Oval Definition:	oval:org.opensuse.security:def:52685
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-25_3 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics may allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135280). Family: unix Class: patch Status: Reference(s): 1124729 1124734 1126284 1128378 1133191 1135280 1136446 1136935 1137597 879179 901361 901553 929678 931698 933898 933911 934487 934489 934491 934493 941239 CVE-2002-2443 CVE-2009-0696 CVE-2009-0844 CVE-2009-0845 CVE-2009-0846 CVE-2009-0847 CVE-2009-2285 CVE-2009-2347 CVE-2009-3295 CVE-2009-3736 CVE-2009-3939 CVE-2009-4022 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4212 CVE-2009-4536 CVE-2009-4538 CVE-2010-0283 CVE-2010-0628 CVE-2010-1146 CVE-2010-1320 CVE-2010-1321 CVE-2010-1322 CVE-2010-1323 CVE-2010-1324 CVE-2010-1436 CVE-2010-1641 CVE-2010-2065 CVE-2010-2066 CVE-2010-2067 CVE-2010-2233 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2010-4020 CVE-2010-4021 CVE-2010-4022 CVE-2010-4665 CVE-2011-0192 CVE-2011-0281 CVE-2011-0282 CVE-2011-0284 CVE-2011-0285 CVE-2011-0414 CVE-2011-0712 CVE-2011-1020 CVE-2011-1097 CVE-2011-1167 CVE-2011-1527 CVE-2011-1528 CVE-2011-1529 CVE-2011-1530 CVE-2011-1577 CVE-2011-1907 CVE-2011-1910 CVE-2011-2203 CVE-2011-2464 CVE-2011-2483 CVE-2011-3177 CVE-2011-4313 CVE-2012-0056 CVE-2012-1012 CVE-2012-1013 CVE-2012-1016 CVE-2012-1152 CVE-2012-1173 CVE-2012-1667 CVE-2012-2113 CVE-2012-2372 CVE-2012-2737 CVE-2012-3401 CVE-2012-3817 CVE-2012-3868 CVE-2012-4244 CVE-2012-4564 CVE-2012-5166 CVE-2012-5688 CVE-2012-5689 CVE-2013-0160 CVE-2013-0231 CVE-2013-0913 CVE-2013-1415 CVE-2013-1417 CVE-2013-1418 CVE-2013-1960 CVE-2013-1961 CVE-2013-2266 CVE-2013-2850 CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2013-4587 CVE-2013-4854 CVE-2013-6367 CVE-2013-6368 CVE-2013-6376 CVE-2013-6393 CVE-2013-6405 CVE-2014-00691 CVE-2014-0102 CVE-2014-0131 CVE-2014-0196 CVE-2014-0591 CVE-2014-2523 CVE-2014-2525 CVE-2014-2568 CVE-2014-2855 CVE-2014-3185 CVE-2014-3534 CVE-2014-3566 CVE-2014-3610 CVE-2014-3611 CVE-2014-3647 CVE-2014-3673 CVE-2014-3687 CVE-2014-3690 CVE-2014-3917 CVE-2014-3940 CVE-2014-4171 CVE-2014-4341 CVE-2014-4342 CVE-2014-4343 CVE-2014-4344 CVE-2014-4345 CVE-2014-4608 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4699 CVE-2014-4943 CVE-2014-5045 CVE-2014-5077 CVE-2014-5206 CVE-2014-5207 CVE-2014-5351 CVE-2014-5352 CVE-2014-5353 CVE-2014-5354 CVE-2014-5355 CVE-2014-5471 CVE-2014-5472 CVE-2014-7822 CVE-2014-7826 CVE-2014-7841 CVE-2014-8086 CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-8133 CVE-2014-8159 CVE-2014-8160 CVE-2014-8500 CVE-2014-8559 CVE-2014-8709 CVE-2014-8767 CVE-2014-8768 CVE-2014-8769 CVE-2014-9090 CVE-2014-9092 CVE-2014-9130 CVE-2014-9140 CVE-2014-9419 CVE-2014-9420 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 CVE-2014-9584 CVE-2014-9585 CVE-2014-9655 CVE-2014-9728 CVE-2014-9729 CVE-2014-9730 CVE-2014-9731 CVE-2015-0261 CVE-2015-0272 CVE-2015-0777 CVE-2015-1349 CVE-2015-1465 CVE-2015-1547 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-1805 CVE-2015-2041 CVE-2015-2042 CVE-2015-2150 CVE-2015-2153 CVE-2015-2154 CVE-2015-2155 CVE-2015-2666 CVE-2015-2694 CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 CVE-2015-2698 CVE-2015-2830 CVE-2015-2922 CVE-2015-3107 CVE-2015-3138 CVE-2015-3212 CVE-2015-3216 CVE-2015-3331 CVE-2015-3332 CVE-2015-3339 CVE-2015-3636 CVE-2015-4000 CVE-2015-4036 CVE-2015-4167 CVE-2015-4620 CVE-2015-4692 CVE-2015-5124 CVE-2015-5125 CVE-2015-5127 CVE-2015-5128 CVE-2015-5129 CVE-2015-5130 CVE-2015-5131 CVE-2015-5132 CVE-2015-5133 CVE-2015-5134 CVE-2015-5156 CVE-2015-5157 CVE-2015-5283 CVE-2015-5307 CVE-2015-5364 CVE-2015-5366 CVE-2015-5477 CVE-2015-5539 CVE-2015-5540 CVE-2015-5541 CVE-2015-5544 CVE-2015-5545 CVE-2015-5546 CVE-2015-5547 CVE-2015-5548 