Oval Definition:	oval:org.opensuse.security:def:52697
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 5 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-25_19 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424). This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747). Family: unix Class: patch Status: Reference(s): 1136446 1137597 1140747 1171252 1171254 902676 902677 903655 905735 905736 906574 919053 919062 920865 920896 921333 924663 924960 924961 929237 934789 936407 936408 936409 CVE-2010-0405 CVE-2010-2074 CVE-2011-0020 CVE-2011-0064 CVE-2011-1000 CVE-2011-2721 CVE-2011-3627 CVE-2012-1457 CVE-2012-1458 CVE-2012-1459 CVE-2012-4929 CVE-2013-1431 CVE-2013-1983 CVE-2013-6497 CVE-2014-1829 CVE-2014-1830 CVE-2014-7202 CVE-2014-7203 CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738 CVE-2014-8964 CVE-2014-9050 CVE-2014-9328 CVE-2014-9474 CVE-2014-9721 CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463 CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2296 CVE-2015-2305 CVE-2015-2325 CVE-2015-2326 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-2668 CVE-2015-3152 CVE-2015-3451 CVE-2016-6318 CVE-2016-6354 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443 CVE-2016-9621 CVE-2016-9622 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633 CVE-2018-1000223 CVE-2019-11477 CVE-2019-11478 CVE-2019-3846 CVE-2020-12653 CVE-2020-12654 SUSE-SU-2015:1273-1 SUSE-SU-2015:1439-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information glibc-2.26-lp150.10 is installed OR glibc-32bit-2.26-lp150.10 is installed OR glibc-extra-2.26-lp150.10 is installed OR glibc-locale-2.26-lp150.10 is installed OR glibc-locale-32bit-2.26-lp150.10 is installed OR nscd-2.26-lp150.10 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information evolution-3.26.6-lp151.4.3 is installed OR evolution-devel-3.26.6-lp151.4.3 is installed OR evolution-lang-3.26.6-lp151.4.3 is installed OR evolution-plugin-bogofilter-3.26.6-lp151.4.3 is installed OR evolution-plugin-pst-import-3.26.6-lp151.4.3 is installed OR evolution-plugin-spamassassin-3.26.6-lp151.4.3 is installed OR glade-catalog-evolution-3.26.6-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libldb1-3.6.3-0.33.39 is installed OR libldb1-32bit-3.6.3-0.33.39 is installed OR libsmbclient0-3.6.3-0.33.39 is installed OR libsmbclient0-32bit-3.6.3-0.33.39 is installed OR libtalloc1-3.4.3-1.50 is installed OR libtalloc1-32bit-3.4.3-1.50 is installed OR libtalloc2-3.6.3-0.33.39 is installed OR libtalloc2-32bit-3.6.3-0.33.39 is installed OR libtdb1-3.6.3-0.33.39 is installed OR libtdb1-32bit-3.6.3-0.33.39 is installed OR libtevent0-3.6.3-0.33.39 is installed OR libtevent0-32bit-3.6.3-0.33.39 is installed OR libwbclient0-3.6.3-0.33.39 is installed OR libwbclient0-32bit-3.6.3-0.33.39 is installed OR samba-3.6.3-0.33.39 is installed OR samba-32bit-3.6.3-0.33.39 is installed OR samba-client-3.6.3-0.33.39 is installed OR samba-client-32bit-3.6.3-0.33.39 is installed OR samba-doc-3.6.3-0.33.39 is installed OR samba-krb-printing-3.6.3-0.33.39 is installed OR samba-winbind-3.6.3-0.33.39 is installed OR samba-winbind-32bit-3.6.3-0.33.39 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information kde4-l10n-ar-4.3.5-0.3 is installed OR kde4-l10n-cs-4.3.5-0.3 is installed OR kde4-l10n-da-4.3.5-0.3 is installed OR kde4-l10n-da-data-4.3.5-0.3 is installed OR kde4-l10n-da-doc-4.3.5-0.3 is installed OR kde4-l10n-de-4.3.5-0.3 is installed OR kde4-l10n-de-data-4.3.5-0.3 is installed OR kde4-l10n-de-doc-4.3.5-0.3 is installed OR kde4-l10n-en_GB-4.3.5-0.3 is installed OR kde4-l10n-es-4.3.5-0.3 is installed OR kde4-l10n-es-data-4.3.5-0.3 is installed OR kde4-l10n-es-doc-4.3.5-0.3 is installed OR kde4-l10n-fr-4.3.5-0.3 is installed OR kde4-l10n-fr-data-4.3.5-0.3 is installed OR kde4-l10n-fr-doc-4.3.5-0.3 is installed OR kde4-l10n-hu-4.3.5-0.3 is installed OR kde4-l10n-it-4.3.5-0.3 is installed OR kde4-l10n-it-data-4.3.5-0.3 is installed OR kde4-l10n-it-doc-4.3.5-0.3 is installed OR kde4-l10n-ja-4.3.5-0.3 is installed OR kde4-l10n-ko-4.3.5-0.3 is installed OR kde4-l10n-nb-4.3.5-0.3 is installed OR kde4-l10n-nl-4.3.5-0.3 is installed OR kde4-l10n-nl-data-4.3.5-0.3 is installed OR kde4-l10n-nl-doc-4.3.5-0.3 is installed OR kde4-l10n-pl-4.3.5-0.3 is installed OR kde4-l10n-pl-data-4.3.5-0.3 is installed OR kde4-l10n-pl-doc-4.3.5-0.3 is installed OR kde4-l10n-pt-4.3.5-0.3 is installed OR kde4-l10n-pt_BR-4.3.5-0.3 is installed OR kde4-l10n-pt_BR-data-4.3.5-0.3 is installed OR kde4-l10n-pt_BR-doc-4.3.5-0.3 is installed OR kde4-l10n-ru-4.3.5-0.3 is installed OR kde4-l10n-ru-data-4.3.5-0.3 is installed OR kde4-l10n-ru-doc-4.3.5-0.3 is installed OR kde4-l10n-sv-4.3.5-0.3 is installed OR kde4-l10n-sv-data-4.3.5-0.3 is installed OR kde4-l10n-sv-doc-4.3.5-0.3 is installed OR kde4-l10n-zh_CN-4.3.5-0.3 is installed OR kde4-l10n-zh_TW-4.3.5-0.3 is installed OR kdebase4-runtime-4.3.5-0.3 is installed OR kdebase4-runtime-xine-4.3.5-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND libksba-1.0.4-1.