OVAL Reference oval:org.opensuse.security:def:4493

Oval Definition:

oval:org.opensuse.security:def:4493

Revision Date:	2021-09-23	Version:	1
Title:	Security update for the Linux Kernel (Important)
Description:	The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-9517: Fixed possible memory corruption due to a use after free in pppol2tp_connect (bsc#1108488). - CVE-2019-3874: Fixed possible denial of service attack via SCTP socket buffer used by a userspace applications (bnc#1129898). - CVE-2019-3900: Fixed an infinite loop issue while handling incoming packets in handle_rx() (bnc#1133374). - CVE-2021-3640: Fixed a Use-After-Free vulnerability in function sco_sock_sendmsg() in the bluetooth stack (bsc#1188172). - CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support for the L2 guest. (bsc#1189399). - CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS for the L2 guest (bsc#1189400). - CVE-2021-3679: A lack of CPU resource in tracing module functionality was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service (bnc#1189057). - CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace can reveal files (bsc#1189706). - CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling (bsc#1190025). - CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead to breaking memcg limits and DoS attacks (bsc#1190115). - CVE-2021-38160: Data corruption or loss could be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190117) - CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault (bnc#1189262). - CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations (bnc#1189291). - CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass via unprivileged BPF program that could have obtain sensitive information from kernel memory (bsc#1188983). - CVE-2021-35477: Fixed BPF stack frame pointer which could have been abused to disclose content of arbitrary kernel memory (bsc#1188985). - CVE-2020-12770: Fixed sg_remove_request call in a certain failure cases (bsc#1171420). The following non-security bugs were fixed: - ACPI: NFIT: Fix support for virtual SPA ranges (git-fixes). - ALSA: seq: Fix racy deletion of subscriber (git-fixes). - ASoC: cs42l42: Do not allow SND_SOC_DAIFMT_LEFT_J (git-fixes). - ASoC: cs42l42: Fix inversion of ADC Notch Switch control (git-fixes). - ASoC: cs42l42: Remove duplicate control for WNF filter frequency (git-fixes). - Bluetooth: Move shutdown callback before flushing tx and rx queue (git-fixes). - Bluetooth: add timeout sanity check to hci_inquiry (git-fixes). - Bluetooth: fix repeated calls to sco_sock_kill (git-fixes). - Bluetooth: increase BTNAMSIZ to 21 chars to fix potential buffer overflow (git-fixes). - Bluetooth: sco: prevent information leak in sco_conn_defer_accept() (git-fixes). - KVM: SVM: Call SEV Guest Decommission if ASID binding fails (12sp5). - NFSv4/pNFS: Do not call _nfs4_pnfs_v3_ds_connect multiple times (git-fixes). - NFSv4: Initialise connection to the server in nfs4_alloc_client() (bsc#1040364). - PCI/MSI: Correct misleading comments (git-fixes). - PCI/MSI: Do not set invalid bits in MSI mask (git-fixes). - PCI/MSI: Enable and mask MSI-X early (git-fixes). - PCI/MSI: Use msi_mask_irq() in pci_msi_shutdown() (git-fixes). - PCI: Add Intel VMD devices to pci ids (bsc#1183983). - PCI: PM: Enable PME if it can be signaled from D3cold (git-fixes). - PCI: hv: Use expected affinity when unmasking IRQ (bsc#1185973). - PCI: vmd: Add an additional VMD device id to driver device id table (bsc#1183983). - PCI: vmd: Add offset to bus numbers if necessary (bsc#1183983). - PCI: vmd: Assign membar addresses from shadow registers (bsc#1183983). - PCI: vmd: Filter resource type bits from shadow register (bsc#1183983). - PCI: vmd: Fix config addressing when using bus offsets (bsc#1183983). - PCI: vmd: Fix shadow offsets to reflect spec changes (bsc#1183983). - SUNRPC: Fix the batch tasks count wraparound (git-fixes). - SUNRPC: Should wake up the privileged task firstly (git-fixes). - SUNRPC: improve error response to over-size gss credential (bsc#1190022). - USB: serial: ch341: fix character loss at high transfer rates (git-fixes). - USB: serial: ftdi_sio: add device ID for Auto-M3 OP-COM v2 (git-fixes). - USB: serial: option: add Telit FD980 composition 0x1056 (git-fixes). - USB: usbtmc: Fix RCU stall warning (git-fixes). - USB:ehci:fix Kunpeng920 ehci hardware problem (git-fixes). - arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback (git-fixes). - ath6kl: wmi: fix an error code in ath6kl_wmi_sync_point() (git-fixes). - ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (git-fixes). - bcma: Fix memory leak for internally-handled cores (git-fixes). - bdi: Do not use freezable workqueue (bsc#1189573). - blk-mq-sched: Fix blk_mq_sched_alloc_tags() error handling (bsc#1189506). - block: fix trace completion for chained bio (bsc#1189505). - can: usb: esd_usb2: esd_usb2_rx_event(): fix the interchange of the CAN RX and TX error counters (git-fixes). - cifs: Remove unused inline function is_sysvol_or_netlogon() (bsc#1185902). - cifs: avoid starvation when refreshing dfs cache (bsc#1185902). - cifs: constify get_normalized_path() properly (bsc#1185902). - cifs: do not cargo-cult strndup() (bsc#1185902). - cifs: do not send tree disconnect to ipc shares (bsc#1185902). - cifs: do not share tcp servers with dfs mounts (bsc#1185902). - cifs: do not share tcp sessions of dfs connections (bsc#1185902). - cifs: fix check of dfs interlinks (bsc#1185902). - cifs: fix path comparison and hash calc (bsc#1185902). - cifs: get rid of @noreq param in __dfs_cache_find() (bsc#1185902). - cifs: handle different charsets in dfs cache (bsc#1185902). - cifs: keep referral server sessions alive (bsc#1185902). - cifs: missing null pointer check in cifs_mount (bsc#1185902). - cifs: prevent NULL deref in cifs_compose_mount_options() (bsc#1185902). - cifs: set a minimum of 2 minutes for refreshing dfs cache (bsc#1185902). - clk: stm32f4: fix post divisor setup for I2S/SAI PLLs (git-fixes). - crypto: ccp - Annotate SEV Firmware file names (bsc#1189268). - crypto: nx - Fix RCU warning in nx842_OF_upd_status (git-fixes). - crypto: nx - Fix memcpy() over-reading in nonce (git-fixes). - crypto: talitos - Do not modify req->cryptlen on decryption (git-fixes). - crypto: talitos - fix ECB algs ivsize (git-fixes). - crypto: ux500 - Fix error return code in hash_hw_final() (git-fixes). - dm btree remove: assign new_root only when removal succeeds (git fixes). - dm cache metadata: Avoid returning cmd->bm wild pointer on error (git fixes). - dm era: Fix bitset memory leaks (git fixes). - dm era: Recover committed writeset after crash (git fixes). - dm era: Reinitialize bitset cache before digesting a new writeset (git fixes). - dm era: Use correct value size in equality function of writeset tree (git fixes). - dm era: Verify the data block size hasn't changed (git fixes). - dm era: only resize metadata in preresume (git fixes). - dm ioctl: fix error return code in target_message (git fixes). - dm ioctl: fix out of bounds array access when no devices (git fixes). - dm persistent data: packed struct should have an aligned() attribute too (git fixes). - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails (git fixes). - dm snapshot: fix crash with transient storage and zero chunk size (git fixes). - dm snapshot: flush merged data before committing metadata (git fixes). - dm snapshot: properly fix a crash when an origin has no snapshots (git fixes). - dm space map common: fix division bug in sm_ll_find_free_block() (git