Oval Definition:oval:org.opensuse.security:def:52691
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 6 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-25_22 fixes several issues.

The following security issues were fixed:

- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics may allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135280).
Family:unixClass:patch
Status:Reference(s):1133191
1135280
1136446
1136935
1137597
1171252
1171254
892431
906803
907809
908128
911228
937339
CVE-2009-0696
CVE-2009-1720
CVE-2009-1721
CVE-2009-3736
CVE-2009-4022
CVE-2010-0405
CVE-2010-2800
CVE-2010-2801
CVE-2010-3613
CVE-2010-3614
CVE-2010-3615
CVE-2011-0414
CVE-2011-1145
CVE-2011-1907
CVE-2011-1910
CVE-2011-2464
CVE-2011-2721
CVE-2011-3627
CVE-2011-4313
CVE-2012-1457
CVE-2012-1458
CVE-2012-1459
CVE-2012-1667
CVE-2012-3817
CVE-2012-3868
CVE-2012-4024
CVE-2012-4025
CVE-2012-4244
CVE-2012-5166
CVE-2012-5688
CVE-2012-5689
CVE-2013-2266
CVE-2013-4238
CVE-2013-4854
CVE-2013-6435
CVE-2013-6497
CVE-2014-0578
CVE-2014-0591
CVE-2014-8118
CVE-2014-8500
CVE-2014-8962
CVE-2014-9028
CVE-2014-9050
CVE-2014-9130
CVE-2014-9328
CVE-2015-0848
CVE-2015-1349
CVE-2015-1461
CVE-2015-1462
CVE-2015-1463
CVE-2015-2170
CVE-2015-2221
CVE-2015-2222
CVE-2015-2305
CVE-2015-2668
CVE-2015-2924
CVE-2015-3114
CVE-2015-3115
CVE-2015-3116
CVE-2015-3117
CVE-2015-3118
CVE-2015-3119
CVE-2015-3120
CVE-2015-3121
CVE-2015-3122
CVE-2015-3123
CVE-2015-3124
CVE-2015-3125
CVE-2015-3126
CVE-2015-3127
CVE-2015-3128
CVE-2015-3129
CVE-2015-3130
CVE-2015-3131
CVE-2015-3132
CVE-2015-3133
CVE-2015-3134
CVE-2015-3135
CVE-2015-3136
CVE-2015-3137
CVE-2015-4428
CVE-2015-4429
CVE-2015-4430
CVE-2015-4431
CVE-2015-4432
CVE-2015-4433
CVE-2015-4588
CVE-2015-4620
CVE-2015-4695
CVE-2015-4696
CVE-2015-5116
CVE-2015-5117
CVE-2015-5118
CVE-2015-5119
CVE-2015-5477
CVE-2015-5722
CVE-2016-0764
CVE-2016-0772
CVE-2016-1000110
CVE-2016-5636
CVE-2016-5699
CVE-2018-7409
CVE-2018-7485
CVE-2019-11085
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-3846
CVE-2020-12653
CVE-2020-12654
SUSE-SU-2015:1211-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • gdk-pixbuf-loader-rsvg-2.42.3-lp150.1 is installed
  • OR librsvg-2-2-2.42.3-lp150.1 is installed
  • OR rsvg-thumbnailer-2.42.3-lp150.1 is installed
  • OR typelib-1_0-Rsvg-2_0-2.42.3-lp150.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • Mesa-7.11.2-0.9 is installed
  • OR Mesa-32bit-7.11.2-0.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libjasper-1.900.1-134.17 is installed
  • OR libjasper-32bit-1.900.1-134.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • krb5-1.6.3-133.49.103 is installed
  • OR krb5-32bit-1.6.3-133.49.103 is installed
  • OR krb5-client-1.6.3-133.49.103 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND libmspack0-0.4-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • bind-libs-9.9.6P1-30 is installed
  • OR bind-libs-32bit-9.9.6P1-30 is installed
  • OR bind-utils-9.9.6P1-30 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND clamav-0.99.2-25 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • NetworkManager-1.0.12-12 is installed
  • OR NetworkManager-lang-1.0.12-12 is installed
  • OR libnm-glib-vpn1-1.0.12-12 is installed
  • OR libnm-glib4-1.0.12-12 is installed
  • OR libnm-util2-1.0.12-12 is installed
  • OR libnm0-1.0.12-12 is installed
  • OR typelib-1_0-NM-1_0-1.0.12-12 is installed
  • OR typelib-1_0-NMClient-1_0-1.0.12-12 is installed
  • OR typelib-1_0-NetworkManager-1_0-1.0.12-12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libFLAC++6-1.3.0-11 is installed
  • OR libFLAC++6-32bit-1.3.0-11 is installed
  • OR libFLAC8-1.3.0-11 is installed
  • OR libFLAC8-32bit-1.3.0-11 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_22-default-5-2 is installed
  • OR kernel-livepatch-SLE15_Update_6-5-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • apache-commons-daemon-1.0.15-4 is installed
  • OR apache-commons-daemon-javadoc-1.0.15-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_57-default-9-2 is installed
  • OR kgraft-patch-3_12_74-60_64_57-xen-9-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_20-9-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.9-24 is installed
  • OR libpython2_7-1_0-32bit-2.7.9-24 is installed
  • OR python-base-2.7.9-24 is installed
  • OR python-base-32bit-2.7.9-24 is installed
  • OR python-xml-2.7.9-24 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • git-2.12.3-27.17 is installed
  • OR git-core-2.12.3-27.17 is installed
  • OR git-doc-2.12.3-27.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.221-43.22 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.221-43.22 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND clamav-0.100.2-33.18 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND ucode-intel-20191112-13.53 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • evince-3.20.2-6.27 is installed
  • OR evince-browser-plugin-3.20.2-6.27 is installed
  • OR evince-lang-3.20.2-6.27 is installed
  • OR evince-plugin-djvudocument-3.20.2-6.27 is installed
  • OR evince-plugin-dvidocument-3.20.2-6.27 is installed
  • OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
  • OR evince-plugin-psdocument-3.20.2-6.27 is installed
  • OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
  • OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
  • OR libevdocument3-4-3.20.2-6.27 is installed
  • OR libevview3-3-3.20.2-6.27 is installed
  • OR nautilus-evince-3.20.2-6.27 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libmysqlclient18-10.0.40.2-29.35 is installed
  • OR libmysqlclient18-32bit-10.0.40.2-29.35 is installed
  • OR mariadb-10.0.40.2-29.35 is installed
  • OR mariadb-client-10.0.40.2-29.35 is installed
  • OR mariadb-errormessages-10.0.40.2-29.35 is installed
  • OR mariadb-tools-10.0.40.2-29.35 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND SuSEfirewall2-3.6.312.333-3.13 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND sudo-1.8.10p3-2.19 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • kernel-default-4.4.121-92.104 is installed
  • OR kernel-default-base-4.4.121-92.104 is installed
  • OR kernel-default-devel-4.4.121-92.104 is installed
  • OR kernel-default-man-4.4.121-92.104 is installed
  • OR kernel-devel-4.4.121-92.104 is installed
  • OR kernel-macros-4.4.121-92.104 is installed
  • OR kernel-source-4.4.121-92.104 is installed
  • OR kernel-syms-4.4.121-92.104 is installed
  • OR kgraft-patch-4_4_121-92_104-default-1-3.3 is installed
  • OR kgraft-patch-SLE12-SP2_Update_28-1-3.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
  • OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
  • OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
  • OR webkit2gtk3-2.24.4-2.47 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed
  • BACK