Oval Definition:oval:org.opensuse.security:def:52688
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 4 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-25_16 fixes several issues.

The following security issues were fixed:

- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics may allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135280).
Family:unixClass:patch
Status:Reference(s):1124729
1124734
1126284
1128378
1133191
1135280
1136446
1136935
1137597
933591
939709
939712
940918
CVE-2007-6720
CVE-2009-0179
CVE-2009-0793
CVE-2009-3995
CVE-2009-3996
CVE-2009-4492
CVE-2010-0541
CVE-2010-2242
CVE-2010-2546
CVE-2011-1004
CVE-2011-1005
CVE-2011-1146
CVE-2011-2199
CVE-2011-2511
CVE-2011-4600
CVE-2011-4815
CVE-2012-3445
CVE-2013-0170
CVE-2013-1962
CVE-2013-2218
CVE-2013-2230
CVE-2013-4153
CVE-2013-4154
CVE-2013-4239
CVE-2013-4276
CVE-2013-4296
CVE-2013-4297
CVE-2013-4311
CVE-2013-4399
CVE-2013-4400
CVE-2013-4401
CVE-2013-6436
CVE-2013-6457
CVE-2013-6458
CVE-2014-0028
CVE-2014-0179
CVE-2014-1447
CVE-2014-2977
CVE-2014-2978
CVE-2014-3158
CVE-2014-3633
CVE-2014-3657
CVE-2014-7823
CVE-2014-8136
CVE-2014-8169
CVE-2014-9087
CVE-2014-9645
CVE-2015-0236
CVE-2015-3310
CVE-2015-4171
CVE-2015-4495
CVE-2015-5165
CVE-2015-5166
CVE-2015-5247
CVE-2016-10165
CVE-2016-4574
CVE-2016-4579
CVE-2018-16435
CVE-2019-11085
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-3846
CVE-2019-6974
CVE-2019-7221
CVE-2019-8912
CVE-2019-9213
SUSE-SU-2015:1196-1
SUSE-SU-2015:1379-1
SUSE-SU-2015:1384-1
SUSE-SU-2019:0845-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • fuse-2.9.7-lp150.1 is installed
  • OR libfuse2-2.9.7-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • MozillaFirefox-17.0.4esr-0.5 is installed
  • OR MozillaFirefox-branding-SLED-7-0.6.9 is installed
  • OR MozillaFirefox-translations-17.0.4esr-0.5 is installed
  • OR beagle-0.3.8-56.51 is installed
  • OR beagle-evolution-0.3.8-56.51 is installed
  • OR beagle-firefox-0.3.8-56.51 is installed
  • OR beagle-gui-0.3.8-56.51 is installed
  • OR beagle-lang-0.3.8-56.51 is installed
  • OR libfreebl3-3.14.2-0.4.3 is installed
  • OR libfreebl3-32bit-3.14.2-0.4.3 is installed
  • OR mhtml-firefox-0.5-1.47.51 is installed
  • OR mozilla-nspr-4.9.5-0.3 is installed
  • OR mozilla-nspr-32bit-4.9.5-0.3 is installed
  • OR mozilla-nss-3.14.2-0.4.3 is installed
  • OR mozilla-nss-32bit-3.14.2-0.4.3 is installed
  • OR mozilla-nss-tools-3.14.2-0.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • hplip-3.11.10-0.6.11 is installed
  • OR hplip-hpijs-3.11.10-0.6.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • kernel-default-3.0.101-71 is installed
  • OR kernel-default-base-3.0.101-71 is installed
  • OR kernel-default-devel-3.0.101-71 is installed
  • OR kernel-default-extra-3.0.101-71 is installed
  • OR kernel-pae-3.0.101-71 is installed
  • OR kernel-pae-base-3.0.101-71 is installed
  • OR kernel-pae-devel-3.0.101-71 is installed
  • OR kernel-pae-extra-3.0.101-71 is installed
  • OR kernel-source-3.0.101-71 is installed
  • OR kernel-syms-3.0.101-71 is installed
  • OR kernel-trace-3.0.101-71 is installed
  • OR kernel-trace-devel-3.0.101-71 is installed
  • OR kernel-xen-3.0.101-71 is installed
  • OR kernel-xen-base-3.0.101-71 is installed
  • OR kernel-xen-devel-3.0.101-71 is installed
  • OR kernel-xen-extra-3.0.101-71 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • libmikmod3-3.2.0-4 is installed
  • OR libmikmod3-32bit-3.2.0-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND autofs-5.0.9-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • lcms2-2.7-9.7 is installed
