Oval Definition:	oval:org.opensuse.security:def:52689
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 5 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-25_19 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics may allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135280). Family: unix Class: patch Status: Reference(s): 1124729 1124734 1126284 1128378 1133191 1135280 1136446 1136935 1137597 870151 899712 907453 921999 927806 927807 927808 939709 939712 CVE-2008-1420 CVE-2009-0758 CVE-2009-3379 CVE-2010-0405 CVE-2010-2244 CVE-2011-1002 CVE-2012-0247 CVE-2012-0248 CVE-2012-0444 CVE-2012-1185 CVE-2012-1186 CVE-2014-0139 CVE-2014-2892 CVE-2014-3618 CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 CVE-2014-8354 CVE-2014-8355 CVE-2014-8562 CVE-2014-8716 CVE-2014-8962 CVE-2014-9028 CVE-2014-9116 CVE-2014-9805 CVE-2014-9806 CVE-2014-9807 CVE-2014-9808 CVE-2014-9809 CVE-2014-9810 CVE-2014-9811 CVE-2014-9812 CVE-2014-9813 CVE-2014-9814 CVE-2014-9815 CVE-2014-9816 CVE-2014-9817 CVE-2014-9818 CVE-2014-9819 CVE-2014-9820 CVE-2014-9821 CVE-2014-9822 CVE-2014-9823 CVE-2014-9824 CVE-2014-9825 CVE-2014-9826 CVE-2014-9828 CVE-2014-9829 CVE-2014-9830 CVE-2014-9831 CVE-2014-9832 CVE-2014-9833 CVE-2014-9834 CVE-2014-9835 CVE-2014-9836 CVE-2014-9837 CVE-2014-9838 CVE-2014-9839 CVE-2014-9840 CVE-2014-9841 CVE-2014-9842 CVE-2014-9843 CVE-2014-9844 CVE-2014-9845 CVE-2014-9846 CVE-2014-9847 CVE-2014-9848 CVE-2014-9849 CVE-2014-9850 CVE-2014-9851 CVE-2014-9852 CVE-2014-9853 CVE-2014-9854 CVE-2014-9907 CVE-2015-0295 CVE-2015-1545 CVE-2015-1546 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860 CVE-2015-5165 CVE-2015-5166 CVE-2015-6908 CVE-2015-8894 CVE-2015-8895 CVE-2015-8896 CVE-2015-8897 CVE-2015-8898 CVE-2015-8900 CVE-2015-8901 CVE-2015-8902 CVE-2015-8903 CVE-2015-8957 CVE-2015-8958 CVE-2015-8959 CVE-2016-10046 CVE-2016-10048 CVE-2016-10049 CVE-2016-10050 CVE-2016-10051 CVE-2016-10052 CVE-2016-10059 CVE-2016-10060 CVE-2016-10061 CVE-2016-10062 CVE-2016-10063 CVE-2016-10064 CVE-2016-10065 CVE-2016-10068 CVE-2016-10069 CVE-2016-10070 CVE-2016-10071 CVE-2016-10144 CVE-2016-10145 CVE-2016-10146 CVE-2016-3714 CVE-2016-3715 CVE-2016-3716 CVE-2016-3717 CVE-2016-3718 CVE-2016-4562 CVE-2016-4563 CVE-2016-4564 CVE-2016-5010 CVE-2016-5118 CVE-2016-5687 CVE-2016-5688 CVE-2016-5689 CVE-2016-5690 CVE-2016-5691 CVE-2016-5841 CVE-2016-5842 CVE-2016-6491 CVE-2016-6520 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7531 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7537 CVE-2016-7538 CVE-2016-7539 CVE-2016-7540 CVE-2016-7799 CVE-2016-7800 CVE-2016-7996 CVE-2016-7997 CVE-2016-8677 CVE-2016-8682 CVE-2016-8683 CVE-2016-8684 CVE-2016-8707 CVE-2016-8862 CVE-2016-8866 CVE-2016-9556 CVE-2016-9559 CVE-2016-9773 CVE-2017-16899 CVE-2017-5506 CVE-2017-5507 CVE-2017-5508 CVE-2017-5510 CVE-2017-5511 CVE-2017-6502 CVE-2017-7606 CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8343 CVE-2017-8344 CVE-2017-8345 CVE-2017-8346 CVE-2017-8347 CVE-2017-8348 CVE-2017-8349 CVE-2017-8350 CVE-2017-8351 CVE-2017-8352 CVE-2017-8353 CVE-2017-8354 CVE-2017-8355 CVE-2017-8356 CVE-2017-8357 CVE-2017-8765 CVE-2017-8830 CVE-2017-9098 CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144 CVE-2017-9287 CVE-2019-11085 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-3846 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 SUSE-SU-2015:1383-1 SUSE-SU-2015:1384-1 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information gcab-1.1-lp150.1 is installed OR gcab-lang-1.1-lp150.1 is installed OR libgcab-1_0-0-1.1-lp150.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.5esr-0.4 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.5esr-0.4 is installed OR libfreebl3-3.14.3-0.4.3 is installed OR libfreebl3-32bit-3.14.3-0.4.3 is installed OR mozilla-nspr-4.9.6-0.3 is installed OR mozilla-nspr-32bit-4.9.6-0.3 is installed OR mozilla-nss-3.14.3-0.4.3 is installed OR mozilla-nss-32bit-3.14.3-0.4.3 is installed OR mozilla-nss-tools-3.14.3-0.