Revision Date: | 2020-12-01 | Version: | 1 |
Title: | Security update for the Linux Kernel (Live Patch 6 for SLE 15) (Important) |
Description: |
This update for the Linux Kernel 4.12.14-25_22 fixes several issues.
The following security issues were fixed:
- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2019-11085: Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics may allowed an authenticated user to potentially enable escalation of privilege via local access (bsc#1135280).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | 1133191 1135280 1136446 1136935 1137597 1171252 1171254 892431 906803 907809 908128 911228 937339 CVE-2009-0696 CVE-2009-1720 CVE-2009-1721 CVE-2009-3736 CVE-2009-4022 CVE-2010-0405 CVE-2010-2800 CVE-2010-2801 CVE-2010-3613 CVE-2010-3614 CVE-2010-3615 CVE-2011-0414 CVE-2011-1145 CVE-2011-1907 CVE-2011-1910 CVE-2011-2464 CVE-2011-2721 CVE-2011-3627 CVE-2011-4313 CVE-2012-1457 CVE-2012-1458 CVE-2012-1459 CVE-2012-1667 CVE-2012-3817 CVE-2012-3868 CVE-2012-4024 CVE-2012-4025 CVE-2012-4244 CVE-2012-5166 CVE-2012-5688 CVE-2012-5689 CVE-2013-2266 CVE-2013-4238 CVE-2013-4854 CVE-2013-6435 CVE-2013-6497 CVE-2014-0578 CVE-2014-0591 CVE-2014-8118 CVE-2014-8500 CVE-2014-8962 CVE-2014-9028 CVE-2014-9050 CVE-2014-9130 CVE-2014-9328 CVE-2015-0848 CVE-2015-1349 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463 CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2305 CVE-2015-2668 CVE-2015-2924 CVE-2015-3114 CVE-2015-3115 CVE-2015-3116 CVE-2015-3117 CVE-2015-3118 CVE-2015-3119 CVE-2015-3120 CVE-2015-3121 CVE-2015-3122 CVE-2015-3123 CVE-2015-3124 CVE-2015-3125 CVE-2015-3126 CVE-2015-3127 CVE-2015-3128 CVE-2015-3129 CVE-2015-3130 CVE-2015-3131 CVE-2015-3132 CVE-2015-3133 CVE-2015-3134 CVE-2015-3135 CVE-2015-3136 CVE-2015-3137 CVE-2015-4428 CVE-2015-4429 CVE-2015-4430 CVE-2015-4431 CVE-2015-4432 CVE-2015-4433 CVE-2015-4588 CVE-2015-4620 CVE-2015-4695 CVE-2015-4696 CVE-2015-5116 CVE-2015-5117 CVE-2015-5118 CVE-2015-5119 CVE-2015-5477 CVE-2015-5722 CVE-2016-0764 CVE-2016-0772 CVE-2016-1000110 CVE-2016-5636 CVE-2016-5699 CVE-2018-7409 CVE-2018-7485 CVE-2019-11085 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-3846 CVE-2020-12653 CVE-2020-12654 SUSE-SU-2015:1211-1
|
Platform(s): | openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8
| Product(s): | |
Definition Synopsis |
openSUSE Leap 15.0 is installed AND Package Information
gdk-pixbuf-loader-rsvg-2.42.3-lp150.1 is installed
OR librsvg-2-2-2.42.3-lp150.1 is installed
OR rsvg-thumbnailer-2.42.3-lp150.1 is installed
OR typelib-1_0-Rsvg-2_0-2.42.3-lp150.1 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP2 is installed
AND Package Information
Mesa-7.11.2-0.9 is installed
OR Mesa-32bit-7.11.2-0.9 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP3 is installed
AND Package Information
libjasper-1.900.1-134.17 is installed
OR libjasper-32bit-1.900.1-134.17 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 11 SP4 is installed
AND Package Information
krb5-1.6.3-133.49.103 is installed
OR krb5-32bit-1.6.3-133.49.103 is installed
OR krb5-client-1.6.3-133.49.103 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 is installed
AND libmspack0-0.4-3 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP1 is installed
AND Package Information
bind-libs-9.9.6P1-30 is installed
OR bind-libs-32bit-9.9.6P1-30 is installed
OR bind-utils-9.9.6P1-30 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP2 is installed
AND clamav-0.99.2-25 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP3 is installed
AND Package Information
NetworkManager-1.0.12-12 is installed
OR NetworkManager-lang-1.0.12-12 is installed
OR libnm-glib-vpn1-1.0.12-12 is installed
OR libnm-glib4-1.0.12-12 is installed
OR libnm-util2-1.0.12-12 is installed
OR libnm0-1.0.12-12 is installed
OR typelib-1_0-NM-1_0-1.0.12-12 is installed
OR typelib-1_0-NMClient-1_0-1.0.12-12 is installed
OR typelib-1_0-NetworkManager-1_0-1.0.12-12 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Desktop 12 SP4 is installed
AND Package Information
libFLAC++6-1.3.0-11 is installed
OR libFLAC++6-32bit-1.3.0-11 is installed
OR libFLAC8-1.3.0-11 is installed
OR libFLAC8-32bit-1.3.0-11 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Module for Live Patching 15 is installed
AND Package Information
kernel-livepatch-4_12_14-25_22-default-5-2 is installed