fixes). - dm table: fix iterate_devices based device capability checks (git fixes). - dm thin metadata: Avoid returning cmd->bm wild pointer on error (git fixes). - dm verity: fix DM_VERITY_OPTS_MAX value (git-fixes). - dm writecache: fix the maximum number of arguments (git-fixes). - dm writecache: handle DAX to partitions on persistent memory correctly (git-fixes). - dm writecache: remove BUG() and fail gracefully instead (git-fixes). - dm zoned: select CONFIG_CRC32 (git-fixes). - dm: eliminate potential source of excessive kernel log noise (git fixes). - dm: remove invalid sparse __acquires and __releases annotations (git-fixes). - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a transaction handle (bsc#1189568). - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit (bsc#1189564). - ext4: fix avefreec in find_group_orlov (bsc#1189566). - ext4: fix kernel infoleak via ext4_extent_header (bsc#1189562). - ext4: remove check for zero nr_to_scan in ext4_es_scan() (bsc#1189565). - ext4: use ext4_grp_locked_error in mb_find_extent (bsc#1189567). - ftgmac100: Restart MAC HW once (git-fixes). - i2c: dev: zero out array used for i2c reads from userspace (git-fixes). - i2c: highlander: add IRQ check (git-fixes). - i2c: iop3xx: fix deferred probing (git-fixes). - i2c: mt65xx: fix IRQ check (git-fixes). - i2c: s3c2410: fix IRQ check (git-fixes). - i40e: Fix Error I40E_AQ_RC_EINVAL when removing VFs (git-fixes). - iio: adc: Fix incorrect exit of for-loop (git-fixes). - iio: humidity: hdc100x: Add margin to the conversion time (git-fixes). - iommu/amd: Fix extended features logging (bsc#1189269). - iommu/arm-smmu-v3: add bit field SFM into GERROR_ERR_MASK (bsc#1189270). - iommu/vt-d: Define counter explicitly as unsigned int (bsc#1189271). - iommu/vt-d: Fix sysfs leak in alloc_iommu() (bsc#1189272). - kABI: Fix kABI after fixing vcpu-id indexed arrays (git-fixes). - kABI: s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC#193818). - mac80211: Fix insufficient headroom issue for AMSDU (git-fixes). - md/raid10: properly indicate failure when ending a failed write request (git-fixes). - media: go7007: fix memory leak in go7007_usb_probe (git-fixes). - media: rtl28xxu: fix zero-length control request (git-fixes). - memcg: enable accounting for file lock caches (bsc#1190115). - mm, vmscan: guarantee drop_slab_node() termination (VM Functionality, bsc#1189301). - mm/memory-failure: unnecessary amount of unmapping (bsc#1189640). - mm/memory.c: do_fault: avoid usage of stale vm_area_struct (bsc#1136513). - mm/rmap: fix potential pte_unmap on an not mapped pte (git-fixes). - mm/thp: unmap_mapping_page() to fix THP truncate_cleanup_page() (bsc#1189569). - mm/vmscan: fix infinite loop in drop_slab_node (VM Performance, bsc#1189301). - mm: vmscan: scan anonymous pages on file refaults (VM Performance, bsc#1183050). - mmc: dw_mmc: Fix issue with uninitialized dma_slave_config (git-fixes). - mmc: moxart: Fix issue with uninitialized dma_slave_config (git-fixes). - net: lapbether: Remove netif_start_queue / netif_stop_queue (git-fixes). - net: mvpp2: Add TCAM entry to drop flow control pause frames (git-fixes). - net: mvpp2: prs: fix PPPoE with ipv6 packet parse (git-fixes). - net: stmmac: use netif_tx_start\|stop_all_queues() function (git-fixes). - net: usb: Merge cpu_to_le32s + memcpy to put_unaligned_le32 (git-fixes). - net: usb: ax88179_178a: remove redundant assignment to variable ret (git-fixes). - nfs: fix acl memory leak of posix_acl_create() (git-fixes). - nvme-fc: avoid calling _nvme_fc_abort_outstanding_ios from interrupt context (bsc#1187076). - nvme-fc: convert assoc_active flag to bit op (bsc#1187076). - nvme-fc: eliminate terminate_io use by nvme_fc_error_recovery (bsc#1187076). - nvme-fc: fix double-free