Oval Definition:	oval:org.opensuse.security:def:52744
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 0 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-23 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglected to set a NULL value for a certain structure member, which could have led to a use-after-free in sockfs_setattr (bsc#1126284). - CVE-2018-12232: In net/socket.c there was a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bsc#1127757). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729). Family: unix Class: patch Status: Reference(s): 1012382 1050242 1050549 1051510 1052904 1053043 1055117 1055121 1055186 1056787 1058115 1061840 1063638 1064802 1065600 1065729 1066129 1068546 1070872 1071995 1075020 1082387 1082555 1083647 1085535 1085536 1086657 1088804 1093389 1097583 1097584 1097585 1097586 1097587 1097588 1099658 1103186 1103259 1103992 1104353 1104427 1106011 1106284 1108193 1108838 1108937 1110946 1111331 1111666 1111696 1112063 1112128 1112178 1113722 1113956 1114279 1114427 1114542 1114638 1115688 1117114 1117158 1117561 1118139 1119680 1119843 1120091 1120318 1120423 1120566 1120843 1120902 1122767 1122776 1123454 1123663 1124503 1124729 1124734 1124839 1126206 1126284 1126356 1126704 1127175 1127371 1127374 1127616 1127757 1128052 1128378 1128415 1128544 1128904 1128971 1128979 1129138 1129273 1129497 1129693 1129770 1129845 1130195 1130425 1130527 1130567 1130579 1130699 1130937 1130972 1131326 1131427 1131438 1131451 1131467 1131488 1131530 1131565 1131574 1131587 1131659 1131673 1131847 1131848 1131851 1131900 1131934 1131935 1132044 1132219 1132226 1132227 1132365 1132368 1132369 1132370 1132372 1132373 1132384 1132397 1132402 1132403 1132404 1132405 1132407 1132411 1132412 1132413 1132414 1132426 1132527 1132531 1132555 1132558 1132561 1132562 1132563 1132564 1132570 1132571 1132572 1132589 1132618 1132673 1132681 1132726 1132828 1132894 1132943 1132982 1133005 1133016 1133094 1133095 1133115 1133149 1133176 1133188 1133190 1133320 1133486 1133529 1133547 1133584 1133593 1133612 1133616 1133667 1133668 1133672 1133674 1133675 1133698 1133702 1133731 1133769 1133772 1133774 1133778 1133779 1133780 1133825 1133850 1133851 1133852 1133897 1134090 1134160 1134162 1134199 1134200 1134201 1134202 1134203 1134204 1134205 1134223 1134354 1134393 1134397 1134459 1134460 1134461 1134597 1134600 1134607 1134618 1134651 1134671 1134760 1134806 1134810 1134813 1134848 1134936 1134945 1134946 1134947 1134948 1134949 1134950 1134951 1134952 1134953 1134972 1134974 1134975 1134980 1134981 1134983 1134987 1134989 1134990 1134994 1134995 1134998 1134999 1135006 1135007 1135008 1135018 1135021 1135024 1135026 1135027 1135028 1135029 1135031 1135033 1135034 1135035 1135036 1135037 1135038 1135039 1135041 1135042 1135044 1135045 1135046 1135047 1135049 1135051 1135052 1135053 1135055 1135056 1135058 1135100 1135120 1135278 1135281 1135309 1135312 1135314 1135315 1135316 1135320 1135323 1135330 1135492 1135542 1135556 1135603 1135642 1135661 1135758 1136188 1136206 1136215 1136345 1136347 1136348 1136353 1136424 1136428 1136430 1136432 1136434 1136435 1136438 1136439 1136456 1136460 1136461 1136469 1136477 1136478 1136498 1136573 1136586 1136881 1136935 1136990 1137151 1137152 1137153 1137162 1137201 1137224 1137232 1137233 1137236 1137372 1137429 1137444 1137586 1137739 1137752 1138291 1138293 892403 907257 912014 912015 912018 912293 912294 912296 944208 944209 951376 CVE-2006-4197 CVE-2009-1273 CVE-2009-4012 CVE-2009-5044 CVE-2009-5080 CVE-2009-5081 CVE-2010-2240 CVE-2012-4510 CVE-2013-1940 CVE-2013-4396 CVE-2013-6424 CVE-2014-0224 CVE-2014-3564 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8091 CVE-2014-8092 CVE-2014-8093 CVE-2014-8094 CVE-2014-8095 CVE-2014-8096 CVE-2014-8097 CVE-2014-8098 CVE-2014-8099 CVE-2014-8100 CVE-2014-8101 CVE-2014-8102 CVE-2014-8103 CVE-2014-8275 CVE-2014-8439 CVE-2015-0204 CVE-2015-0205 CVE-2015-0255 CVE-2015-3164 CVE-2015-3418 CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 CVE-2015-5185 CVE-2015-5234 CVE-2015-5235 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-5384 CVE-2016-6489 CVE-2017-2624 CVE-2017-5753 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-12232 CVE-2018-16880 CVE-2018-7191 CVE-2019-10124 CVE-2019-11085 CVE-2019-11091 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11486 CVE-2019-11487 CVE-2019-11811 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-12818 CVE-2019-12819 CVE-2019-3846 CVE-2019-3882 CVE-2019-5489 CVE-2019-6974 CVE-2019-7221 CVE-2019-8564 CVE-2019-8912 CVE-2019-9003 CVE-2019-9213 CVE-2019-9500 CVE-2019-9503 SUSE-SU-2015:0305-1 SUSE-SU-2015:1682-1 SUSE-SU-2015:1874-2 SUSE-SU-2019:0740-1 SUSE-SU-2019:1550-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information file-5.32-lp150.5 is installed OR file-magic-5.32-lp150.5 is installed OR libmagic1-5.32-lp150.5 is installed OR libmagic1-32bit-5.32-lp150.5 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information irssi-1.1.3-33 is installed OR irssi-devel-1.1.3-33 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.6esr-0.4 is installed OR MozillaFirefox-translations-17.0.6esr-0.4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information librsvg-2.26.0-2.5 is installed OR librsvg-32bit-2.26.0-2.5 is installed OR rsvg-view-2.26.0-2.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND wireshark-1.12.7-0.