Oval Definition:oval:org.opensuse.security:def:52687
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-25_13 fixes several issues.

The following security issues were fixed:

- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics may allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135280).
Family:unixClass:patch
Status:Reference(s):1046305
1046306
1050252
1050549
1051510
1054610
1055121
1056658
1056662
1056787
1060463
1063638
1065600
1070995
1071995
1078355
1082943
1083548
1083647
1084216
1086095
1086282
1086301
1086313
1086314
1086323
1087082
1087092
1088133
1094555
1098382
1098425
1098995
1103429
1104353
1106105
1106434
1106811
1107078
1107665
1108101
1108870
1109695
1110096
1110705
1111666
1113042
1113712
1113722
1113939
1114279
1114585
1117108
1117155
1117645
1118338
1119019
1119086
1119766
1119843
1120008
1120318
1120601
1120758
1120854
1120902
1120909
1120955
1121317
1121726
1121789
1121805
1122019
1122192
1122324
1122554
1122662
1122764
1122779
1122822
1122885
1122927
1122944
1122971
1122982
1123060
1123061
1123161
1123317
1123348
1123357
1123456
1123538
1123697
1123882
1123933
1124055
1124204
1124235
1124579
1124589
1124728
1124732
1124735
1124969
1124974
1124975
1124976
1124978
1124979
1124980
1124981
1124982
1124984
1124985
1125109
1125125
1125252
1125315
1125614
1125728
1125780
1125797
1125799
1125800
1125907
1125947
1126131
1126209
1126389
1126393
1126476
1126480
1126481
1126488
1126495
1126555
1126579
1126789
1126790
1126802
1126803
1126804
1126805
1126806
1126807
1127042
1127062
1127082
1127154
1127285
1127286
1127307
1127363
1127493
1127494
1127495
1127496
1127497
1127498
1127534
1127561
1127567
1127595
1127603
1127682
1127731
1127750
1127836
1127961
1128094
1128166
1128351
1128451
1128895
1129046
1129080
1129163
1129179
1129181
1129182
1129183
1129184
1129205
1129281
1129284
1129285
1129291
1129292
1129293
1129294
1129295
1129296
1129326
1129327
1129330
1129363
1129366
1129497
1129519
1129543
1129547
1129551
1129581
1129625
1129664
1129739
1129923
1133191
1135280
1136446
1136935
1137597
824948
896202
896435
898003
899524
900275
900276
905483
920057
928740
929919
936281
937018
940918
CVE-2006-0855
CVE-2007-1669
CVE-2007-6746
CVE-2009-0793
CVE-2010-2494
CVE-2011-1526
CVE-2011-4862
CVE-2012-1616
CVE-2012-5468
CVE-2013-4276
CVE-2013-4326
CVE-2014-3591
CVE-2014-4607
CVE-2015-1191
CVE-2015-3258
CVE-2015-3279
CVE-2015-4495
CVE-2015-5198
CVE-2015-5199
CVE-2015-5200
CVE-2016-6354
CVE-2016-6354
CVE-2017-8422
CVE-2018-20669
CVE-2019-11085
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-2024
CVE-2019-3459
CVE-2019-3460
CVE-2019-3819
CVE-2019-3846
CVE-2019-6974
CVE-2019-7221
CVE-2019-7222
CVE-2019-7308
CVE-2019-8912
CVE-2019-8980
CVE-2019-9213
SUSE-SU-2015:1179-1
SUSE-SU-2015:1377-1
SUSE-SU-2015:1379-1
SUSE-SU-2019:0784-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • ft2demos-2.9-lp150.2 is installed
  • OR ftbench-2.9-lp150.2 is installed
  • OR ftdiff-2.9-lp150.2 is installed
  • OR ftdump-2.9-lp150.2 is installed
  • OR ftgamma-2.9-lp150.2 is installed
  • OR ftgrid-2.9-lp150.2 is installed
  • OR ftinspect-2.9-lp150.2 is installed
  • OR ftlint-2.9-lp150.2 is installed
  • OR ftmulti-2.9-lp150.2 is installed
  • OR ftstring-2.9-lp150.2 is installed
  • OR ftvalid-2.9-lp150.2 is installed
  • OR ftview-2.9-lp150.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-10.0.12-0.4 is installed
  • OR MozillaFirefox-translations-10.0.12-0.4 is installed
  • OR libfreebl3-3.14.1-0.3 is installed
  • OR libfreebl3-32bit-3.14.1-0.3 is installed
  • OR mozilla-nspr-4.9.4-0.3 is installed
  • OR mozilla-nspr-32bit-4.9.4-0.3 is installed
  • OR mozilla-nss-3.14.1-0.3 is installed
  • OR mozilla-nss-32bit-3.14.1-0.3 is installed
  • OR mozilla-nss-tools-3.14.1-0.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • gtk2-2.18.9-0.39 is installed
  • OR gtk2-32bit-2.18.9-0.39 is installed
  • OR gtk2-lang-2.18.9-0.39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • kernel-default-3.0.101-65 is installed
  • OR kernel-default-base-3.0.101-65 is installed
  • OR kernel-default-devel-3.0.101-65 is installed
  • OR kernel-default-extra-3.0.101-65 is installed
  • OR kernel-pae-3.0.101-65 is installed
  • OR kernel-pae-base-3.0.101-65 is installed
  • OR kernel-pae-devel-3.0.101-65 is installed
  • OR kernel-pae-extra-3.0.101-65 is installed
  • OR kernel-source-3.0.101-65 is installed
  • OR kernel-syms-3.0.101-65 is installed
  • OR kernel-trace-3.0.101-65 is installed
  • OR kernel-trace-devel-3.0.101-65 is installed
  • OR kernel-xen-3.0.101-65 is installed
  • OR kernel-xen-base-3.0.101-65 is installed
  • OR kernel-xen-devel-3.0.101-65 is installed
  • OR kernel-xen-extra-3.0.101-65 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • liblzo2-2-2.08-1 is installed
