Oval Definition:oval:org.opensuse.security:def:52684
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 9 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-150_14 fixes several issues.

The following security issues were fixed:

- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191).
Family:unixClass:patch
Status:Reference(s):1124729
1124734
1126284
1128378
1133191
1136446
1136935
1137597
847880
901361
901553
921999
926597
927806
927807
927808
929678
929688
931698
933898
933911
934487
934489
934491
934493
CVE-2010-0624
CVE-2011-0460
CVE-2011-0461
CVE-2011-3177
CVE-2012-3355
CVE-2013-6369
CVE-2013-6370
CVE-2013-6371
CVE-2014-2524
CVE-2014-3467
CVE-2014-3468
CVE-2014-3469
CVE-2014-3566
CVE-2014-6271
CVE-2014-6277
CVE-2014-6278
CVE-2014-7169
CVE-2014-7186
CVE-2014-7187
CVE-2015-0295
CVE-2015-1788
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
CVE-2015-1858
CVE-2015-1859
CVE-2015-1860
CVE-2015-2806
CVE-2015-3216
CVE-2015-3451
CVE-2015-4000
CVE-2016-6321
CVE-2017-13080
CVE-2017-13081
CVE-2017-5715
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-3846
CVE-2019-6974
CVE-2019-7221
CVE-2019-8912
CVE-2019-9213
SUSE-SU-2015:1143-1
SUSE-SU-2015:1359-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • firewall-macros-0.5.3-lp150.1 is installed
  • OR firewalld-0.5.3-lp150.1 is installed
  • OR firewalld-lang-0.5.3-lp150.1 is installed
  • OR python3-firewall-0.5.3-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-10.0.9-0.3 is installed
  • OR MozillaFirefox-branding-SLED-7-0.6.7 is installed
  • OR MozillaFirefox-translations-10.0.9-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • grub2-2.00-0.49 is installed
  • OR grub2-x86_64-efi-2.00-0.49 is installed
  • OR grub2-x86_64-xen-2.00-0.49 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.95-0.17 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.95-0.17 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.95-0.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libjson-c2-0.11-2 is installed
  • OR libjson-c2-32bit-0.11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-9 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • bash-4.3-78 is installed
  • OR bash-doc-4.3-78 is installed
  • OR bash-lang-4.3-78 is installed
  • OR libreadline6-6.3-78 is installed
  • OR libreadline6-32bit-6.3-78 is installed
  • OR readline-doc-6.3-78 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libjbig2-2.0-12 is installed
  • OR libjbig2-32bit-2.0-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • kernel-firmware-20180525-3 is installed
  • OR ucode-amd-20180525-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_14-default-2-2 is installed
  • OR kernel-livepatch-SLE15_Update_9-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • DirectFB-1.7.1-4 is installed
  • OR lib++dfb-1_7-1-1.7.1-4 is installed
  • OR libdirectfb-1_7-1-1.7.1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.45 is installed
  • OR kernel-default-base-3.12.74-60.64.45 is installed
  • OR kernel-default-devel-3.12.74-60.64.45 is installed
  • OR kernel-default-man-3.12.74-60.64.45 is installed
  • OR kernel-devel-3.12.74-60.64.45 is installed
  • OR kernel-macros-3.12.74-60.64.45 is installed
  • OR kernel-source-3.12.74-60.64.45 is installed
  • OR kernel-syms-3.12.74-60.64.45 is installed
  • OR kernel-xen-3.12.74-60.64.45 is installed
  • OR kernel-xen-base-3.12.74-60.64.45 is installed
  • OR kernel-xen-devel-3.12.74-60.64.45 is installed
  • OR kgraft-patch-3_12_74-60_64_45-default-1-4 is installed
  • OR kgraft-patch-3_12_74-60_64_45-xen-1-4 is installed
  • OR kgraft-patch-SLE12-SP1_Update_16-1-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libpng15-15-1.5.22-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed
  • OR openssl-1.0.2j-60.46 is installed
  • OR openssl-doc-1.0.2j-60.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20190514-13.44 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND binutils-2.31-9.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • audiofile-0.3.6-10 is installed
  • OR libaudiofile1-0.3.6-10 is installed
  • OR libaudiofile1-32bit-0.3.6-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • nfs-client-1.3.0-34.22 is installed
  • OR nfs-doc-1.3.0-34.22 is installed
  • OR nfs-kernel-server-1.3.0-34.22 is installed
  • OR nfs-utils-1.3.0-34.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • MozillaFirefox-60.8.0-109.83 is installed
  • OR MozillaFirefox-translations-common-60.8.0-109.83 is installed
  • OR libfreebl3-3.44.1-58.28 is installed
  • OR libfreebl3-32bit-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-3.44.1-58.28 is installed
  • OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-3.44.1-58.28 is installed
  • OR libsoftokn3-32bit-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-3.44.1-58.28 is installed
  • OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-3.44.1-58.28 is installed
  • OR mozilla-nss-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-3.44.1-58.28 is installed
  • OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-3.44.1-58.28 is installed
  • OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed
  • OR mozilla-nss-tools-3.44.1-58.28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND sudo-1.8.20p2-3.17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • curl-7.37.0-37.26 is installed
  • OR libcurl4-7.37.0-37.26 is installed
  • OR libcurl4-32bit-7.37.0-37.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cups-pk-helper-0.2.5-5 is installed
  • OR cups-pk-helper-lang-0.2.5-5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND docker-1.10.3-66 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • openstack-cinder-9.1.5~dev6-4.21 is installed
  • OR openstack-cinder-api-9.1.5~dev6-4.21 is installed
  • OR openstack-cinder-backup-9.1.5~dev6-4.21 is installed
  • OR openstack-cinder-doc-9.1.5~dev6-4.21 is installed
  • OR openstack-cinder-scheduler-9.1.5~dev6-4.21 is installed
  • OR openstack-cinder-volume-9.1.5~dev6-4.21 is installed
  • OR openstack-horizon-plugin-designate-ui-3.0.2~dev1-3.9 is installed
  • OR openstack-neutron-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-dhcp-agent-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-doc-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-ha-tool-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-l3-agent-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-lbaas-9.2.2~dev11-4.15 is installed
  • OR openstack-neutron-lbaas-agent-9.2.2~dev11-4.15 is installed
  • OR openstack-neutron-lbaas-doc-9.2.2~dev11-4.15 is installed
  • OR openstack-neutron-linuxbridge-agent-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-macvtap-agent-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-metadata-agent-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-metering-agent-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-openvswitch-agent-9.4.2~dev21-7.27 is installed
  • OR openstack-neutron-server-9.4.2~dev21-7.27 is installed
  • OR python-cinder-9.1.5~dev6-4.21 is installed
  • OR python-horizon-plugin-designate-ui-3.0.2~dev1-3.9 is installed
  • OR python-neutron-9.4.2~dev21-7.27 is installed
  • OR python-neutron-lbaas-9.2.2~dev11-4.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • kernel-default-4.4.180-94.103 is installed
  • OR kernel-default-base-4.4.180-94.103 is installed
  • OR kernel-default-devel-4.4.180-94.103 is installed
  • OR kernel-devel-4.4.180-94.103 is installed
  • OR kernel-macros-4.4.180-94.103 is installed
  • OR kernel-source-4.4.180-94.103 is installed
  • OR kernel-syms-4.4.180-94.103 is installed
  • OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • ghostscript-9.27-23.31 is installed
  • OR ghostscript-x11-9.27-23.31 is installed
    • BACK