Oval Definition:oval:org.opensuse.security:def:52694
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 2 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-25_6 fixes several issues.

The following security issues were fixed:

- CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424).

This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).
Family:unixClass:patch
Status:Reference(s):1136446
1137597
1140747
1171252
1171254
914333
914463
931972
931973
931974
CVE-2007-6720
CVE-2008-4225
CVE-2008-4225
CVE-2008-4226
CVE-2008-4226
CVE-2008-4409
CVE-2008-4409
CVE-2009-0035
CVE-2009-0179
CVE-2009-1720
CVE-2009-1721
CVE-2009-2473
CVE-2009-2474
CVE-2009-3995
CVE-2009-3996
CVE-2010-2546
CVE-2010-4494
CVE-2011-1944
CVE-2011-4182
CVE-2012-5134
CVE-2012-5134
CVE-2013-0221
CVE-2013-0222
CVE-2013-0223
CVE-2013-0338
CVE-2013-1969
CVE-2013-1988
CVE-2014-0191
CVE-2014-3660
CVE-2014-9645
CVE-2015-0310
CVE-2015-0311
CVE-2015-0840
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE-2015-4041
CVE-2015-4042
CVE-2016-1762
CVE-2016-1833
CVE-2016-1834
CVE-2016-1835
CVE-2016-1836
CVE-2016-1837
CVE-2016-1838
CVE-2016-1839
CVE-2016-1840
CVE-2016-3627
CVE-2016-3705
CVE-2016-4483
CVE-2017-12596
CVE-2017-9110
CVE-2017-9114
CVE-2019-11477
CVE-2019-11478
CVE-2019-3846
CVE-2020-12653
CVE-2020-12654
SUSE-SU-2015:1264-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • ghostscript-9.23-lp150.1 is installed
  • OR ghostscript-x11-9.23-lp150.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • bind-libs-9.9.4P2-0.6 is installed
  • OR bind-libs-32bit-9.9.4P2-0.6 is installed
  • OR bind-utils-9.9.4P2-0.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.91-0.14 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.91-0.14 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.91-0.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND kvm-1.4.2-32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND libneon27-0.30.0-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • coreutils-8.25-12 is installed
  • OR coreutils-lang-8.25-12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libIlmImf-Imf_2_1-21-2.1.0-6.3 is installed
  • OR libIlmImf-Imf_2_1-21-32bit-2.1.0-6.3 is installed
  • OR openexr-2.1.0-6.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-25_6-default-10-2 is installed
  • OR kernel-livepatch-SLE15_Update_2-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • MozillaFirefox-38.4.0esr-51 is installed
  • OR MozillaFirefox-translations-38.4.0esr-51 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_40-default-11-2 is installed
  • OR kgraft-patch-3_12_74-60_64_40-xen-11-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_15-11-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND libraptor2-0-2.0.10-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • qemu-2.6.2-41.46 is installed
  • OR qemu-block-curl-2.6.2-41.46 is installed
  • OR qemu-block-rbd-2.6.2-41.46 is installed
  • OR qemu-block-ssh-2.6.2-41.46 is installed
  • OR qemu-guest-agent-2.6.2-41.46 is installed
  • OR qemu-ipxe-1.0.0-41.46 is installed
  • OR qemu-kvm-2.6.2-41.46 is installed
  • OR qemu-lang-2.6.2-41.46 is installed
  • OR qemu-seabios-1.9.1-41.46 is installed
  • OR qemu-sgabios-8-41.46 is installed
  • OR qemu-tools-2.6.2-41.46 is installed
  • OR qemu-vgabios-1.9.1-41.46 is installed
  • OR qemu-x86-2.6.2-41.46 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_85-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_23-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • res-signingkeys-3.0.38-52.26 is installed
  • OR smt-3.0.38-52.26 is installed
  • OR smt-support-3.0.38-52.26 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • apache-commons-beanutils-1.9.2-1 is installed
  • OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libecpg6-10.9-1.12 is installed
  • OR libpq5-10.9-1.12 is installed
  • OR libpq5-32bit-10.9-1.12 is installed
  • OR postgresql10-10.9-1.12 is installed
  • OR postgresql10-contrib-10.9-1.12 is installed
  • OR postgresql10-docs-10.9-1.12 is installed
  • OR postgresql10-libs-10.9-1.12 is installed
  • OR postgresql10-plperl-10.9-1.12 is installed
  • OR postgresql10-plpython-10.9-1.12 is installed
  • OR postgresql10-pltcl-10.9-1.12 is installed
  • OR postgresql10-server-10.9-1.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND log4j-1.2.15-126.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • gnutls-3.3.27-3.3 is installed
  • OR libgnutls-openssl27-3.3.27-3.3 is installed
  • OR libgnutls28-3.3.27-3.3 is installed
  • OR libgnutls28-32bit-3.3.27-3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • alsa-1.0.27.2-15 is installed
  • OR alsa-docs-1.0.27.2-15 is installed
  • OR libasound2-1.0.27.2-15 is installed
  • OR libasound2-32bit-1.0.27.2-15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • xorg-x11-server-7.6_1.15.2-53.3 is installed
  • OR xorg-x11-server-extra-7.6_1.15.2-53.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • apache2-2.4.23-29.40 is installed
  • OR apache2-doc-2.4.23-29.40 is installed
  • OR apache2-example-pages-2.4.23-29.40 is installed
  • OR apache2-prefork-2.4.23-29.40 is installed
  • OR apache2-utils-2.4.23-29.40 is installed
  • OR apache2-worker-2.4.23-29.40 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND haproxy-1.6.11-11.3 is installed
    • BACK