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libpango-1_0-0-1.36.3-4 is installed OR libpango-1_0-0-32bit-1.36.3-4 is installed OR pango-modules-1.36.3-4 is installed OR pango-modules-32bit-1.36.3-4 is installed OR typelib-1_0-Pango-1_0-1.36.3-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND clamav-0.98.7-13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information at-3.1.14-7 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libSoundTouch0-1.7.1-5.3 is installed OR libSoundTouch0-32bit-1.7.1-5.3 is installed OR soundtouch-1.7.1-5.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_19-default-7-2 is installed OR kernel-livepatch-SLE15_Update_5-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_88-default-2-2 is installed OR kgraft-patch-3_12_74-60_64_88-xen-2-2 is installed OR kgraft-patch-SLE12-SP1_Update_27-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libsndfile1-1.0.25-25 is installed OR libsndfile1-32bit-1.0.25-25 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.73 is installed OR kernel-default-base-4.4.121-92.73 is installed OR kernel-default-devel-4.4.121-92.73 is installed OR kernel-devel-4.4.121-92.73 is installed OR kernel-macros-4.4.121-92.73 is installed OR kernel-source-4.4.121-92.73 is installed OR kernel-syms-4.4.121-92.73 is installed OR kgraft-patch-4_4_121-92_73-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_21-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ghostscript-9.26a-23.19 is installed OR ghostscript-x11-9.26a-23.19 is installed OR libspectre-0.2.7-12.6 is installed OR libspectre1-0.2.7-12.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libwireshark9-2.4.10-48.32 is installed OR libwiretap7-2.4.10-48.32 is installed OR libwscodecs1-2.4.10-48.32 is installed OR libwsutil8-2.4.10-48.32 is installed OR wireshark-2.4.10-48.32 is installed OR wireshark-gtk-2.4.10-48.32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-2.4.23-28 is installed OR apache2-doc-2.4.23-28 is installed OR apache2-example-pages-2.4.23-28 is installed OR apache2-prefork-2.4.23-28 is installed OR apache2-utils-2.4.23-28 is installed OR apache2-worker-2.4.23-28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpng16-1.6.8-15.5 is installed OR libpng16-16-1.6.8-15.5 is installed OR libpng16-16-32bit-1.6.8-15.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-daemon-1.0.15-6 is installed OR apache-commons-daemon-javadoc-1.0.15-6 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information kernel-default-3.12.74-60.64.51 is installed OR kernel-default-base-3.12.74-60.64.51 is installed OR kernel-default-devel-3.12.74-60.64.51 is installed OR kernel-devel-3.12.74-60.64.51 is installed OR kernel-macros-3.12.74-60.64.51 is installed OR kernel-source-3.12.74-60.64.51 is installed OR kernel-syms-3.12.74-60.64.51 is installed OR kernel-xen-3.12.74-60.64.51 is installed OR kernel-xen-base-3.12.74-60.64.51 is installed OR kernel-xen-devel-3.12.74-60.64.51 is installed OR kgraft-patch-3_12_74-60_64_51-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_51-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_18-1-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libsqlite3-0-3.8.10.2-9.3 is installed OR libsqlite3-0-32bit-3.8.10.2-9.3 is installed OR sqlite3-3.8.10.2-9.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND python-Twisted-15.2.1-9.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information kernel-default-4.4.180-94.113 is installed OR kernel-default-base-4.4.180-94.113 is installed OR kernel-default-devel-4.4.180-94.113 is installed OR kernel-default-kgraft-4.4.180-94.113 is installed OR kernel-devel-4.4.180-94.113 is installed OR kernel-macros-4.4.180-94.113 is installed OR kernel-source-4.4.180-94.113 is installed OR kernel-syms-4.4.180-94.113 is installed OR kgraft-patch-4_4_180-94_113-default-1-4.5 is installed OR kgraft-patch-SLE12-SP3_Update_30-1-4.5 is installed
BACK