Oval Definition:oval:org.opensuse.security:def:52667
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-25_3 fixes several issues.

The following security issues were fixed:

- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bsc#1110233). - CVE-2018-14633: A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The attack requires the iSCSI target to be enabled on the victim host. Depending on how the target's code was built (i.e. depending on a compiler, compile flags and hardware architecture) an attack may lead to a system crash and thus to a denial-of-service or possibly to a non-authorized access to data exported by an iSCSI target. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although we believe it is highly unlikely. (bsc#1107832).
Family:unixClass:patch
Status:Reference(s):1107832
1110233
1144903
1153108
1153158
1153161
899712
907453
918330
930622
936476
CVE-2008-1686
CVE-2009-0159
CVE-2009-0946
CVE-2009-1252
CVE-2010-2497
CVE-2010-2805
CVE-2010-3053
CVE-2010-3054
CVE-2010-3311
CVE-2010-3814
CVE-2010-3855
CVE-2010-4000
CVE-2011-0226
CVE-2011-2895
CVE-2011-3256
CVE-2011-3389
CVE-2011-3439
CVE-2011-4944
CVE-2012-0845
CVE-2012-1126
CVE-2012-1127
CVE-2012-1128
CVE-2012-1129
CVE-2012-1130
CVE-2012-1131
CVE-2012-1132
CVE-2012-1133
CVE-2012-1134
CVE-2012-1135
CVE-2012-1136
CVE-2012-1137
CVE-2012-1138
CVE-2012-1139
CVE-2012-1140
CVE-2012-1141
CVE-2012-1142
CVE-2012-1143
CVE-2012-1144
CVE-2012-1150
CVE-2012-2451
CVE-2012-3386
CVE-2012-5668
CVE-2012-5669
CVE-2012-5670
CVE-2013-1752
CVE-2013-1992
CVE-2013-4238
CVE-2013-4326
CVE-2013-5211
CVE-2014-2240
CVE-2014-2241
CVE-2014-2667
CVE-2014-4650
CVE-2014-9116
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296
CVE-2014-9297
CVE-2014-9298
CVE-2014-9638
CVE-2014-9639
CVE-2014-9640
CVE-2014-9656
CVE-2014-9657
CVE-2014-9658
CVE-2014-9659
CVE-2014-9660
CVE-2014-9661
CVE-2014-9662
CVE-2014-9663
CVE-2014-9664
CVE-2014-9665
CVE-2014-9666
CVE-2014-9667
CVE-2014-9668
CVE-2014-9669
CVE-2014-9670
CVE-2014-9671
CVE-2014-9672
CVE-2014-9673
CVE-2014-9674
CVE-2014-9675
CVE-2015-0797
CVE-2015-1349
CVE-2015-1798
CVE-2015-1799
CVE-2015-2708
CVE-2015-2709
CVE-2015-2710
CVE-2015-2713
CVE-2015-2716
CVE-2015-3405
CVE-2015-4620
CVE-2015-5219
CVE-2015-5300
CVE-2015-6749
CVE-2015-7691
CVE-2015-7692
CVE-2015-7701
CVE-2015-7702
CVE-2015-7703
CVE-2015-7704
CVE-2015-7705
CVE-2015-7848
CVE-2015-7849
CVE-2015-7850
CVE-2015-7851
CVE-2015-7852
CVE-2015-7853
CVE-2015-7854
CVE-2015-7855
CVE-2015-7871
CVE-2015-7973
CVE-2015-7974
CVE-2015-7975
CVE-2015-7976
CVE-2015-7977
CVE-2015-7978
CVE-2015-7979
CVE-2015-8138
CVE-2015-8139
CVE-2015-8140
CVE-2015-8158
CVE-2016-1547
CVE-2016-1548
CVE-2016-1549
CVE-2016-1550
CVE-2016-1551
CVE-2016-2516
CVE-2016-2517
CVE-2016-2518
CVE-2016-2519
CVE-2016-4953
CVE-2016-4954
CVE-2016-4955
CVE-2016-4956
CVE-2016-4957
CVE-2016-7426
CVE-2016-7427
CVE-2016-7428
CVE-2016-7429
CVE-2016-7431
CVE-2016-7433
CVE-2016-7434
CVE-2016-8605
CVE-2016-9042
CVE-2016-9310
CVE-2016-9311
CVE-2017-6451
CVE-2017-6458
CVE-2017-6460
CVE-2017-6462
CVE-2017-6463
CVE-2017-6464
CVE-2018-14633
CVE-2018-17182
CVE-2019-10220
CVE-2019-17133
SUSE-SU-2015:0960-1
SUSE-SU-2015:1204-1
SUSE-SU-2018:3272-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • cups-2.2.7-lp150.1 is installed
  • OR cups-client-2.2.7-lp150.1 is installed
  • OR cups-config-2.2.7-lp150.1 is installed
  • OR libcups2-2.2.7-lp150.1 is installed
  • OR libcupscgi1-2.2.7-lp150.1 is installed
  • OR libcupsimage2-2.2.7-lp150.1 is installed
  • OR libcupsmime1-2.2.7-lp150.1 is installed
  • OR libcupsppdc1-2.2.7-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • flash-player-11.2.202.554-0.29 is installed
  • OR flash-player-gnome-11.2.202.554-0.29 is installed
  • OR flash-player-kde4-11.2.202.554-0.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • flash-player-11.2.202.569-0.35 is installed
  • OR flash-player-gnome-11.2.202.569-0.35 is installed
  • OR flash-player-kde4-11.2.202.569-0.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND libdmx1-1.1.3-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • gnome-shell-3.10.4-40 is installed
