Revision Date: | 2020-12-01 | Version: | 1 |
Title: | Security update for the Linux Kernel (Live Patch 10 for SLE 15) (Important) |
Description: |
This update for the Linux Kernel 4.12.14-150_17 fixes several issues.
The following security issues were fixed:
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1124729 1124734 1126284 1128378 1133191 1136446 1136935 1137597 898572 901715 915402 918346 923229 924312 925019 925021 925022 928520 935856 CVE-2008-0928 CVE-2008-1945 CVE-2008-2382 CVE-2008-4539 CVE-2010-2240 CVE-2011-2513 CVE-2011-2514 CVE-2011-3377 CVE-2012-0247 CVE-2012-0248 CVE-2012-1185 CVE-2012-1186 CVE-2012-3422 CVE-2012-3423 CVE-2012-3515 CVE-2012-4540 CVE-2012-4559 CVE-2012-4560 CVE-2012-4561 CVE-2012-5112 CVE-2012-5112 CVE-2012-5133 CVE-2012-5133 CVE-2013-0176 CVE-2013-1752 CVE-2013-1753 CVE-2013-1926 CVE-2013-1927 CVE-2013-1940 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4349 CVE-2013-4396 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-4544 CVE-2013-6399 CVE-2013-6424 CVE-2014-0017 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0150 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-1344 CVE-2014-1384 CVE-2014-1385 CVE-2014-1386 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-1390 CVE-2014-1748 CVE-2014-3230 CVE-2014-3461 CVE-2014-3634 CVE-2014-3640 CVE-2014-4650 CVE-2014-7185 CVE-2014-8091 CVE-2014-8092 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 CVE-2014-8132 CVE-2014-8169 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2015-0247 CVE-2015-0255 CVE-2015-1071 CVE-2015-1076 CVE-2015-1081 CVE-2015-1083 CVE-2015-1120 CVE-2015-1122 CVE-2015-1127 CVE-2015-1153 CVE-2015-1155 CVE-2015-1572 CVE-2015-2330 CVE-2015-3146 CVE-2015-3164 CVE-2015-3418 CVE-2015-3418 CVE-2015-3658 CVE-2015-3659 CVE-2015-3727 CVE-2015-3731 CVE-2015-3741 CVE-2015-3743 CVE-2015-3745 CVE-2015-3747 CVE-2015-3748 CVE-2015-3749 CVE-2015-3752 CVE-2015-5234 CVE-2015-5235 CVE-2015-5788 CVE-2015-5794 CVE-2015-5801 CVE-2015-5809 CVE-2015-5822 CVE-2015-5928 CVE-2016-5759 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-3846 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 SUSE-SU-2015:1127-1 SUSE-SU-2015:1341-1 SUSE-SU-2015:1344-1 SUSE-SU-2019:1588-1
|
Platform(s): | openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.0 is installed AND Package Information
expat-2.2.5-lp150.1 is installed
OR libexpat1-2.2.5-lp150.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP2 is installed
AND Package Information
finch-2.6.6-0.19 is installed
OR libpurple-2.6.6-0.19 is installed
OR libpurple-lang-2.6.6-0.19 is installed
OR libpurple-meanwhile-2.6.6-0.19 is installed
OR libpurple-tcl-2.6.6-0.19 is installed
OR pidgin-2.6.6-0.19 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP3 is installed
AND Package Information
gpg2-2.0.9-25.33.41 is installed
OR gpg2-lang-2.0.9-25.33.41 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP4 is installed
AND Package Information
java-1_7_0-openjdk-1.7.0.85-0.11 is installed
OR java-1_7_0-openjdk-demo-1.7.0.85-0.11 is installed
OR java-1_7_0-openjdk-devel-1.7.0.85-0.11 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 is installed
AND Package Information
libjavascriptcoregtk-1_0-0-2.2.7-3 is installed
OR libjavascriptcoregtk-1_0-0-32bit-2.2.7-3 is installed
OR libjavascriptcoregtk-3_0-0-2.2.7-3 is installed
OR libwebkit2gtk-3_0-25-2.2.7-3 is installed
OR libwebkitgtk-1_0-0-2.2.7-3 is installed
OR libwebkitgtk-1_0-0-32bit-2.2.7-3 is installed
OR libwebkitgtk-3_0-0-2.2.7-3 is installed
OR libwebkitgtk2-lang-2.2.7-3 is installed
OR libwebkitgtk3-lang-2.2.7-3 is installed
OR typelib-1_0-JavaScriptCore-3_0-2.2.7-3 is installed
OR typelib-1_0-WebKit-3_0-2.2.7-3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
ImageMagick-6.8.8.1-8 is installed
OR libMagick++-6_Q16-3-6.8.8.1-8 is installed
OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed
OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed
OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP2 is installed
AND autofs-5.0.9-21 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP3 is installed
AND Package Information
libjavascriptcoregtk-1_0-0-2.4.11-23 is installed
OR libjavascriptcoregtk-1_0-0-32bit-2.4.11-23 is installed
