Oval Definition:	oval:org.opensuse.security:def:52700
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 8 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-25_28 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424). This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747). Family: unix Class: patch Status: Reference(s): 1136446 1137597 1140747 1171746 1172437 911796 939567 940806 943557 943558 943608 CVE-2004-2771 CVE-2007-5970 CVE-2008-7247 CVE-2009-0163 CVE-2009-2820 CVE-2009-3553 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2010-0393 CVE-2010-0540 CVE-2010-0542 CVE-2010-1205 CVE-2010-1748 CVE-2010-2941 CVE-2010-5298 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3328 CVE-2011-3602 CVE-2012-5519 CVE-2012-5615 CVE-2012-6094 CVE-2013-0221 CVE-2013-0222 CVE-2013-0223 CVE-2013-1976 CVE-2013-1985 CVE-2013-2003 CVE-2013-6954 CVE-2014-0011 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-0333 CVE-2014-2494 CVE-2014-2856 CVE-2014-3470 CVE-2014-3537 CVE-2014-3686 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 CVE-2014-4274 CVE-2014-4287 CVE-2014-5029 CVE-2014-5030 CVE-2014-5031 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6474 CVE-2014-6478 CVE-2014-6484 CVE-2014-6489 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 CVE-2014-6568 CVE-2014-7844 CVE-2014-8169 CVE-2014-8964 CVE-2014-9496 CVE-2014-9679 CVE-2015-0210 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-1158 CVE-2015-1159 CVE-2015-1863 CVE-2015-2325 CVE-2015-2326 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-3152 CVE-2015-4041 CVE-2015-4042 CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-4473 CVE-2015-4474 CVE-2015-4475 CVE-2015-4478 CVE-2015-4479 CVE-2015-4484 CVE-2015-4485 CVE-2015-4486 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4491 CVE-2015-4492 CVE-2015-4495 CVE-2015-4497 CVE-2015-4498 CVE-2015-4792 CVE-2015-4802 CVE-2015-4807 CVE-2015-4815 CVE-2015-4826 CVE-2015-4830 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4870 CVE-2015-4913 CVE-2015-5130 CVE-2015-5310 CVE-2015-5477 CVE-2015-5969 CVE-2015-8041 CVE-2015-9262 CVE-2016-0505 CVE-2016-0546 CVE-2016-0596 CVE-2016-0597 CVE-2016-0598 CVE-2016-0600 CVE-2016-0606 CVE-2016-0608 CVE-2016-0609 CVE-2016-0616 CVE-2016-0640 CVE-2016-0641 CVE-2016-0642 CVE-2016-0643 CVE-2016-0644 CVE-2016-0646 CVE-2016-0647 CVE-2016-0648 CVE-2016-0649 CVE-2016-0650 CVE-2016-0651 CVE-2016-0655 CVE-2016-0666 CVE-2016-0668 CVE-2016-2047 CVE-2016-3477 CVE-2016-3492 CVE-2016-3521 CVE-2016-3615 CVE-2016-5440 CVE-2016-5584 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6662 CVE-2016-6663 CVE-2016-6664 CVE-2016-7440 CVE-2016-8283 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13087 CVE-2017-13088 CVE-2017-16612 CVE-2017-3238 CVE-2017-3243 CVE-2017-3244 CVE-2017-3257 CVE-2017-3258 CVE-2017-3265 CVE-2017-3291 CVE-2017-3302 CVE-2017-3312 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318 CVE-2018-1000199 CVE-2019-11477 CVE-2019-11478 CVE-2019-3846 CVE-2020-10757 SUSE-SU-2015:1305-1 SUSE-SU-2015:1476-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information MozillaThunderbird-52.7-lp150.2 is installed OR MozillaThunderbird-translations-common-52.7-lp150.2 is installed OR MozillaThunderbird-translations-other-52.7-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information graphviz-2.40.1-lp151.6.3 is installed OR graphviz-addons-2.40.1-lp151.6.3 is installed OR graphviz-devel-2.40.1-lp151.6.3 is installed OR graphviz-doc-2.40.1-lp151.6.3 is installed OR graphviz-gd-2.40.1-lp151.6.3 is installed OR graphviz-gnome-2.40.1-lp151.6.3 is installed OR graphviz-guile-2.40.1-lp151.6.3 is installed OR graphviz-gvedit-2.40.1-lp151.6.3 is installed OR graphviz-java-2.40.1-lp151.6.3 is installed OR graphviz-lua-2.40.1-lp151.6.3 is installed OR graphviz-perl-2.40.1-lp151.6.3 is installed OR graphviz-php-2.40.1-lp151.6.3 is installed OR graphviz-plugins-core-2.40.1-lp151.6.3 is installed OR graphviz-python-2.40.1-lp151.6.3 is installed OR graphviz-ruby-2.40.1-lp151.6.3 is installed OR graphviz-smyrna-2.40.1-lp151.6.3 is installed OR graphviz-tcl-2.40.1-lp151.6.3 is installed OR libgraphviz6-2.40.1-lp151.6.