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND icedtea-web-1.4.2-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information kernel-default-3.0.101-68 is installed OR kernel-default-base-3.0.101-68 is installed OR kernel-default-devel-3.0.101-68 is installed OR kernel-default-extra-3.0.101-68 is installed OR kernel-pae-3.0.101-68 is installed OR kernel-pae-base-3.0.101-68 is installed OR kernel-pae-devel-3.0.101-68 is installed OR kernel-pae-extra-3.0.101-68 is installed OR kernel-source-3.0.101-68 is installed OR kernel-syms-3.0.101-68 is installed OR kernel-trace-3.0.101-68 is installed OR kernel-trace-devel-3.0.101-68 is installed OR kernel-xen-3.0.101-68 is installed OR kernel-xen-base-3.0.101-68 is installed OR kernel-xen-devel-3.0.101-68 is installed OR kernel-xen-extra-3.0.101-68 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND libmms0-0.6.2-15 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information avahi-0.6.31-20 is installed OR avahi-lang-0.6.31-20 is installed OR libavahi-client3-0.6.31-20 is installed OR libavahi-client3-32bit-0.6.31-20 is installed OR libavahi-common3-0.6.31-20 is installed OR libavahi-common3-32bit-0.6.31-20 is installed OR libavahi-core7-0.6.31-20 is installed OR libdns_sd-0.6.31-20 is installed OR libdns_sd-32bit-0.6.31-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bzip2-1.0.6-29 is installed OR libbz2-1-1.0.6-29 is installed OR libbz2-1-32bit-1.0.6-29 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ImageMagick-6.8.8.1-70 is installed OR libMagick++-6_Q16-3-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-6.8.8.1-70 is installed OR libMagickCore-6_Q16-1-32bit-6.8.8.1-70 is installed OR libMagickWand-6_Q16-1-6.8.8.1-70 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND lftp-4.7.4-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_19-default-6-2 is installed OR kernel-livepatch-SLE15_Update_5-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND ant-1.9.4-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_63-default-6-2 is installed OR kgraft-patch-3_12_74-60_64_63-xen-6-2 is installed OR kgraft-patch-SLE12-SP1_Update_22-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libproxy1-0.4.13-16 is installed OR libproxy1-32bit-0.4.13-16 is installed OR libproxy1-config-gnome3-0.4.13-16 is installed OR libproxy1-config-gnome3-32bit-0.4.13-16 is installed OR libproxy1-networkmanager-0.4.13-16 is installed OR libproxy1-pacrunner-webkit-0.4.13-16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.25-30.39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.6_06-43.51 is installed OR xen-doc-html-4.7.6_06-43.51 is installed OR xen-libs-4.7.6_06-43.51 is installed OR xen-libs-32bit-4.7.6_06-43.51 is installed OR xen-tools-4.7.6_06-43.51 is installed OR xen-tools-domU-4.7.6_06-43.51 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information postgresql96-9.6.10-3.22 is installed OR postgresql96-contrib-9.6.10-3.22 is installed OR postgresql96-docs-9.6.10-3.22 is installed OR postgresql96-libs-9.6.10-3.22 is installed OR postgresql96-server-9.6.10-3.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ppp-2.4.7-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.24 is installed OR apache2-doc-2.4.23-29.24 is installed OR apache2-example-pages-2.4.23-29.24 is installed OR apache2-prefork-2.4.23-29.24 is installed OR apache2-utils-2.4.23-29.24 is installed OR apache2-worker-2.4.23-29.24 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information bind-9.9.9P1-62 is installed OR bind-chrootenv-9.9.9P1-62 is installed OR bind-devel-9.9.9P1-62 is installed OR bind-doc-9.9.9P1-62 is installed OR bind-libs-9.9.9P1-62 is installed OR bind-libs-32bit-9.9.9P1-62 is installed OR bind-utils-9.9.9P1-62 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libipa_hbac0-1.13.4-34.23 is installed OR libsss_idmap0-1.13.4-34.23 is installed OR libsss_sudo-1.13.4-34.23 is installed OR python-sssd-config-1.13.4-34.23 is installed OR sssd-1.13.4-34.23 is installed OR sssd-32bit-1.13.4-34.23 is installed OR sssd-ad-1.13.4-34.23 is installed OR sssd-ipa-1.13.4-34.23 is installed OR sssd-krb5-1.13.4-34.23 is installed OR sssd-krb5-common-1.13.4-34.23 is installed OR sssd-ldap-1.13.4-34.23 is installed OR sssd-proxy-1.13.4-34.23 is installed OR sssd-tools-1.13.4-34.23 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND clamav-0.100.3-33.26 is installed
BACK