Oval Definition:oval:org.opensuse.security:def:52663
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-25_13 fixes several issues.

The following security issues were fixed:

- CVE-2018-10938: It was found that a crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system an attacker could leverage this flaw (bsc#1106191). - CVE-2018-15471: It was found that the netback driver allowed frontends to control mapping of requests to request queues. When processing a request to set or change this mapping, some input validation (e.g., for an integer overflow) was missing or flawed, leading to OOB access in hash handling. A malicious or buggy frontend may caused the (usually privileged) backend to make out of bounds memory accesses, potentially resulting in one or more of privilege escalation, Denial of Service (DoS), or information leaks (bsc#1105026). - CVE-2018-10853: It was found that the KVM hypervisor emulated instructions did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest (bsc#1097108).
Family:unixClass:patch
Status:Reference(s):1097108
1103203
1105026
1106191
1144903
1153108
1153158
1153161
851603
853040
860441
862957
863526
870498
873228
874025
877622
879179
879255
880767
880892
881085
883139
887046
887382
887418
889295
889297
891259
891619
892254
892612
892650
892860
893454
894057
894863
895221
895387
895468
895680
895983
896391
897101
897736
897770
897912
898234
898297
899192
899489
899551
899785
899787
899908
900126
901090
901774
901809
901924
901925
902010
902016
902346
902893
902898
903279
903307
904013
904077
904115
904354
904871
905087
905100
905296
905758
905772
907818
908184
909077
910251
910697
911363
929678
931698
933898
933911
934487
934489
934491
934493
CVE-2009-0799
CVE-2009-0800
CVE-2009-1179
CVE-2009-1180
CVE-2009-1181
CVE-2009-1182
CVE-2009-1183
CVE-2009-1187
CVE-2009-1188
CVE-2009-1273
CVE-2009-3607
CVE-2009-3608
CVE-2009-5029
CVE-2011-1145
CVE-2012-0786
CVE-2012-4412
CVE-2013-0242
CVE-2013-1788
CVE-2013-1789
CVE-2013-1790
CVE-2013-1914
CVE-2013-2207
CVE-2013-4237
CVE-2013-4332
CVE-2013-4458
CVE-2013-4473
CVE-2013-4474
CVE-2013-6405
CVE-2013-6435
CVE-2013-7423
CVE-2014-0475
CVE-2014-3185
CVE-2014-3610
CVE-2014-3611
CVE-2014-3647
CVE-2014-3673
CVE-2014-3707
CVE-2014-4043
CVE-2014-4910
CVE-2014-5119
CVE-2014-6040
CVE-2014-6272
CVE-2014-7817
CVE-2014-7826
CVE-2014-7841
CVE-2014-8118
CVE-2014-8121
CVE-2014-8133
CVE-2014-8150
CVE-2014-9090
CVE-2014-9322
CVE-2014-9402
CVE-2015-1472
CVE-2015-1781
CVE-2015-1788
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
CVE-2015-3216
CVE-2015-4000
CVE-2016-9445
CVE-2016-9446
CVE-2016-9809
CVE-2016-9812
CVE-2016-9813
CVE-2017-5843
CVE-2017-5848
CVE-2017-7467
CVE-2017-7500
CVE-2017-7501
CVE-2018-10853
CVE-2018-10938
CVE-2018-15471
CVE-2019-10220
CVE-2019-17133
SUSE-SU-2015:1150-1
SUSE-SU-2018:2935-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • coreutils-8.29-lp150.2 is installed
  • OR coreutils-lang-8.29-lp150.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • flash-player-11.2.202.521-0.17 is installed
  • OR flash-player-gnome-11.2.202.521-0.17 is installed
  • OR flash-player-kde4-11.2.202.521-0.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • flash-player-11.2.202.540-0.23 is installed
  • OR flash-player-gnome-11.2.202.540-0.23 is installed
  • OR flash-player-kde4-11.2.202.540-0.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND libaugeas0-1.2.0-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • glibc-2.19-31 is installed
  • OR glibc-32bit-2.19-31 is installed