  • OR gnome-shell-browser-plugin-3.10.4-40 is installed
  • OR gnome-shell-calendar-3.10.4-40 is installed
  • OR gnome-shell-lang-3.10.4-40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • vorbis-tools-1.4.0-26 is installed
  • OR vorbis-tools-lang-1.4.0-26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • guile-2.0.9-8 is installed
  • OR guile-modules-2_0-2.0.9-8 is installed
  • OR libguile-2_0-22-2.0.9-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_3-default-5-2 is installed
  • OR kernel-livepatch-SLE15_Update_1-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • bash-4.2-75 is installed
  • OR bash-doc-4.2-75 is installed
  • OR libreadline6-6.2-75 is installed
  • OR libreadline6-32bit-6.2-75 is installed
  • OR readline-doc-6.2-75 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_85-default-7-2 is installed
  • OR kgraft-patch-3_12_74-60_64_85-xen-7-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_26-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libltdl7-2.4.2-14 is installed
  • OR libltdl7-32bit-2.4.2-14 is installed
  • OR libtool-2.4.2-14 is installed
  • OR libtool-32bit-2.4.2-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • qemu-2.6.2-41.43 is installed
  • OR qemu-block-curl-2.6.2-41.43 is installed
  • OR qemu-block-rbd-2.6.2-41.43 is installed
  • OR qemu-block-ssh-2.6.2-41.43 is installed
  • OR qemu-guest-agent-2.6.2-41.43 is installed
  • OR qemu-ipxe-1.0.0-41.43 is installed
  • OR qemu-kvm-2.6.2-41.43 is installed
  • OR qemu-lang-2.6.2-41.43 is installed
  • OR qemu-seabios-1.9.1-41.43 is installed
  • OR qemu-sgabios-8-41.43 is installed
  • OR qemu-tools-2.6.2-41.43 is installed
  • OR qemu-vgabios-1.9.1-41.43 is installed
  • OR qemu-x86-2.6.2-41.43 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.108 is installed
  • OR ImageMagick-config-6-SUSE-6.8.8.1-71.108 is installed
  • OR ImageMagick-config-6-upstream-6.8.8.1-71.108 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.108 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.108 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • cron-4.2-58 is installed
  • OR cronie-1.4.11-58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • perl-5.18.2-12.20 is installed
  • OR perl-32bit-5.18.2-12.20 is installed
  • OR perl-base-5.18.2-12.20 is installed
  • OR perl-doc-5.18.2-12.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_156-94_57-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_18-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libvirglrenderer0-0.5.0-12.3 is installed
  • OR virglrenderer-0.5.0-12.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libtirpc-1.0.1-17.6 is installed
  • OR libtirpc-netconfig-1.0.1-17.6 is installed
  • OR libtirpc3-1.0.1-17.6 is installed
  • OR libtirpc3-32bit-1.0.1-17.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND ruby2.1-rubygem-bundler-1.7.3-3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • kernel-default-4.4.121-92.101 is installed
  • OR kernel-default-base-4.4.121-92.101 is installed
  • OR kernel-default-devel-4.4.121-92.101 is installed
  • OR kernel-default-man-4.4.121-92.101 is installed
  • OR kernel-devel-4.4.121-92.101 is installed
  • OR kernel-macros-4.4.121-92.101 is installed
  • OR kernel-source-4.4.121-92.101 is installed
  • OR kernel-syms-4.4.121-92.101 is installed
  • OR kgraft-patch-4_4_121-92_101-default-1-3.3 is installed
  • OR kgraft-patch-SLE12-SP2_Update_27-1-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • bzip2-1.0.6-30.5 is installed
  • OR bzip2-doc-1.0.6-30.5 is installed
  • OR libbz2-1-1.0.6-30.5 is installed
  • OR libbz2-1-32bit-1.0.6-30.5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.68 is installed
  • OR libgcrypt20-1.6.1-16.68 is installed
  • OR libgcrypt20-32bit-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-1.6.1-16.68 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
    • BACK