OVAL Reference oval:org.opensuse.security:def:51677

Oval Definition:

oval:org.opensuse.security:def:51677

Revision Date:	2021-10-18	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
Description:	This update for the Linux Kernel 4.4.180-94_147 fixes several issues. The following security issues were fixed: - CVE-2021-3715: Fixed a user-after-free in the Linux kernel's Traffic Control networking subsystem which could lead to local privilege escalation. (bsc#1190350). - CVE-2021-38160: Fixed a bug that could lead to a data corruption or loss. This can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190118) - CVE-2021-3640: Fixed a user-after-free bug in the function sco_sock_sendmsg which could lead to local privilege escalation. (bsc#1188613) - CVE-2021-3573: Fixed a user-after-free bug in the function hci_sock_bound_ioctl which could lead to local privilege escalation. (bsc#1187054).
Family:	unix	Class:	patch
Status:		Reference(s):	1051510 1054914 1055117 1061840 1065600 1065729 1071995 1082555 1100397 1104967 1108554 1108753 1109158 1113722 1114279 1117951 1118913 1119086 1121571 1121816 1121818 1121821 1123034 1123886 1127988 1131304 1133035 1137069 1137865 1137959 1140155 1141013 1141122 1142076 1142635 1146042 1146519 1146540 1146664 1148133 1148712 1148868 1149313 1149446 1149555 1149651 1150381 1150423 1151350 1151610 1151667 1151680 1151891 1151955 1152024 1152025 1152026 1152161 1152325 1152457 1152460 1152466 1152972 1152974 1152975 1157119 1160673 1160922 1169679 1169748 1171441 1171443 1171444 1171445 1171446 1171447 1171474 1173247 1173477 1173605 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 1174200 1175568 1187054 1188613 1190118 1190350 CVE-2008-4989 CVE-2010-0624 CVE-2011-1946 CVE-2011-4128 CVE-2012-0390 CVE-2012-1569 CVE-2012-1573 CVE-2013-1989 CVE-2013-2066 CVE-2014-0092 CVE-2014-1959 CVE-2014-2977 CVE-2014-2978 CVE-2014-3466 CVE-2016-1521 CVE-2016-1523 CVE-2016-1526 CVE-2017-18595 CVE-2017-18922 CVE-2018-0737 CVE-2018-17082 CVE-2018-20685 CVE-2018-21247 CVE-2019-14821 CVE-2019-15291 CVE-2019-18904 CVE-2019-20839 CVE-2019-20840 CVE-2019-3902 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2019-9506 CVE-2020-11017 CVE-2020-11018 CVE-2020-11019 CVE-2020-11038 CVE-2020-11039 CVE-2020-11040 CVE-2020-11041 CVE-2020-11043 CVE-2020-11085 CVE-2020-11086 CVE-2020-11087 CVE-2020-11088 CVE-2020-11089 CVE-2020-11095 CVE-2020-11096 CVE-2020-11097 CVE-2020-11098 CVE-2020-11099 CVE-2020-11521 CVE-2020-11522 CVE-2020-11523 CVE-2020-11524 CVE-2020-11525 CVE-2020-11526 CVE-2020-13396 CVE-2020-13397 CVE-2020-13398 CVE-2020-14397 CVE-2020-14398 CVE-2020-14399 CVE-2020-14400 CVE-2020-14401 CVE-2020-14402 CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-8027 CVE-2021-3573 CVE-2021-3640 CVE-2021-3715 CVE-2021-38160 SUSE-SU-2018:3016-1 SUSE-SU-2019:0126-1 SUSE-SU-2019:0197-1 SUSE-SU-2019:2706-1 SUSE-SU-2019:3212-1 SUSE-SU-2020:0278-1 SUSE-SU-2020:1709-1 SUSE-SU-2020:1922-1 SUSE-SU-2020:2032-1 SUSE-SU-2020:2712-2
Platform(s):	openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SUSE Linux Enterprise Module for Public Cloud 15 SP1 SUSE Linux Enterprise Module for Python2 packages 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND chrony-3.2-lp150.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information flash-player-11.2.202.336-0.3 is installed OR flash-player-gnome-11.2.202.336-0.3 is installed OR flash-player-kde4-11.2.202.336-0.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information xorg-x11-libXext-7.4-1.18 is installed OR xorg-x11-libXext-32bit-7.4-1.18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND sblim-sfcb-1.3.11-0.25 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information gnutls-3.2.15-1 is installed OR libgnutls28-3.2.15-1 is installed OR libgnutls28-32bit-3.2.15-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-32bit-1.7.1-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libXv1-1.0.10-3 is installed OR libXv1-32bit-1.0.10-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information emacs-24.3-19 is installed OR emacs-info-24.3-19 is installed OR emacs-x11-24.3-19 is installed OR etags-24.3-19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information colord-1.3.3-12 is installed OR colord-gtk-lang-0.1.26-6 is installed OR colord-lang-1.3.3-12 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information LibVNCServer-0.9.10-4.22 is installed OR libvncserver0-0.9.10-4.22 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 is installed AND Package Information libopenssl-1_1-devel-32bit-1.1.0i-4.18 is installed OR openssl-1_1-1.1.0i-4.18 is installed OR