.17 is installed OR libavformat57-3.4.2-4.17 is installed OR libavresample-devel-3.4.2-4.17 is installed OR libavresample3-3.4.2-4.17 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information MozillaThunderbird-68.9.0-3.85 is installed OR MozillaThunderbird-translations-common-68.9.0-3.85 is installed OR MozillaThunderbird-translations-other-68.9.0-3.85 is installed
BACK