scenarios on hw queues (bsc#1187076). - nvme-fc: fix io timeout to abort I/O (bsc#1187076). - nvme-fc: fix racing controller reset and create association (bsc#1187076). - nvme-fc: remove err_work work item (bsc#1187076). - nvme-fc: remove nvme_fc_terminate_io() (bsc#1187076). - nvme-fc: track error_recovery while connecting (bsc#1187076). - ocfs2: fix snprintf() checking (bsc#1189581). - ocfs2: fix zero out valid data (bsc#1189579). - ocfs2: issue zeroout to EOF blocks (bsc#1189582). - ocfs2: ocfs2_downconvert_lock failure results in deadlock (bsc#1188439). - overflow: Correct check_shl_overflow() comment (git-fixes). - overflow: Include header file with SIZE_MAX declaration (git-fixes). - ovl: check whiteout in ovl_create_over_whiteout() (bsc#1189846). - ovl: filter of trusted xattr results in audit (bsc#1189846). - ovl: fix dentry leak in ovl_get_redirect (bsc#1189846). - ovl: initialize error in ovl_copy_xattr (bsc#1189846). - ovl: relax WARN_ON() on rename to self (bsc#1189846). - pcmcia: i82092: fix a null pointer dereference bug (git-fixes). - power: supply: max17042: handle fails of reading status register (git-fixes). - powerpc/pseries: Fix update of LPAR security flavor after LPM (bsc#1188885 ltc#193722 git-fixes). - qlcnic: Fix error code in probe (git-fixes). - r8152: Fix potential PM refcount imbalance (git-fixes). - readdir: make sure to verify directory entry for legacy interfaces too (bsc#1189639). - regulator: rt5033: Fix n_voltages settings for BUCK and LDO (git-fixes). - s390/ap: Fix hanging ioctl caused by wrong msg counter (bsc#1188982 LTC#193818). - scsi: core: Add scsi_prot_ref_tag() helper (bsc#1189392). - scsi: ibmvfc: Do not wait for initial device scan (bsc#1127650). - scsi: libfc: Fix array index out of bound exception (bsc#1188616). - scsi: lpfc: Add 256 Gb link speed support (bsc#1189385). - scsi: lpfc: Add PCI ID support for LPe37000/LPe38000 series adapters (bsc#1189385). - scsi: lpfc: Call discovery state machine when handling PLOGI/ADISC completions (bsc#1189385). - scsi: lpfc: Clear outstanding active mailbox during PCI function reset (bsc#1189385). - scsi: lpfc: Copyright updates for 12.8.0.11 patches (bsc#1189385). - scsi: lpfc: Copyright updates for 14.0.0.0 patches (bsc#1189385). - scsi: lpfc: Delay unregistering from transport until GIDFT or ADISC completes (bsc#1189385). - scsi: lpfc: Discovery state machine fixes for LOGO handling (bsc#1189385). - scsi: lpfc: Enable adisc discovery after RSCN by default (bsc#1189385). - scsi: lpfc: Fix KASAN slab-out-of-bounds in lpfc_unreg_rpi() routine (bsc#1189385). - scsi: lpfc: Fix NULL ptr dereference with NPIV ports for RDF handling (bsc#1189385). - scsi: lpfc: Fix NVMe support reporting in log message (bsc#1189385). - scsi: lpfc: Fix cq_id truncation in rq create (bsc#1189385). - scsi: lpfc: Fix memory leaks in error paths while issuing ELS RDF/SCR request (bsc#1189385). - scsi: lpfc: Fix possible ABBA deadlock in nvmet_xri_aborted() (bsc#1189385). - scsi: lpfc: Fix target reset handler from falsely returning FAILURE (bsc#1189385). - scsi: lpfc: Improve firmware download logging (bsc#1189385). - scsi: lpfc: Keep NDLP reference until after freeing the IOCB after ELS handling (bsc#1189385). - scsi: lpfc: Move initialization of phba->poll_list earlier to avoid crash (git-fixes). - scsi: lpfc: Remove REG_LOGIN check requirement to issue an ELS RDF (bsc#1189385). - scsi: lpfc: Remove redundant assignment to pointer pcmd (bsc#1189385). - scsi: lpfc: Remove use of kmalloc() in trace event logging (bsc#1189385). - scsi: lpfc: Revise Topology and RAS support checks for new adapters (bsc#1189385). - scsi: lpfc: Skip issuing ADISC when node is in NPR state (bsc#1189385). - scsi: lpfc: Skip reg_vpi when link is down for SLI3 in ADISC cmpl path (bsc#1189385). - scsi: lpfc: Update lpfc version to 12.8.0.11 (bsc#1189385). - scsi: lpfc: Update lpfc version to 14.0.0.0 (bsc#1189385). - scsi: lpfc: Use PBDE feature enabled bit to determine PBDE support (bsc#1189385). - scsi: lpfc: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189385). - scsi: qla2xxx: Add heartbeat check (bsc#1189392). - scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (bsc#1189392). - scsi: qla2xxx: Fix spelling mistakes 'allloc' -> 'alloc' (bsc#1189384). - scsi: qla2xxx: Fix use after free in debug code (bsc#1189384). - scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (bsc#1189392). - scsi: qla2xxx: Remove duplicate declarations (bsc#1189392). - scsi: qla2xxx: Remove redundant assignment to rval (bsc#1189392). - scsi: qla2xxx: Remove redundant continue statement in a for-loop (bsc#1189392). - scsi: qla2xxx: Remove redundant initialization of variable num_cnt (bsc#1189384). - scsi: qla2xxx: Remove unused variable 'status' (bsc#1189392). - scsi: qla2xxx: Update version to 10.02.00.107-k (bsc#1189384). - scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (bsc#1189392). - scsi: qla2xxx: Use the proper SCSI midlayer interfaces for PI (bsc#1189392). - scsi: qla2xxx: edif: Add authentication pass + fail bsgs (bsc#1189384). - scsi: qla2xxx: edif: Add detection of secure device (bsc#1189384). - scsi: qla2xxx: edif: Add doorbell notification for app (bsc#1189384). - scsi: qla2xxx: edif: Add encryption to I/O path (bsc#1189384). - scsi: qla2xxx: edif: Add extraction of auth_els from the wire (bsc#1189384). - scsi: qla2xxx: edif: Add getfcinfo and statistic bsgs (bsc#1189384). - scsi: qla2xxx: edif: Add key update (bsc#1189384). - scsi: qla2xxx: edif: Add send, receive, and accept for auth_els (bsc#1189384). - scsi: qla2xxx: edif: Add start + stop bsgs (bsc#1189392). - scsi: qla2xxx: edif: Increment command and completion counts (bsc#1189384). - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (bsc#1189392). - serial: 8250: Mask out floating 16/32-bit bus bits (git-fixes). - spi: mediatek: Fix fifo transfer (git-fixes). - spi: spi-fsl-dspi: Fix issue with uninitialized dma_slave_config (git-fixes). - spi: spi-pic32: Fix issue with uninitialized dma_slave_config (git-fixes). - staging: rtl8723bs: Fix a resource leak in sd_int_dpc (git-fixes). - virtio_net: Fix error code in probe() (git-fixes). - writeback: fix obtain a reference to a freeing memcg css (bsc#1189577). - x86/fpu: Limit xstate copy size in xstateregs_set() (bsc#1114648). - x86/fpu: Make init_fpstate correct with optimized XSAVE (bsc#1114648). - x86/fpu: Reset state for all signal restore failures (bsc#1114648). - x86/kvm: fix vcpu-id indexed array sizes (git-fixes). - x86/signal: Detect and prevent an alternate signal stack overflow (bsc#1114648). - xen/events: Fix race in set_evtchn_to_irq (git-fixes).
Family:	unix	Class:	patch
Status:		Reference(s):	1040364 1065600 1066382 1082318 1093733 1094301 1101776 1101777 1101786 1101788 1101791 1101794 1101800 1101802 1101804 1101810 1106514 1108488 1111647 1114648 1117740 1121231 1121232 1121233 1121234 1121235 1123156 1127367 1127369 1127370 1127650 1129898 1131941 1131945 1133297 1133374 1133375 1136021 1136513 1141980 1149032 1150690 1156288 1158505 1159913 1160594 1160764 1161052 1161066 1161779 1163018 1163592 1163922 1164648 1165241 1165631 1165710 1165776 1166240 1166916 1170415 1170643 1170771 1170940 1171420 1171456 1171457 1171458 1172004 1172442 1172443 1173304 1174157 1174415 1175259 1175721 1175749 1176354 1177281 1177766 1177799 1177801 1178166 1178173 1178175 1178176 1178177 1178183 1178184 1178185 1178186 1178190 1178191 1178255 1178307 1178330 1178395 1183050 1183983 1185902 1185973 1187076 1187446 1188172 1188439 1188616 1188885 1188982 1188983 1188985 