  • OR glibc-devel-2.19-31 is installed
  • OR glibc-devel-32bit-2.19-31 is installed
  • OR glibc-i18ndata-2.19-31 is installed
  • OR glibc-locale-2.19-31 is installed
  • OR glibc-locale-32bit-2.19-31 is installed
  • OR nscd-2.19-31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • unixODBC-2.3.4-6 is installed
  • OR unixODBC-32bit-2.3.4-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND libevent-2_0-5-2.0.21-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • gstreamer-plugins-bad-1.8.3-17 is installed
  • OR gstreamer-plugins-bad-lang-1.8.3-17 is installed
  • OR libgstadaptivedemux-1_0-0-1.8.3-17 is installed
  • OR libgstbadaudio-1_0-0-1.8.3-17 is installed
  • OR libgstbadbase-1_0-0-1.8.3-17 is installed
  • OR libgstbadvideo-1_0-0-1.8.3-17 is installed
  • OR libgstbasecamerabinsrc-1_0-0-1.8.3-17 is installed
  • OR libgstcodecparsers-1_0-0-1.8.3-17 is installed
  • OR libgstgl-1_0-0-1.8.3-17 is installed
  • OR libgstmpegts-1_0-0-1.8.3-17 is installed
  • OR libgstphotography-1_0-0-1.8.3-17 is installed
  • OR libgsturidownloader-1_0-0-1.8.3-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_13-default-3-2 is installed
  • OR kernel-livepatch-SLE15_Update_3-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • augeas-1.2.0-3 is installed
  • OR augeas-lenses-1.2.0-3 is installed
  • OR libaugeas0-1.2.0-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_96-default-4-2 is installed
  • OR kgraft-patch-3_12_74-60_64_96-xen-4-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_29-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libksba8-1.3.0-23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libwireshark9-2.4.9-48.29 is installed
  • OR libwiretap7-2.4.9-48.29 is installed
  • OR libwscodecs1-2.4.9-48.29 is installed
  • OR libwsutil8-2.4.9-48.29 is installed
  • OR wireshark-2.4.9-48.29 is installed
  • OR wireshark-gtk-2.4.9-48.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • qemu-2.6.2-41.40 is installed
  • OR qemu-block-curl-2.6.2-41.40 is installed
  • OR qemu-block-rbd-2.6.2-41.40 is installed
  • OR qemu-block-ssh-2.6.2-41.40 is installed
  • OR qemu-guest-agent-2.6.2-41.40 is installed
  • OR qemu-ipxe-1.0.0-41.40 is installed
  • OR qemu-kvm-2.6.2-41.40 is installed
  • OR qemu-lang-2.6.2-41.40 is installed
  • OR qemu-seabios-1.9.1-41.40 is installed
  • OR qemu-sgabios-8-41.40 is installed
  • OR qemu-tools-2.6.2-41.40 is installed
  • OR qemu-vgabios-1.9.1-41.40 is installed
  • OR qemu-x86-2.6.2-41.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • qemu-2.6.2-41.43 is installed
  • OR qemu-block-curl-2.6.2-41.43 is installed
  • OR qemu-block-rbd-2.6.2-41.43 is installed
  • OR qemu-block-ssh-2.6.2-41.43 is installed
  • OR qemu-guest-agent-2.6.2-41.43 is installed
  • OR qemu-ipxe-1.0.0-41.43 is installed
  • OR qemu-kvm-2.6.2-41.43 is installed
  • OR qemu-lang-2.6.2-41.43 is installed
  • OR qemu-ppc-2.6.2-41.43 is installed
  • OR qemu-s390-2.6.2-41.43 is installed
  • OR qemu-seabios-1.9.1-41.43 is installed
  • OR qemu-sgabios-8-41.43 is installed
  • OR qemu-tools-2.6.2-41.43 is installed
  • OR qemu-vgabios-1.9.1-41.43 is installed
  • OR qemu-x86-2.6.2-41.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cpio-2.11-35 is installed
  • OR cpio-lang-2.11-35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.13-28.31 is installed
  • OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed
  • OR python-2.7.13-28.31 is installed
  • OR python-32bit-2.7.13-28.31 is installed
  • OR python-base-2.7.13-28.31 is installed