CVE-2015-5549 CVE-2015-5550 CVE-2015-5551 CVE-2015-5552 CVE-2015-5553 CVE-2015-5554 CVE-2015-5555 CVE-2015-5556 CVE-2015-5557 CVE-2015-5558 CVE-2015-5559 CVE-2015-5560 CVE-2015-5561 CVE-2015-5562 CVE-2015-5563 CVE-2015-5722 CVE-2015-6252 CVE-2015-6937 CVE-2015-7613 CVE-2015-8000 CVE-2015-8104 CVE-2015-8629 CVE-2015-8630 CVE-2015-8631 CVE-2015-8704 CVE-2016-1285 CVE-2016-1286 CVE-2016-2776 CVE-2016-3119 CVE-2016-3120 CVE-2016-7922 CVE-2016-7923 CVE-2016-7924 CVE-2016-7925 CVE-2016-7926 CVE-2016-7927 CVE-2016-7928 CVE-2016-7929 CVE-2016-7930 CVE-2016-7931 CVE-2016-7932 CVE-2016-7933 CVE-2016-7934 CVE-2016-7935 CVE-2016-7936 CVE-2016-7937 CVE-2016-7938 CVE-2016-7939 CVE-2016-7940 CVE-2016-7973 CVE-2016-7974 CVE-2016-7975 CVE-2016-7983 CVE-2016-7984 CVE-2016-7985 CVE-2016-7986 CVE-2016-7992 CVE-2016-7993 CVE-2016-8574 CVE-2016-8575 CVE-2017-11108 CVE-2017-11462 CVE-2017-11541 CVE-2017-11542 CVE-2017-11543 CVE-2017-12893 CVE-2017-12894 CVE-2017-12895 CVE-2017-12896 CVE-2017-12897 CVE-2017-12898 CVE-2017-12899 CVE-2017-12900 CVE-2017-12901 CVE-2017-12902 CVE-2017-12985 CVE-2017-12986 CVE-2017-12987 CVE-2017-12988 CVE-2017-12989 CVE-2017-12990 CVE-2017-12991 CVE-2017-12992 CVE-2017-12993 CVE-2017-12994 CVE-2017-12995 CVE-2017-12996 CVE-2017-12997 CVE-2017-12998 CVE-2017-12999 CVE-2017-13000 CVE-2017-13001 CVE-2017-13002 CVE-2017-13003 CVE-2017-13004 CVE-2017-13005 CVE-2017-13006 CVE-2017-13007 CVE-2017-13008 CVE-2017-13009 CVE-2017-13010 CVE-2017-13011 CVE-2017-13012 CVE-2017-13013 CVE-2017-13014 CVE-2017-13015 CVE-2017-13016 CVE-2017-13017 CVE-2017-13018 CVE-2017-13019 CVE-2017-13020 CVE-2017-13021 CVE-2017-13022 CVE-2017-13023 CVE-2017-13024 CVE-2017-13025 CVE-2017-13026 CVE-2017-13027 CVE-2017-13028 CVE-2017-13029 CVE-2017-13030 CVE-2017-13031 CVE-2017-13032 CVE-2017-13033 CVE-2017-13034 CVE-2017-13035 CVE-2017-13036 CVE-2017-13037 CVE-2017-13038 CVE-2017-13039 CVE-2017-13040 CVE-2017-13041 CVE-2017-13042 CVE-2017-13043 CVE-2017-13044 CVE-2017-13045 CVE-2017-13046 CVE-2017-13047 CVE-2017-13048 CVE-2017-13049 CVE-2017-13050 CVE-2017-13051 CVE-2017-13052 CVE-2017-13053 CVE-2017-13054 CVE-2017-13055 CVE-2017-13687 CVE-2017-13688 CVE-2017-13689 CVE-2017-13690 CVE-2017-13725 CVE-2017-15088 CVE-2017-5202 CVE-2017-5203 CVE-2017-5204 CVE-2017-5205 CVE-2017-5341 CVE-2017-5342 CVE-2017-5482 CVE-2017-5483 CVE-2017-5484 CVE-2017-5485 CVE-2017-5486 CVE-2018-5729 CVE-2018-5730 CVE-2019-11085 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-3846 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 SUSE-SU-2015:1150-1 SUSE-SU-2015:1374-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information flatpak-0.10.4-lp150.2 is installed OR libflatpak0-0.10.4-lp150.2 is installed OR typelib-1_0-Flatpak-1_0-0.10.4-lp150.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.10-0.3 is installed OR MozillaFirefox-translations-10.0.10-0.3 is installed OR mozilla-nspr-4.9.3-0.2 is installed OR mozilla-nspr-32bit-4.9.3-0.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information gstreamer-0_10-plugins-bad-0.10.22-7.11 is installed OR gstreamer-0_10-plugins-bad-lang-0.10.22-7.11 is installed OR libgstbasecamerabinsrc-0_10-0-0.10.22-7.11 is installed OR libgstbasecamerabinsrc-0_10-0-32bit-0.10.22-7.11 is installed OR libgstbasevideo-0_10-0-0.10.22-7.11 is installed OR libgstbasevideo-0_10-0-32bit-0.10.22-7.11 is installed OR libgstphotography-0_10-0-0.10.22-7.11 is installed OR libgstphotography-0_10-0-32bit-0.10.22-7.11 is installed OR libgstsignalprocessor-0_10-0-0.10.22-7.11 is installed OR libgstsignalprocessor-0_10-0-32bit-0.10.22-7.11 is installed OR libgstvdp-0_10-0-0.10.22-7.11 is installed OR libgstvdp-0_10-0-32bit-0.10.22-7.11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information java-1_7_0-openjdk-1.7.0.99-0.20 is installed OR java-1_7_0-openjdk-demo-1.7.0.99-0.20 is installed OR java-1_7_0-openjdk-devel-1.7.0.99-0.