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information coreutils-8.12-6.25.29 is installed OR coreutils-lang-8.12-6.25.29 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND kdirstat-2.4.4-255.28 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libpng12-0-1.2.31-5.35 is installed OR libpng12-0-32bit-1.2.31-5.35 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information libpng16-16-1.6.8-2 is installed OR libpng16-16-32bit-1.6.8-2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information coreutils-8.22-9 is installed OR coreutils-lang-8.22-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cups-1.7.5-12 is installed OR cups-client-1.7.5-12 is installed OR cups-libs-1.7.5-12 is installed OR cups-libs-32bit-1.7.5-12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND autofs-5.0.9-27 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libXcursor1-1.1.14-4.6 is installed OR libXcursor1-32bit-1.1.14-4.6 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_28-default-4-2 is installed OR kernel-livepatch-SLE15_Update_8-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information apache-commons-daemon-1.0.15-4 is installed OR apache-commons-daemon-javadoc-1.0.15-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_24-22.49 is installed OR xen-doc-html-4.5.5_24-22.49 is installed OR xen-kmp-default-4.5.5_24_k3.12.74_60.64.93-22.49 is installed OR xen-libs-4.5.5_24-22.49 is installed OR xen-libs-32bit-4.5.5_24-22.49 is installed OR xen-tools-4.5.5_24-22.49 is installed OR xen-tools-domU-4.5.5_24-22.49 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libspice-client-glib-2_0-8-0.31-7 is installed OR libspice-client-glib-helper-0.31-7 is installed OR libspice-client-gtk-2_0-4-0.31-7 is installed OR libspice-client-gtk-3_0-4-0.31-7 is installed OR libspice-controller0-0.31-7 is installed OR typelib-1_0-SpiceClientGlib-2_0-0.31-7 is installed OR typelib-1_0-SpiceClientGtk-3_0-0.31-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.0esr-109.31 is installed OR MozillaFirefox-devel-52.8.0esr-109.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openssh-7.2p2-74.42 is installed OR openssh-askpass-gnome-7.2p2-74.42 is installed OR openssh-fips-7.2p2-74.42 is installed OR openssh-helpers-7.2p2-74.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_85-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_23-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ipmitool-1.8.18-5.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libopenssl-devel-1.0.2j-60.39 is installed OR libopenssl1_0_0-1.0.2j-60.39 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.39 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.39 is installed OR openssl-1.0.2j-60.39 is installed OR openssl-doc-1.0.2j-60.39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information kernel-default-3.12.74-60.64.54 is installed OR kernel-default-base-3.12.74-60.64.54 is installed OR kernel-default-devel-3.12.74-60.64.54 is installed OR kernel-devel-3.12.74-60.64.54 is installed OR kernel-macros-3.12.74-60.64.54 is installed OR kernel-source-3.12.74-60.64.54 is installed OR kernel-syms-3.12.74-60.64.54 is installed OR kernel-xen-3.12.74-60.64.54 is installed OR kernel-xen-base-3.12.74-60.64.54 is installed OR kernel-xen-devel-3.12.74-60.64.54 is installed OR kgraft-patch-3_12_74-60_64_54-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_54-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_19-1-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND wget-1.14-21.10 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.3-11.15 is installed
BACK