  • OR python-base-32bit-2.7.13-28.31 is installed
  • OR python-curses-2.7.13-28.31 is installed
  • OR python-demo-2.7.13-28.31 is installed
  • OR python-devel-2.7.13-28.31 is installed
  • OR python-doc-2.7.13-28.31 is installed
  • OR python-doc-pdf-2.7.13-28.31 is installed
  • OR python-gdbm-2.7.13-28.31 is installed
  • OR python-idle-2.7.13-28.31 is installed
  • OR python-tk-2.7.13-28.31 is installed
  • OR python-xml-2.7.13-28.31 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • dovecot22-2.2.31-19.17 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.17 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.17 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libQt5Concurrent5-5.6.2-6.22 is installed
  • OR libQt5Core5-5.6.2-6.22 is installed
  • OR libQt5DBus5-5.6.2-6.22 is installed
  • OR libQt5Gui5-5.6.2-6.22 is installed
  • OR libQt5Network5-5.6.2-6.22 is installed
  • OR libQt5OpenGL5-5.6.2-6.22 is installed
  • OR libQt5PrintSupport5-5.6.2-6.22 is installed
  • OR libQt5Sql5-5.6.2-6.22 is installed
  • OR libQt5Sql5-mysql-5.6.2-6.22 is installed
  • OR libQt5Sql5-postgresql-5.6.2-6.22 is installed
  • OR libQt5Sql5-sqlite-5.6.2-6.22 is installed
  • OR libQt5Sql5-unixODBC-5.6.2-6.22 is installed
  • OR libQt5Test5-5.6.2-6.22 is installed
  • OR libQt5Widgets5-5.6.2-6.22 is installed
  • OR libQt5Xml5-5.6.2-6.22 is installed
  • OR libqt5-qtbase-5.6.2-6.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libblkid1-2.29.2-3.12 is installed
  • OR libblkid1-32bit-2.29.2-3.12 is installed
  • OR libfdisk1-2.29.2-3.12 is installed
  • OR libmount1-2.29.2-3.12 is installed
  • OR libmount1-32bit-2.29.2-3.12 is installed
  • OR libsmartcols1-2.29.2-3.12 is installed
  • OR libuuid1-2.29.2-3.12 is installed
  • OR libuuid1-32bit-2.29.2-3.12 is installed
  • OR python-libmount-2.29.2-3.12 is installed
  • OR util-linux-2.29.2-3.12 is installed
  • OR util-linux-lang-2.29.2-3.12 is installed
  • OR util-linux-systemd-2.29.2-3.12 is installed
  • OR uuidd-2.29.2-3.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • bash-4.3-83.15 is installed
  • OR bash-doc-4.3-83.15 is installed
  • OR libreadline6-6.3-83.15 is installed
  • OR libreadline6-32bit-6.3-83.15 is installed
  • OR readline-doc-6.3-83.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-activemodel-4_2-4.2.2-5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libblkid1-2.28-44.18 is installed
  • OR libblkid1-32bit-2.28-44.18 is installed
  • OR libfdisk1-2.28-44.18 is installed
  • OR libmount1-2.28-44.18 is installed
  • OR libmount1-32bit-2.28-44.18 is installed
  • OR libsmartcols1-2.28-44.18 is installed
  • OR libuuid1-2.28-44.18 is installed
  • OR libuuid1-32bit-2.28-44.18 is installed
  • OR python-libmount-2.28-44.18 is installed
  • OR util-linux-2.28-44.18 is installed
  • OR util-linux-lang-2.28-44.18 is installed
  • OR util-linux-systemd-2.28-44.18 is installed
  • OR uuidd-2.28-44.18 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • kernel-default-4.4.180-94.100 is installed
  • OR kernel-default-base-4.4.180-94.100 is installed
  • OR kernel-default-devel-4.4.180-94.100 is installed
  • OR kernel-devel-4.4.180-94.100 is installed
  • OR kernel-macros-4.4.180-94.100 is installed
  • OR kernel-source-4.4.180-94.100 is installed
  • OR kernel-syms-4.4.180-94.100 is installed
  • OR kgraft-patch-4_4_180-94_100-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-1-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-Twisted-15.2.1-9.8 is installed
    • BACK