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information pam_ssh-2.0-1 is installed OR pam_ssh-32bit-2.0-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information cups-pk-helper-0.2.5-3 is installed OR cups-pk-helper-lang-0.2.5-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND groff-1.22.2-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information fontconfig-2.11.1-7 is installed OR fontconfig-32bit-2.11.1-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libhogweed2-2.7.1-12 is installed OR libhogweed2-32bit-2.7.1-12 is installed OR libnettle4-2.7.1-12 is installed OR libnettle4-32bit-2.7.1-12 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-23-default-9-25 is installed OR kernel-livepatch-SLE15_Update_0-9-25 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.4 is installed OR kernel-default-livepatch-4.12.14-197.4 is installed OR kernel-default-livepatch-devel-4.12.14-197.4 is installed OR kernel-livepatch-4_12_14-197_4-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_1-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information freeradius-server-3.0.3-10 is installed OR freeradius-server-doc-3.0.3-10 is installed OR freeradius-server-krb5-3.0.3-10 is installed OR freeradius-server-ldap-3.0.3-10 is installed OR freeradius-server-libs-3.0.3-10 is installed OR freeradius-server-mysql-3.0.3-10 is installed OR freeradius-server-perl-3.0.3-10 is installed OR freeradius-server-postgresql-3.0.3-10 is installed OR freeradius-server-python-3.0.3-10 is installed OR freeradius-server-sqlite-3.0.3-10 is installed OR freeradius-server-utils-3.0.3-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kernel-default-3.12.74-60.64.99 is installed OR kernel-default-base-3.12.74-60.64.99 is installed OR kernel-default-devel-3.12.74-60.64.99 is installed OR kernel-default-man-3.12.74-60.64.99 is installed OR kernel-devel-3.12.74-60.64.99 is installed OR kernel-macros-3.12.74-60.64.99 is installed OR kernel-source-3.12.74-60.64.99 is installed OR kernel-syms-3.12.74-60.64.99 is installed OR kernel-xen-3.12.74-60.64.99 is installed OR kernel-xen-base-3.12.74-60.64.99 is installed OR kernel-xen-devel-3.12.74-60.64.99 is installed OR kgraft-patch-3_12_74-60_64_99-default-1-2.3 is installed OR kgraft-patch-3_12_74-60_64_99-xen-1-2.3 is installed OR kgraft-patch-SLE12-SP1_Update_30-1-2.3 is installed OR lttng-modules-2.7.0-4.2 is installed OR lttng-modules-kmp-default-2.7.0_k3.12.74_60.64.99-4.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND pcsc-ccid-1.4.14-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_90-92_45-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_14-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND clamav-0.99.2-32 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libdcerpc-binding0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc-binding0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-4.6.16+git.169.064abe062be-3.46 is installed OR libdcerpc0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-krb5pac0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-nbt0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr-standard0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-4.6.16+git.169.064abe062be-3.46 is installed OR libndr0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-4.6.16+git.169.064abe062be-3.46 is installed OR libnetapi0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-credentials0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-errors0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-passdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamba-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-4.6.16+git.169.064abe062be-3.46 is installed OR libsamdb0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbconf0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-4.6.16+git.169.064abe062be-3.46 is installed OR libsmbldap0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-4.6.16+git.169.064abe062be-3.46 is installed OR libtevent-util0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-4.6.16+git.169.064abe062be-3.46 is installed OR libwbclient0-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-4.6.16+git.169.064abe062be-3.46 is installed OR samba-client-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-doc-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-4.6.16+git.169.064abe062be-3.46 is installed OR samba-libs-32bit-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-4.6.16+git.169.064abe062be-3.46 is installed OR samba-winbind-32bit-4.6.16+git.169.064abe062be-3.46 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information postgresql96-9.6.17-3.33 is installed OR postgresql96-contrib-9.6.17-3.33 is installed OR postgresql96-docs-9.6.17-3.33 is installed OR postgresql96-libs-9.6.17-3.33 is installed OR postgresql96-plperl-9.6.17-3.33 is installed OR postgresql96-plpython-9.6.17-3.33 is installed OR postgresql96-pltcl-9.6.17-3.33 is installed OR postgresql96-server-9.6.17-3.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsndfile-1.0.25-36.16 is installed OR libsndfile1-1.0.25-36.16 is installed OR libsndfile1-32bit-1.0.25-36.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.8 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND clamav-0.99.3-33.5 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information java-1_8_0-openjdk-1.8.0.242-27.41 is installed OR java-1_8_0-openjdk-demo-1.8.0.242-27.41 is installed OR java-1_8_0-openjdk-devel-1.8.0.242-27.41 is installed OR java-1_8_0-openjdk-headless-1.8.0.242-27.41 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-SQLAlchemy-1.2.10-3.3 is installed
BACK