  • OR liblcms2-2-2.7-9.7 is installed
  • OR liblcms2-2-32bit-2.7-9.7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_16-default-6-2 is installed
  • OR kernel-livepatch-SLE15_Update_4-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • alsa-1.0.27.2-11 is installed
  • OR alsa-docs-1.0.27.2-11 is installed
  • OR libasound2-1.0.27.2-11 is installed
  • OR libasound2-32bit-1.0.27.2-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_66-default-5-2 is installed
  • OR kgraft-patch-3_12_74-60_64_66-xen-5-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libpoppler44-0.24.4-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • python-cryptography-1.3.1-7.13 is installed
  • OR python-pyOpenSSL-16.0.0-4.11 is installed
  • OR python-setuptools-18.0.1-4.8 is installed
  • OR python3-cryptography-1.3.1-7.13 is installed
  • OR python3-pyOpenSSL-16.0.0-4.11 is installed
  • OR python3-setuptools-18.0.1-4.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • curl-7.37.0-37.40 is installed
  • OR libcurl4-7.37.0-37.40 is installed
  • OR libcurl4-32bit-7.37.0-37.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • ntp-4.2.8p12-64.8 is installed
  • OR ntp-doc-4.2.8p12-64.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.14 is installed
  • OR libssh2-1-32bit-1.4.3-20.14 is installed
  • OR libssh2_org-1.4.3-20.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libpolkit0-0.113-5.18 is installed
  • OR polkit-0.113-5.18 is installed
  • OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.60 is installed
  • OR libopenssl1_0_0-1.0.2j-60.60 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.60 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.60 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.60 is installed
  • OR openssl-1.0.2j-60.60 is installed
  • OR openssl-doc-1.0.2j-60.60 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libzypp-16.17.20-2.33 is installed
  • OR zypper-1.13.45-21.21 is installed
  • OR zypper-log-1.13.45-21.21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND davfs2-1.5.2-2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.48 is installed
  • OR kernel-default-base-3.12.74-60.64.48 is installed
  • OR kernel-default-devel-3.12.74-60.64.48 is installed
  • OR kernel-devel-3.12.74-60.64.48 is installed
  • OR kernel-macros-3.12.74-60.64.48 is installed
  • OR kernel-source-3.12.74-60.64.48 is installed
  • OR kernel-syms-3.12.74-60.64.48 is installed
  • OR kernel-xen-3.12.74-60.64.48 is installed
  • OR kernel-xen-base-3.12.74-60.64.48 is installed
  • OR kernel-xen-devel-3.12.74-60.64.48 is installed
  • OR kgraft-patch-3_12_74-60_64_48-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_48-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_17-1-2 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.49 is installed
  • OR libopenssl1_0_0-1.0.2j-60.49 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.49 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.49 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.49 is installed
  • OR openssl-1.0.2j-60.49 is installed
  • OR openssl-doc-1.0.2j-60.49 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND python-urllib3-1.22-5.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • cups-1.7.5-20.26 is installed
  • OR cups-client-1.7.5-20.26 is installed
  • OR cups-libs-1.7.5-20.26 is installed
  • OR cups-libs-32bit-1.7.5-20.26 is installed
    • BACK