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libltdl7-2.4.2-14 is installed OR libltdl7-32bit-2.4.2-14 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information accountsservice-0.6.35-3 is installed OR accountsservice-lang-0.6.35-3 is installed OR libaccountsservice0-0.6.35-3 is installed OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bind-libs-9.9.9P1-46 is installed OR bind-libs-32bit-9.9.9P1-46 is installed OR bind-utils-9.9.9P1-46 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libjpeg-turbo-1.3.1-30 is installed OR libjpeg62-62.1.0-30 is installed OR libjpeg62-32bit-62.1.0-30 is installed OR libjpeg62-turbo-1.3.1-30 is installed OR libjpeg8-8.0.2-30 is installed OR libjpeg8-32bit-8.0.2-30 is installed OR libturbojpeg0-8.0.2-30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information krb5-1.12.5-40.28 is installed OR krb5-32bit-1.12.5-40.28 is installed OR krb5-client-1.12.5-40.28 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-10-2 is installed OR kernel-livepatch-SLE15_Update_1-10-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information MozillaFirefox-38.4.0esr-51 is installed OR MozillaFirefox-translations-38.4.0esr-51 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_85-default-4-2 is installed OR kgraft-patch-3_12_74-60_64_85-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_26-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libpng16-16-1.6.8-11 is installed OR libpng16-16-32bit-1.6.8-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information python3-rpm-4.11.2-16.21 is installed OR rpm-4.11.2-16.21 is installed OR rpm-32bit-4.11.2-16.21 is installed OR rpm-build-4.11.2-16.21 is installed OR rpm-python-4.11.2-16.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openssh-7.2p2-74.35 is installed OR openssh-askpass-gnome-7.2p2-74.35 is installed OR openssh-fips-7.2p2-74.35 is installed OR openssh-helpers-7.2p2-74.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information MozillaFirefox-60.2.2esr-109.46 is installed OR MozillaFirefox-branding-SLE-60-32.3 is installed OR MozillaFirefox-devel-60.2.2esr-109.46 is installed OR MozillaFirefox-translations-common-60.2.2esr-109.46 is installed OR apache2-mod_nss-1.0.14-19.6 is installed OR libfreebl3-3.36.4-58.15 is installed OR libfreebl3-32bit-3.36.4-58.15 is installed OR libfreebl3-hmac-3.36.4-58.15 is installed OR libfreebl3-hmac-32bit-3.36.4-58.15 is installed OR libsoftokn3-3.36.4-58.15 is installed OR libsoftokn3-32bit-3.36.4-58.15 is installed OR libsoftokn3-hmac-3.36.4-58.15 is installed OR libsoftokn3-hmac-32bit-3.36.4-58.15 is installed OR mozilla-nspr-4.19-19.3 is installed OR mozilla-nspr-32bit-4.19-19.3 is installed OR mozilla-nss-3.36.4-58.15 is installed OR mozilla-nss-32bit-3.36.4-58.15 is installed OR mozilla-nss-certs-3.36.4-58.15 is installed OR mozilla-nss-certs-32bit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-32bit-3.36.4-58.15 is installed OR mozilla-nss-tools-3.36.4-58.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information augeas-1.2.0-15 is installed OR augeas-lenses-1.2.0-15 is installed OR libaugeas0-1.2.0-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information wicked-0.6.60-38.27 is installed OR wicked-service-0.6.60-38.27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information curl-7.60.0-2 is installed OR libcurl4-7.60.0-2 is installed OR libcurl4-32bit-7.60.0-2 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND sudo-1.8.10p3-2.16 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information ghostscript-9.26a-23.22 is installed OR ghostscript-x11-9.26a-23.22 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ucode-intel-20191112a-13.56 is installed
BACK