  • OR liblzo2-2-32bit-2.08-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND argyllcms-1.6.3-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND bogofilter-1.2.4-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libkde4-4.12.0-10 is installed
  • OR libkde4-32bit-4.12.0-10 is installed
  • OR libkdecore4-4.12.0-10 is installed
  • OR libkdecore4-32bit-4.12.0-10 is installed
  • OR libksuseinstall1-4.12.0-10 is installed
  • OR libksuseinstall1-32bit-4.12.0-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • lcms-1.19-17 is installed
  • OR liblcms1-1.19-17 is installed
  • OR liblcms1-32bit-1.19-17 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_13-default-7-2 is installed
  • OR kernel-livepatch-SLE15_Update_3-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • accountsservice-0.6.35-3 is installed
  • OR accountsservice-lang-0.6.35-3 is installed
  • OR libaccountsservice0-0.6.35-3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.35-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_69-default-4-2 is installed
  • OR kgraft-patch-3_12_74-60_64_69-xen-4-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_24-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libpoppler-glib8-0.43.0-15 is installed
  • OR libpoppler-qt4-4-0.43.0-15 is installed
  • OR libpoppler60-0.43.0-15 is installed
  • OR poppler-tools-0.43.0-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.35-38.29 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.35-38.29 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.35-38.29 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.35-38.29 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.35-38.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libsystemd0-228-150.58 is installed
  • OR libsystemd0-32bit-228-150.58 is installed
  • OR libudev1-228-150.58 is installed
  • OR libudev1-32bit-228-150.58 is installed
  • OR systemd-228-150.58 is installed
  • OR systemd-32bit-228-150.58 is installed
  • OR systemd-bash-completion-228-150.58 is installed
  • OR systemd-sysvinit-228-150.58 is installed
  • OR udev-228-150.58 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • xen-4.7.6_05-43.42 is installed
  • OR xen-doc-html-4.7.6_05-43.42 is installed
  • OR xen-libs-4.7.6_05-43.42 is installed
  • OR xen-libs-32bit-4.7.6_05-43.42 is installed
  • OR xen-tools-4.7.6_05-43.42 is installed
  • OR xen-tools-domU-4.7.6_05-43.42 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • automake-1.13.4-6 is installed
  • OR m4-1.4.16-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND gdb-8.3.1-2.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • bzip2-1.0.6-30.8 is installed
  • OR bzip2-doc-1.0.6-30.8 is installed
  • OR libbz2-1-1.0.6-30.8 is installed
  • OR libbz2-1-32bit-1.0.6-30.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libexif-0.6.21-8.6 is installed
  • OR libexif12-0.6.21-8.6 is installed
  • OR libexif12-32bit-0.6.21-8.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • liblouis-2.6.4-6.6 is installed
  • OR liblouis-data-2.6.4-6.6 is installed
  • OR liblouis9-2.6.4-6.6 is installed
  • OR python-louis-2.6.4-6.6 is installed
  • OR python3-louis-2.6.4-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • cyrus-sasl-2.1.26-8.7 is installed
  • OR cyrus-sasl-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-crammd5-2.1.26-8.7 is installed
  • OR cyrus-sasl-crammd5-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-digestmd5-2.1.26-8.7 is installed
  • OR cyrus-sasl-gssapi-2.1.26-8.7 is installed
  • OR cyrus-sasl-gssapi-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-otp-2.1.26-8.7 is installed
  • OR cyrus-sasl-otp-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-plain-2.1.26-8.7 is installed
  • OR cyrus-sasl-plain-32bit-2.1.26-8.7 is installed
  • OR cyrus-sasl-saslauthd-2.1.26-8.7 is installed
  • OR cyrus-sasl-sqlauxprop-2.1.26-8.7 is installed
  • OR cyrus-sasl-sqlauxprop-32bit-2.1.26-8.7 is installed
  • OR libsasl2-3-2.1.26-8.7 is installed
  • OR libsasl2-3-32bit-2.1.26-8.7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • MozillaFirefox-52.2.0esr-108 is installed
  • OR MozillaFirefox-branding-SLE-52-31 is installed
  • OR MozillaFirefox-devel-52.2.0esr-108 is installed
  • OR MozillaFirefox-translations-52.2.0esr-108 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • ntp-4.2.8p13-85 is installed
  • OR ntp-doc-4.2.8p13-85 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ansible-2.4.6.0-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • libsqlite3-0-3.8.10.2-9.15 is installed
  • OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed
  • OR sqlite3-3.8.10.2-9.15 is installed
    • BACK