Oval Definition:oval:org.opensuse.security:def:52686
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 2 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-25_6 fixes several issues.

The following security issues were fixed:

- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics may allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135280).
Family:unixClass:patch
Status:Reference(s):1124729
1124734
1126284
1127757
1128378
1133191
1135280
1136446
1136935
1137597
901924
911363
936281
937018
941239
CVE-2002-2443
CVE-2009-0035
CVE-2009-0844
CVE-2009-0845
CVE-2009-0846
CVE-2009-0847
CVE-2009-3295
CVE-2009-4212
CVE-2010-0283
CVE-2010-0628
CVE-2010-1320
CVE-2010-1321
CVE-2010-1322
CVE-2010-1323
CVE-2010-1324
CVE-2010-4020
CVE-2010-4021
CVE-2010-4022
CVE-2011-0281
CVE-2011-0282
CVE-2011-0284
CVE-2011-0285
CVE-2011-1000
CVE-2011-1526
CVE-2011-1527
CVE-2011-1528
CVE-2011-1529
CVE-2011-1530
CVE-2011-3200
CVE-2011-4862
CVE-2012-1012
CVE-2012-1013
CVE-2012-1016
CVE-2012-2369
CVE-2013-1415
CVE-2013-1417
CVE-2013-1418
CVE-2013-1431
CVE-2013-4758
CVE-2013-6370
CVE-2013-6370
CVE-2013-6371
CVE-2013-6371
CVE-2014-0004
CVE-2014-3634
CVE-2014-3707
CVE-2014-4341
CVE-2014-4342
CVE-2014-4343
CVE-2014-4344
CVE-2014-4345
CVE-2014-5351
CVE-2014-5352
CVE-2014-5353
CVE-2014-5354
CVE-2014-5355
CVE-2014-5461
CVE-2014-8150
CVE-2014-8484
CVE-2014-8485
CVE-2014-8501
CVE-2014-8502
CVE-2014-8503
CVE-2014-8504
CVE-2014-8737
CVE-2014-8738
CVE-2014-9421
CVE-2014-9422
CVE-2014-9423
CVE-2015-2694
CVE-2015-2695
CVE-2015-2696
CVE-2015-2697
CVE-2015-3107
CVE-2015-3258
CVE-2015-3279
CVE-2015-5124
CVE-2015-5125
CVE-2015-5127
CVE-2015-5128
CVE-2015-5129
CVE-2015-5130
CVE-2015-5131
CVE-2015-5132
CVE-2015-5133
CVE-2015-5134
CVE-2015-5539
CVE-2015-5540
CVE-2015-5541
CVE-2015-5544
CVE-2015-5545
CVE-2015-5546
CVE-2015-5547
CVE-2015-5548
CVE-2015-5549
CVE-2015-5550
CVE-2015-5551
CVE-2015-5552
CVE-2015-5553
CVE-2015-5554
CVE-2015-5555
CVE-2015-5556
CVE-2015-5557
CVE-2015-5558
CVE-2015-5559
CVE-2015-5560
CVE-2015-5561
CVE-2015-5562
CVE-2015-5563
CVE-2015-8833
CVE-2016-1601
CVE-2018-12232
CVE-2019-11085
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-3846
CVE-2019-6974
CVE-2019-7221
CVE-2019-8912
CVE-2019-9213
SUSE-SU-2015:1374-1
SUSE-SU-2015:1377-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • freerdp-2.0.0~rc2-lp150.1 is installed
  • OR libfreerdp2-2.0.0~rc2-lp150.1 is installed
  • OR libwinpr2-2.0.0~rc2-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-10.0.11-0.3 is installed
  • OR MozillaFirefox-translations-10.0.11-0.3 is installed
  • OR libfreebl3-3.14-0.3 is installed
  • OR libfreebl3-32bit-3.14-0.3 is installed
  • OR mozilla-nss-3.14-0.3 is installed
  • OR mozilla-nss-32bit-3.14-0.3 is installed
  • OR mozilla-nss-tools-3.14-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • gtk2-2.18.9-0.35 is installed
  • OR gtk2-32bit-2.18.9-0.35 is installed
  • OR gtk2-lang-2.18.9-0.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • kde4-kgreeter-plugins-4.3.5-0.12.20 is installed
  • OR kdebase4-wallpapers-4.3.5-0.11.20 is installed
  • OR kdebase4-workspace-4.3.5-0.12.20 is installed
  • OR kdebase4-workspace-ksysguardd-4.3.5-0.12.20 is installed
  • OR kdm-4.3.5-0.12.20 is installed
  • OR kwin-4.3.5-0.12.20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • liblua5_2-5.2.2-4 is installed
  • OR lua-5.2.2-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • alsa-1.0.27.2-11 is installed
  • OR libasound2-1.0.27.2-11 is installed
  • OR libasound2-32bit-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND binutils-2.26.1-9.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libjson-c2-0.11-2 is installed
  • OR libjson-c2-32bit-0.11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND krb5-appl-clients-1.0.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_6-default-9-2 is installed
  • OR kernel-livepatch-SLE15_Update_2-9-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • aaa_base-13.2+git20140911.61c1681-9 is installed
  • OR aaa_base-extras-13.2+git20140911.61c1681-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_82-default-4-2 is installed
  • OR kgraft-patch-3_12_74-60_64_82-xen-4-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_25-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libpolkit0-0.113-5.6 is installed
  • OR polkit-0.113-5.6 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • openssh-7.2p2-74.30 is installed
  • OR openssh-askpass-gnome-7.2p2-74.30 is installed
  • OR openssh-fips-7.2p2-74.30 is installed
  • OR openssh-helpers-7.2p2-74.30 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.45-38.37 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.45-38.37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_85-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND autofs-5.0.9-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed
  • OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed
  • OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.60-38.47 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.60-38.47 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.60-38.47 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.60-38.47 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • ImageMagick-6.8.8.1-71.74 is installed
  • OR libMagickCore-6_Q16-1-6.8.8.1-71.74 is installed
  • OR libMagickWand-6_Q16-1-6.8.8.1-71.74 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cvs-1.12.12-182.3 is installed
  • OR cvs-doc-1.12.12-182.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openvpn-2.3.8-16.17 is installed
  • OR openvpn-auth-pam-plugin-2.3.8-16.17 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND ucode-intel-20190312-13.38 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libsolv-0.6.36-2.27.19 is installed
  • OR libsolv-tools-0.6.36-2.27.19 is installed
  • OR libzypp-16.20.2-27.60 is installed
  • OR perl-solv-0.6.36-2.27.19 is installed
  • OR python-solv-0.6.36-2.27.19 is installed
  • OR zypper-1.13.54-18.40 is installed
  • OR zypper-log-1.13.54-18.40 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-ecdsa-0.13.3-5.10 is installed
    • BACK