OR kernel-livepatch-SLE15_Update_6-5-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1 is installed
AND Package Information
apache-commons-daemon-1.0.15-4 is installed
OR apache-commons-daemon-javadoc-1.0.15-4 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP1-LTSS is installed
AND Package Information
kgraft-patch-3_12_74-60_64_57-default-9-2 is installed
OR kgraft-patch-3_12_74-60_64_57-xen-9-2 is installed
OR kgraft-patch-SLE12-SP1_Update_20-9-2 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2 is installed
AND Package Information
libpython2_7-1_0-2.7.9-24 is installed
OR libpython2_7-1_0-32bit-2.7.9-24 is installed
OR python-base-2.7.9-24 is installed
OR python-base-32bit-2.7.9-24 is installed
OR python-xml-2.7.9-24 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-BCL is installed
AND Package Information
git-2.12.3-27.17 is installed
OR git-core-2.12.3-27.17 is installed
OR git-doc-2.12.3-27.17 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
AND Package Information
java-1_7_0-openjdk-1.7.0.221-43.22 is installed
OR java-1_7_0-openjdk-demo-1.7.0.221-43.22 is installed
OR java-1_7_0-openjdk-devel-1.7.0.221-43.22 is installed
OR java-1_7_0-openjdk-headless-1.7.0.221-43.22 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP2-LTSS is installed
AND clamav-0.100.2-33.18 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3 is installed
AND Package Information
accountsservice-0.6.42-14 is installed
OR accountsservice-lang-0.6.42-14 is installed
OR libaccountsservice0-0.6.42-14 is installed
OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-BCL is installed
AND ucode-intel-20191112-13.53 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
AND Package Information
evince-3.20.2-6.27 is installed
OR evince-browser-plugin-3.20.2-6.27 is installed
OR evince-lang-3.20.2-6.27 is installed
OR evince-plugin-djvudocument-3.20.2-6.27 is installed
OR evince-plugin-dvidocument-3.20.2-6.27 is installed
OR evince-plugin-pdfdocument-3.20.2-6.27 is installed
OR evince-plugin-psdocument-3.20.2-6.27 is installed
OR evince-plugin-tiffdocument-3.20.2-6.27 is installed
OR evince-plugin-xpsdocument-3.20.2-6.27 is installed
OR libevdocument3-4-3.20.2-6.27 is installed
OR libevview3-3-3.20.2-6.27 is installed
OR nautilus-evince-3.20.2-6.27 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-LTSS is installed
AND Package Information
libmysqlclient18-10.0.40.2-29.35 is installed
OR libmysqlclient18-32bit-10.0.40.2-29.35 is installed
OR mariadb-10.0.40.2-29.35 is installed
OR mariadb-client-10.0.40.2-29.35 is installed
OR mariadb-errormessages-10.0.40.2-29.35 is installed
OR mariadb-tools-10.0.40.2-29.35 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
AND Package Information
java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed
OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed
OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
|
Definition Synopsis |
SUSE Linux Enterprise Server 12 SP4 is installed
AND SuSEfirewall2-3.6.312.333-3.13 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 6 is installed
AND sudo-1.8.10p3-2.19 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 7 is installed
AND Package Information
kernel-default-4.4.121-92.104 is installed
OR kernel-default-base-4.4.121-92.104 is installed
OR kernel-default-devel-4.4.121-92.104 is installed
OR kernel-default-man-4.4.121-92.104 is installed
OR kernel-devel-4.4.121-92.104 is installed
OR kernel-macros-4.4.121-92.104 is installed
OR kernel-source-4.4.121-92.104 is installed
OR kernel-syms-4.4.121-92.104 is installed
OR kgraft-patch-4_4_121-92_104-default-1-3.3 is installed
OR kgraft-patch-SLE12-SP2_Update_28-1-3.3 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud 8 is installed
AND Package Information
libjavascriptcoregtk-4_0-18-2.24.4-2.47 is installed
OR libwebkit2gtk-4_0-37-2.24.4-2.47 is installed
OR libwebkit2gtk3-lang-2.24.4-2.47 is installed
OR typelib-1_0-JavaScriptCore-4_0-2.24.4-2.47 is installed
OR typelib-1_0-WebKit2-4_0-2.24.4-2.47 is installed
OR webkit2gtk-4_0-injected-bundles-2.24.4-2.47 is installed
OR webkit2gtk3-2.24.4-2.47 is installed
|
Definition Synopsis |
SUSE OpenStack Cloud Crowbar 8 is installed
AND Package Information
java-1_7_0-openjdk-1.7.0.241-43.30 is installed
OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed
OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed
OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed
|