Oval Definition:oval:org.opensuse.security:def:52682
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 10 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-150_17 fixes several issues.

The following security issues were fixed:

- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191).
Family:unixClass:patch
Status:Reference(s):1124729
1124734
1126284
1128378
1133191
1136446
1136935
1137597
898572
901715
915402
918346
923229
924312
925019
925021
925022
928520
935856
CVE-2008-0928
CVE-2008-1945
CVE-2008-2382
CVE-2008-4539
CVE-2010-2240
CVE-2011-2513
CVE-2011-2514
CVE-2011-3377
CVE-2012-0247
CVE-2012-0248
CVE-2012-1185
CVE-2012-1186
CVE-2012-3422
CVE-2012-3423
CVE-2012-3515
CVE-2012-4540
CVE-2012-4559
CVE-2012-4560
CVE-2012-4561
CVE-2012-5112
CVE-2012-5112
CVE-2012-5133
CVE-2012-5133
CVE-2013-0176
CVE-2013-1752
CVE-2013-1753
CVE-2013-1926
CVE-2013-1927
CVE-2013-1940
CVE-2013-4148
CVE-2013-4149
CVE-2013-4150
CVE-2013-4151
CVE-2013-4349
CVE-2013-4396
CVE-2013-4526
CVE-2013-4527
CVE-2013-4529
CVE-2013-4530
CVE-2013-4531
CVE-2013-4533
CVE-2013-4534
CVE-2013-4535
CVE-2013-4536
CVE-2013-4537
CVE-2013-4538
CVE-2013-4539
CVE-2013-4540
CVE-2013-4541
CVE-2013-4542
CVE-2013-4544
CVE-2013-6399
CVE-2013-6424
CVE-2014-0017
CVE-2014-0142
CVE-2014-0143
CVE-2014-0144
CVE-2014-0145
CVE-2014-0146
CVE-2014-0147
CVE-2014-0150
CVE-2014-0182
CVE-2014-0222
CVE-2014-0223
CVE-2014-1344
CVE-2014-1384
CVE-2014-1385
CVE-2014-1386
CVE-2014-1387
CVE-2014-1388
CVE-2014-1389
CVE-2014-1390
CVE-2014-1748
CVE-2014-3230
CVE-2014-3461
CVE-2014-3634
CVE-2014-3640
CVE-2014-4650
CVE-2014-7185
CVE-2014-8091
CVE-2014-8092
CVE-2014-8092
CVE-2014-8093
CVE-2014-8094
CVE-2014-8095
CVE-2014-8096
CVE-2014-8097
CVE-2014-8098
CVE-2014-8099
CVE-2014-8100
CVE-2014-8101
CVE-2014-8102
CVE-2014-8103
CVE-2014-8132
CVE-2014-8169
CVE-2014-8354
CVE-2014-8355
CVE-2014-8562
CVE-2014-8716
CVE-2015-0247
CVE-2015-0255
CVE-2015-1071
CVE-2015-1076
CVE-2015-1081
CVE-2015-1083
CVE-2015-1120
CVE-2015-1122
CVE-2015-1127
CVE-2015-1153
CVE-2015-1155
CVE-2015-1572
CVE-2015-2330
CVE-2015-3146
CVE-2015-3164
CVE-2015-3418
CVE-2015-3418
CVE-2015-3658
CVE-2015-3659
CVE-2015-3727
CVE-2015-3731
CVE-2015-3741
CVE-2015-3743
CVE-2015-3745
CVE-2015-3747
CVE-2015-3748
CVE-2015-3749
CVE-2015-3752
CVE-2015-5234
CVE-2015-5235
CVE-2015-5788
CVE-2015-5794
CVE-2015-5801
CVE-2015-5809
CVE-2015-5822
CVE-2015-5928
CVE-2016-5759
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-3846
CVE-2019-6974
CVE-2019-7221
CVE-2019-8912
CVE-2019-9213
SUSE-SU-2015:1127-1
SUSE-SU-2015:1341-1
SUSE-SU-2015:1344-1
SUSE-SU-2019:1588-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • expat-2.2.5-lp150.1 is installed
  • OR libexpat1-2.2.5-lp150.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • finch-2.6.6-0.19 is installed
  • OR libpurple-2.6.6-0.19 is installed
  • OR libpurple-lang-2.6.6-0.19 is installed
  • OR libpurple-meanwhile-2.6.6-0.19 is installed
  • OR libpurple-tcl-2.6.6-0.19 is installed
  • OR pidgin-2.6.6-0.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • gpg2-2.0.9-25.33.41 is installed
  • OR gpg2-lang-2.0.9-25.33.41 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.85-0.11 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.85-0.11 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.85-0.11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libjavascriptcoregtk-1_0-0-2.2.7-3 is installed
  • OR libjavascriptcoregtk-1_0-0-32bit-2.2.7-3 is installed
  • OR libjavascriptcoregtk-3_0-0-2.2.7-3 is installed
  • OR libwebkit2gtk-3_0-25-2.2.7-3 is installed
  • OR libwebkitgtk-1_0-0-2.2.7-3 is installed
  • OR libwebkitgtk-1_0-0-32bit-2.2.7-3 is installed
  • OR libwebkitgtk-3_0-0-2.2.7-3 is installed
  • OR libwebkitgtk2-lang-2.2.7-3 is installed
  • OR libwebkitgtk3-lang-2.2.7-3 is installed
  • OR typelib-1_0-JavaScriptCore-3_0-2.2.7-3 is installed