openssl-1_1-doc-1.1.0i-4.18 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Public Cloud 15 SP1 is installed AND Package Information rmt-server-2.5.2-3.9 is installed OR rmt-server-pubcloud-2.5.2-3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed AND mercurial-4.5.2-3.9 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information openssh-7.6p1-9.13 is installed OR openssh-fips-7.6p1-9.13 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information postgresql-10-8.3 is installed OR postgresql-contrib-10-8.3 is installed OR postgresql-devel-10-8.3 is installed OR postgresql-docs-10-8.3 is installed OR postgresql-plperl-10-8.3 is installed OR postgresql-plpython-10-8.3 is installed OR postgresql-pltcl-10-8.3 is installed OR postgresql-server-10-8.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Web Scripting 15 is installed AND Package Information apache2-mod_php7-7.2.5-4.12 is installed OR php7-7.2.5-4.12 is installed OR php7-bcmath-7.2.5-4.12 is installed OR php7-bz2-7.2.5-4.12 is installed OR php7-calendar-7.2.5-4.12 is installed OR php7-ctype-7.2.5-4.12 is installed OR php7-curl-7.2.5-4.12 is installed OR php7-dba-7.2.5-4.12 is installed OR php7-devel-7.2.5-4.12 is installed OR php7-dom-7.2.5-4.12 is installed OR php7-enchant-7.2.5-4.12 is installed OR php7-exif-7.2.5-4.12 is installed OR php7-fastcgi-7.2.5-4.12 is installed OR php7-fileinfo-7.2.5-4.12 is installed OR php7-fpm-7.2.5-4.12 is installed OR php7-ftp-7.2.5-4.12 is installed OR php7-gd-7.2.5-4.12 is installed OR php7-gettext-7.2.5-4.12 is installed OR php7-gmp-7.2.5-4.12 is installed OR php7-iconv-7.2.5-4.12 is installed OR php7-intl-7.2.5-4.12 is installed OR php7-json-7.2.5-4.12 is installed OR php7-ldap-7.2.5-4.12 is installed OR php7-mbstring-7.2.5-4.12 is installed OR php7-mysql-7.2.5-4.12 is installed OR php7-odbc-7.2.5-4.12 is installed OR php7-opcache-7.2.5-4.12 is installed OR php7-openssl-7.2.5-4.12 is installed OR php7-pcntl-7.2.5-4.12 is installed OR php7-pdo-7.2.5-4.12 is installed OR php7-pear-7.2.5-4.12 is installed OR php7-pear-Archive_Tar-7.2.5-4.12 is installed OR php7-pgsql-7.2.5-4.12 is installed OR php7-phar-7.2.5-4.12 is installed OR php7-posix-7.2.5-4.12 is installed OR php7-shmop-7.2.5-4.12 is installed OR php7-snmp-7.2.5-4.12 is installed OR php7-soap-7.2.5-4.12 is installed OR php7-sockets-7.2.5-4.12 is installed OR php7-sqlite-7.2.5-4.12 is installed OR php7-sysvmsg-7.2.5-4.12 is installed OR php7-sysvsem-7.2.5-4.12 is installed OR php7-sysvshm-7.2.5-4.12 is installed OR php7-tokenizer-7.2.5-4.12 is installed OR php7-wddx-7.2.5-4.12 is installed OR php7-xmlreader-7.2.5-4.12 is installed OR php7-xmlrpc-7.2.5-4.12 is installed OR php7-xmlwriter-7.2.5-4.12 is installed OR php7-xsl-7.2.5-4.12 is installed OR php7-zip-7.2.5-4.12 is installed OR php7-zlib-7.2.5-4.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libQt5Core5-5.3.2-1 is installed OR libQt5DBus5-5.3.2-1 is installed OR libQt5Gui5-5.3.2-1 is installed OR libQt5Widgets5-5.3.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-firmware-20160516git-10.13 is installed OR ucode-amd-20160516git-10.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND kdump-0.8.15-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.46 is installed OR libopenssl1_0_0-1.0.2j-60.46 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed OR openssl-1.0.2j-60.46 is installed OR openssl-doc-1.0.2j-60.46 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180425-13.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_32-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_11-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND kgraft-patch-4_4_180-94_147-default-4-2.1 is installed
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information libldap-2_4-2-2.4.46-9.37 is installed OR libldap-2_4-2-32bit-2.4.46-9.37 is installed OR libldap-data-2.4.46-9.37 is installed OR openldap2-2.4.46-9.37 is installed OR openldap2-back-meta-2.4.46-9.37 is installed OR openldap2-back-perl-2.4.46-9.37 is installed OR openldap2-client-2.4.46-9.37 is installed OR openldap2-devel-2.4.46-9.37 is installed OR openldap2-devel-32bit-2.4.46-9.37 is installed OR openldap2-devel-static-2.4.46-9.37 is installed OR openldap2-ppolicy-check-password-1.2-9.37 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information freerdp-2.1.2-10.15 is installed OR freerdp-devel-2.1.2-10.15 is installed OR libfreerdp2-2.1.2-10.15 is installed OR libwinpr2-2.1.2-10.15 is installed OR winpr2-devel-2.1.2-10.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND cobbler-2.6.6-49.9 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed

BACK