1189057 1189262 1189268 1189269 1189270 1189271 1189272 1189291 1189301 1189384 1189385 1189392 1189399 1189400 1189505 1189506 1189562 1189564 1189565 1189566 1189567 1189568 1189569 1189573 1189577 1189579 1189581 1189582 1189639 1189640 1189706 1189846 1190022 1190025 1190115 1190117 957624 CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 CVE-2018-12086 CVE-2018-14339 CVE-2018-14340 CVE-2018-14341 CVE-2018-14342 CVE-2018-14343 CVE-2018-14344 CVE-2018-14367 CVE-2018-14368 CVE-2018-14369 CVE-2018-14370 CVE-2018-16056 CVE-2018-16057 CVE-2018-16058 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227 CVE-2018-19622 CVE-2018-19623 CVE-2018-19624 CVE-2018-19625 CVE-2018-19626 CVE-2018-19627 CVE-2018-19628 CVE-2018-9517 CVE-2019-10894 CVE-2019-10895 CVE-2019-10896 CVE-2019-10897 CVE-2019-10898 CVE-2019-10899 CVE-2019-10900 CVE-2019-10901 CVE-2019-10902 CVE-2019-10903 CVE-2019-13619 CVE-2019-16319 CVE-2019-17639 CVE-2019-19553 CVE-2019-19727 CVE-2019-20382 CVE-2019-3688 CVE-2019-3690 CVE-2019-3874 CVE-2019-3900 CVE-2019-5108 CVE-2019-5716 CVE-2019-5717 CVE-2019-5718 CVE-2019-5719 CVE-2019-5721 CVE-2019-6778 CVE-2019-9208 CVE-2019-9209 CVE-2019-9214 CVE-2019-9928 CVE-2020-10957 CVE-2020-10958 CVE-2020-10967 CVE-2020-11080 CVE-2020-12243 CVE-2020-12693 CVE-2020-12770 CVE-2020-14059 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-15900 CVE-2020-1711 CVE-2020-1749 CVE-2020-1983 CVE-2020-25656 CVE-2020-25705 CVE-2020-3899 CVE-2020-7039 CVE-2020-7044 CVE-2020-7598 CVE-2020-8013 CVE-2020-8174 CVE-2020-8608 CVE-2020-8694 CVE-2020-9428 CVE-2020-9429 CVE-2020-9430 CVE-2020-9431 CVE-2021-33813 CVE-2021-34556 CVE-2021-35477 CVE-2021-3640 CVE-2021-3653 CVE-2021-3656 CVE-2021-3679 CVE-2021-3732 CVE-2021-3753 CVE-2021-3759 CVE-2021-38160 CVE-2021-38198 CVE-2021-38204 SUSE-SU-2020:0693-1 SUSE-SU-2020:1163-1 SUSE-SU-2020:1198-1 SUSE-SU-2020:1219-1 SUSE-SU-2020:1300-1 SUSE-SU-2020:1379-1 SUSE-SU-2020:1396-2 SUSE-SU-2020:1523-1 SUSE-SU-2020:1576-1 SUSE-SU-2020:1769-1 SUSE-SU-2020:2095-1 SUSE-SU-2020:2453-1 SUSE-SU-2020:2602-1 SUSE-SU-2020:3273-1 SUSE-SU-2021:2293-1 SUSE-SU-2021:3206-1
Platform(s):	SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Desktop 15 SP2 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise Live Patching 12 SP5 SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 11 SP1-LTSS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP2-LTSS SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Storage 7 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Server 4.1	Product(s):
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 is installed AND kernel-zfcpdump-3.12.39-47 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND kernel-zfcpdump-3.12.51-60.20 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND Package Information ghostscript-mini-9.15-17 is installed OR ghostscript-mini-devel-9.15-17 is installed
Definition Synopsis
SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND kernel-zfcpdump-4.4.92-6.18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information MozillaFirefox-31.1.0esr-1 is installed OR MozillaFirefox-translations-31.1.0esr-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND clamav-0.98.7-13 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND ft2demos-2.6.3-7.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Development Tools 15 SP2 is installed AND jdom2-2.0.6-3.