  • OR typelib-1_0-WebKit-3_0-2.2.7-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-8 is installed
  • OR libMagick++-6_Q16-3-6.8.8.1-8 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-8 is installed
  • OR libMagickCore-6_Q16-1-32bit-6.8.8.1-8 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND autofs-5.0.9-21 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libjavascriptcoregtk-1_0-0-2.4.11-23 is installed
  • OR libjavascriptcoregtk-1_0-0-32bit-2.4.11-23 is installed
  • OR libjavascriptcoregtk-3_0-0-2.4.11-23 is installed
  • OR libwebkitgtk-1_0-0-2.4.11-23 is installed
  • OR libwebkitgtk-1_0-0-32bit-2.4.11-23 is installed
  • OR libwebkitgtk-3_0-0-2.4.11-23 is installed
  • OR libwebkitgtk2-lang-2.4.11-23 is installed
  • OR libwebkitgtk3-lang-2.4.11-23 is installed
  • OR typelib-1_0-JavaScriptCore-3_0-2.4.11-23 is installed
  • OR typelib-1_0-WebKit-3_0-2.4.11-23 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND kdump-0.8.16-9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_17-default-2-2 is installed
  • OR kernel-livepatch-SLE15_Update_10-2-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-9 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • libxml2-2.9.1-26.15 is installed
  • OR libxml2-2-2.9.1-26.15 is installed
  • OR libxml2-2-32bit-2.9.1-26.15 is installed
  • OR libxml2-doc-2.9.1-26.15 is installed
  • OR libxml2-tools-2.9.1-26.15 is installed
  • OR python-libxml2-2.9.1-26.15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libpcsclite1-1.8.10-3 is installed
  • OR pcsc-lite-1.8.10-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • MozillaFirefox-60.3.0-109.50 is installed
  • OR MozillaFirefox-devel-60.3.0-109.50 is installed
  • OR MozillaFirefox-translations-common-60.3.0-109.50 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • qemu-2.6.2-41.52 is installed
  • OR qemu-block-curl-2.6.2-41.52 is installed
  • OR qemu-block-rbd-2.6.2-41.52 is installed
  • OR qemu-block-ssh-2.6.2-41.52 is installed
  • OR qemu-guest-agent-2.6.2-41.52 is installed
  • OR qemu-ipxe-1.0.0-41.52 is installed
  • OR qemu-kvm-2.6.2-41.52 is installed
  • OR qemu-lang-2.6.2-41.52 is installed
  • OR qemu-seabios-1.9.1-41.52 is installed
  • OR qemu-sgabios-8-41.52 is installed
  • OR qemu-tools-2.6.2-41.52 is installed
  • OR qemu-vgabios-1.9.1-41.52 is installed
  • OR qemu-x86-2.6.2-41.52 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_64-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_18-8-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache2-mod_perl-2.0.8-11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libpcap-1.8.1-10.3 is installed
  • OR libpcap1-1.8.1-10.3 is installed
  • OR tcpdump-4.9.2-14.14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • MozillaFirefox-68.5.0-109.106 is installed
  • OR MozillaFirefox-translations-common-68.5.0-109.106 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.16 is installed
  • OR python3-3.4.6-25.16 is installed
  • OR python3-base-3.4.6-25.16 is installed
  • OR python3-curses-3.4.6-25.16 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cups-1.7.5-20.17 is installed
  • OR cups-client-1.7.5-20.17 is installed
  • OR cups-libs-1.7.5-20.17 is installed
  • OR cups-libs-32bit-1.7.5-20.17 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • ruby2.1-rubygem-actionview-4_2-4.2.2-8 is installed
  • OR rubygem-actionview-4_2-4.2.2-8 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.30-30.46 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.30-30.46 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.30-30.46 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.30-30.46 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-Django-1.11.23-3.12 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ucode-intel-20191112-13.53 is installed
  • BACK