OR libjavascriptcoregtk-3_0-0-2.4.11-23 is installed
OR libwebkitgtk-1_0-0-2.4.11-23 is installed
OR libwebkitgtk-1_0-0-32bit-2.4.11-23 is installed
OR libwebkitgtk-3_0-0-2.4.11-23 is installed
OR libwebkitgtk2-lang-2.4.11-23 is installed
OR libwebkitgtk3-lang-2.4.11-23 is installed
OR typelib-1_0-JavaScriptCore-3_0-2.4.11-23 is installed
OR typelib-1_0-WebKit-3_0-2.4.11-23 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP4 is installed
AND kdump-0.8.16-9 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Live Patching 15 is installed
AND Package Information
kernel-livepatch-4_12_14-150_17-default-2-2 is installed
OR kernel-livepatch-SLE15_Update_10-2-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1 is installed
AND Package Information
aaa_base-13.2+git20140911.61c1681-9 is installed
OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1-LTSS is installed
AND Package Information
libxml2-2.9.1-26.15 is installed
OR libxml2-2-2.9.1-26.15 is installed
OR libxml2-2-32bit-2.9.1-26.15 is installed
OR libxml2-doc-2.9.1-26.15 is installed
OR libxml2-tools-2.9.1-26.15 is installed
OR python-libxml2-2.9.1-26.15 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
libpcsclite1-1.8.10-3 is installed
OR pcsc-lite-1.8.10-3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-BCL is installed
AND Package Information
MozillaFirefox-60.3.0-109.50 is installed
OR MozillaFirefox-devel-60.3.0-109.50 is installed
OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
AND Package Information
qemu-2.6.2-41.52 is installed
OR qemu-block-curl-2.6.2-41.52 is installed
OR qemu-block-rbd-2.6.2-41.52 is installed
OR qemu-block-ssh-2.6.2-41.52 is installed
OR qemu-guest-agent-2.6.2-41.52 is installed
OR qemu-ipxe-1.0.0-41.52 is installed
OR qemu-kvm-2.6.2-41.52 is installed
OR qemu-lang-2.6.2-41.52 is installed
OR qemu-seabios-1.9.1-41.52 is installed
OR qemu-sgabios-8-41.52 is installed
OR qemu-tools-2.6.2-41.52 is installed
OR qemu-vgabios-1.9.1-41.52 is installed
OR qemu-x86-2.6.2-41.52 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-LTSS is installed
AND Package Information
kgraft-patch-4_4_114-92_64-default-8-2 is installed
OR kgraft-patch-SLE12-SP2_Update_18-8-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3 is installed
AND apache2-mod_perl-2.0.8-11 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND Package Information
libpcap-1.8.1-10.3 is installed
OR libpcap1-1.8.1-10.3 is installed
OR tcpdump-4.9.2-14.14 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
libecpg6-10.9-1.12 is installed
OR libpq5-10.9-1.12 is installed
OR libpq5-32bit-10.9-1.12 is installed
OR postgresql10-10.9-1.12 is installed
OR postgresql10-contrib-10.9-1.12 is installed
OR postgresql10-docs-10.9-1.12 is installed
OR postgresql10-libs-10.9-1.12 is installed
OR postgresql10-plperl-10.9-1.12 is installed
OR postgresql10-plpython-10.9-1.12 is installed
OR postgresql10-pltcl-10.9-1.12 is installed
OR postgresql10-server-10.9-1.12 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
MozillaFirefox-68.5.0-109.106 is installed
OR MozillaFirefox-translations-common-68.5.0-109.106 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND Package Information
libpython3_4m1_0-3.4.6-25.16 is installed
OR python3-3.4.6-25.16 is installed
OR python3-base-3.4.6-25.16 is installed
OR python3-curses-3.4.6-25.16 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed
AND Package Information
cups-1.7.5-20.17 is installed
OR cups-client-1.7.5-20.17 is installed
OR cups-libs-1.7.5-20.17 is installed
OR cups-libs-32bit-1.7.5-20.17 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 6 is installed
AND Package Information
ruby2.1-rubygem-actionview-4_2-4.2.2-8 is installed
OR rubygem-actionview-4_2-4.2.2-8 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 7 is installed
AND Package Information
java-1_8_0-ibm-1.8.0_sr5.30-30.46 is installed
OR java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46 is installed
OR java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46 is installed
OR java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 8 is installed
AND python-Django-1.11.23-3.12 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 8 is installed
AND ucode-intel-20191112-13.53 is installed
|