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise for SAP 12 is installed AND Package Information kgraft-patch-3_12_51-52_31-default-5-2.2 is installed OR kgraft-patch-3_12_51-52_31-xen-5-2.2 is installed OR kgraft-patch-SLE12_Update_9-5-2.2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise High Performance Computing 15-ESPOS is installed AND libldap-2_4-2-2.4.46-9.28 is installed OR libldap-2_4-2-32bit-2.4.46-9.28 is installed OR libldap-data-2.4.46-9.28 is installed OR openldap2-2.4.46-9.28 is installed OR openldap2-client-2.4.46-9.28 is installed OR openldap2-devel-2.4.46-9.28 is installed OR openldap2-devel-32bit-2.4.46-9.28 is installed OR openldap2-devel-static-2.4.46-9.28 is installed OR openldap2-ppolicy-check-password-1.2-9.28 is installed OR Package Information SUSE Linux Enterprise High Performance Computing 15-LTSS is installed AND libldap-2_4-2-2.4.46-9.28 is installed OR libldap-2_4-2-32bit-2.4.46-9.28 is installed OR libldap-data-2.4.46-9.28 is installed OR openldap2-2.4.46-9.28 is installed OR openldap2-client-2.4.46-9.28 is installed OR openldap2-devel-2.4.46-9.28 is installed OR openldap2-devel-32bit-2.4.46-9.28 is installed OR openldap2-devel-static-2.4.46-9.28 is installed OR openldap2-ppolicy-check-password-1.2-9.28 is installed
Definition Synopsis
SUSE Linux Enterprise Live Patching 12 SP5 is installed AND Package Information kernel-default-kgraft-4.12.14-122.88.1 is installed OR kernel-default-kgraft-devel-4.12.14-122.88.1 is installed OR kgraft-patch-4_12_14-122_88-default-1-8.5.1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Legacy Software 12 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr16.25-34 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr16.25-34 is installed OR java-1_6_0-ibm-jdbc-1.6.0_sr16.25-34 is installed OR java-1_6_0-ibm-plugin-1.6.0_sr16.25-34 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_7-default-8-2 is installed OR kernel-livepatch-SLE15-SP1_Update_2-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND Package Information kernel-default-5.3.18-24.37 is installed OR kernel-default-livepatch-5.3.18-24.37 is installed OR kernel-default-livepatch-devel-5.3.18-24.37 is installed OR kernel-livepatch-5_3_18-24_37-default-1-5.3 is installed OR kernel-livepatch-SLE15-SP2_Update_7-1-5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.38-44 is installed OR kernel-ec2-devel-3.12.38-44 is installed OR kernel-ec2-extra-3.12.38-44 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-59 is installed OR php5-5.5.14-59 is installed OR php5-bcmath-5.5.14-59 is installed OR php5-bz2-5.5.14-59 is installed OR php5-calendar-5.5.14-59 is installed OR php5-ctype-5.5.14-59 is installed OR php5-curl-5.5.14-59 is installed OR php5-dba-5.5.14-59 is installed OR php5-dom-5.5.14-59 is installed OR php5-enchant-5.5.14-59 is installed OR php5-exif-5.5.14-59 is installed OR php5-fastcgi-5.5.14-59 is installed OR php5-fileinfo-5.5.14-59 is installed OR php5-fpm-5.5.14-59 is installed OR php5-ftp-5.5.14-59 is installed OR php5-gd-5.5.14-59 is installed OR php5-gettext-5.5.14-59 is installed OR php5-gmp-5.5.14-59 is installed OR php5-iconv-5.5.14-59 is installed OR php5-intl-5.5.14-59 is installed OR php5-json-5.5.14-59 is installed OR php5-ldap-5.5.14-59 is installed OR php5-mbstring-5.5.14-59 is installed OR php5-mcrypt-5.5.14-59 is installed OR php5-mysql-5.5.14-59 is installed OR php5-odbc-5.5.14-59 is installed OR php5-opcache-5.5.14-59 is installed OR php5-openssl-5.5.14-59 is installed OR php5-pcntl-5.5.14-59 is installed OR php5-pdo-5.5.14-59 is installed OR php5-pear-5.5.14-59 is installed OR php5-pgsql-5.5.14-59 is installed OR php5-phar-5.5.14-59 is installed OR php5-posix-5.5.14-59 is installed OR php5-pspell-5.5.14-59 is installed OR php5-shmop-5.5.14-59 is installed OR php5-snmp-5.5.14-59 is installed OR php5-soap-5.5.14-59 is installed OR php5-sockets-5.5.14-59 is installed OR php5-sqlite-5.5.14-59 is installed OR php5-suhosin-5.5.14-59 is installed OR php5-sysvmsg-5.5.14-59 is installed OR php5-sysvsem-5.5.14-59 is installed OR php5-sysvshm-5.5.14-59 is installed OR php5-tokenizer-5.5.14-59 is installed OR php5-wddx-5.5.14-59 is installed OR php5-xmlreader-5.5.14-59 is installed OR php5-xmlrpc-5.5.14-59 is installed OR php5-xmlwriter-5.5.14-59 is installed OR php5-xsl-5.5.14-59 is installed OR php5-zip-5.5.14-59 is installed OR php5-zlib-5.5.14-59 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP1-LTSS is installed AND Package Information MozillaFirefox-10.0.12-0.4.3 is installed OR MozillaFirefox-branding-SLED-7-0.6.7.103 is installed OR MozillaFirefox-translations-10.0.12-0.4.3 is installed OR libfreebl3-3.14.1-0.3.1 is installed OR libfreebl3-32bit-3.14.1-0.3.1 is installed OR mozilla-nspr-4.9.4-0.3.1 is installed OR mozilla-nspr-32bit-4.9.4-0.3.1 is installed OR mozilla-nss-3.14.1-0.3.1 is installed OR mozilla-nss-32bit-3.14.1-0.3.1 is installed OR mozilla-nss-tools-3.14.1-0.3.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information pam_mount-0.47-13.16.1 is installed OR pam_mount-32bit-0.47-13.16.1 is installed OR pam_mount-x86-0.47-13.16.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 is installed AND Package Information libXcursor1-1.1.14-3 is installed OR libXcursor1-32bit-1.1.14-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_perl-2.0.8-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information MozillaFirefox-45.4.0esr-81.1 is installed OR MozillaFirefox-translations-45.4.0esr-81.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 15-LTSS is installed AND permissions-20180125-3.21 is installed
Definition Synopsis
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information fetchmail-6.3.26-12 is installed OR fetchmailconf-6.3.26-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.2-3.54 is installed OR libwebkit2gtk-4_0-37-2.28.2-3.54 is installed OR libwebkit2gtk3-lang-2.28.2-3.54 is installed OR webkit2gtk-4_0-injected-bundles-2.28.2-3.54 is installed OR webkit2gtk3-2.28.2-3.54 is installed OR webkit2gtk3-devel-2.28.2-3.54 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information libvirt-devel-0.9.6-0.29.1 is installed OR libvirt-devel-32bit-0.9.6-0.29.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information mozilla-nspr-4.10.8-0.8.1 is installed OR mozilla-nspr-devel-4.10.8-0.8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information ImageMagick-6.8.8.1-5 is installed OR ImageMagick-devel-6.8.8.1-5 is installed OR libMagick++-6_Q16-3-6.8.8.1-5 is installed OR libMagick++-devel-6.8.8.1-5 is installed OR perl-PerlMagick-6.8.8.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND MozillaFirefox-devel-38.4.0esr-51 is installed
Definition Synopsis
SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information bind-9.9.9P1-49.1 is installed OR bind-devel-9.9.9P1-49.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information finch-2.10.9-8.1 is installed OR libpurple-2.10.9-8.1 is installed OR libpurple-lang-2.10.9-8.1 is installed OR libpurple-meanwhile-2.10.9-8.1 is installed OR libpurple-tcl-2.10.9-8.1 is installed OR pidgin-2.10.9-8.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information flash-player-11.2.202.554-114.1 is installed OR flash-player-gnome-11.2.202.554-114.1 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND gnome-shell-calendar-3.20.4-76 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 is installed AND Package Information MozillaThunderbird-52.9.1-3.7 is installed OR MozillaThunderbird-devel-52.9.1-3.7 is installed OR MozillaThunderbird-translations-common-52.9.1-3.7 is installed OR MozillaThunderbird-translations-other-52.9.1-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.4 is installed OR kernel-default-extra-4.12.14-197.4 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP2 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncclient0-0.9.10-4.22 is installed OR libvncserver0-0.9.10-4.22 is installed

BACK