OVAL Reference oval:org.opensuse.security:def:52745

Oval Definition:

oval:org.opensuse.security:def:52745

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 3 for SLE 15) (Important)
Description:	This update for the Linux Kernel 4.12.14-25_13 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglected to set a NULL value for a certain structure member, which could have led to a use-after-free in sockfs_setattr (bsc#1126284). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).
Family:	unix	Class:	patch
Status:		Reference(s):	1124729 1124734 1126284 1128378 1133191 1136446 1136935 1137597 888308 902367 940191 943967 943968 943969 946204 951376 CVE-2007-5970 CVE-2008-7247 CVE-2009-0037 CVE-2009-2285 CVE-2009-2347 CVE-2009-2417 CVE-2009-4019 CVE-2009-4028 CVE-2009-4030 CVE-2009-5044 CVE-2009-5080 CVE-2009-5081 CVE-2010-2065 CVE-2010-2067 CVE-2010-2233 CVE-2010-4651 CVE-2010-4665 CVE-2010-5298 CVE-2011-0192 CVE-2011-1167 CVE-2012-1173 CVE-2012-2113 CVE-2012-3401 CVE-2012-4564 CVE-2012-5615 CVE-2013-0249 CVE-2013-1944 CVE-2013-1960 CVE-2013-1961 CVE-2013-1976 CVE-2013-2174 CVE-2013-4231 CVE-2013-4232 CVE-2013-4243 CVE-2013-4244 CVE-2013-4545 CVE-2014-0015 CVE-2014-0138 CVE-2014-0139 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0224 CVE-2014-0250 CVE-2014-0791 CVE-2014-2494 CVE-2014-3470 CVE-2014-3613 CVE-2014-3620 CVE-2014-3675 CVE-2014-3676 CVE-2014-3677 CVE-2014-3707 CVE-2014-3710 CVE-2014-4207 CVE-2014-4258 CVE-2014-4260 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6474 CVE-2014-6478 CVE-2014-6484 CVE-2014-6489 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559 CVE-2014-6564 CVE-2014-6568 CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-8150 CVE-2014-8964 CVE-2014-9655 CVE-2015-0374 CVE-2015-0381 CVE-2015-0382 CVE-2015-0391 CVE-2015-0411 CVE-2015-0432 CVE-2015-0433 CVE-2015-0441 CVE-2015-0499 CVE-2015-0501 CVE-2015-0505 CVE-2015-1547 CVE-2015-2325 CVE-2015-2326 CVE-2015-2568 CVE-2015-2571 CVE-2015-2573 CVE-2015-3143 CVE-2015-3144 CVE-2015-3145 CVE-2015-3148 CVE-2015-3152 CVE-2015-3153 CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2015-7236 CVE-2015-7554 CVE-2015-8025 CVE-2015-8370 CVE-2015-8665 CVE-2015-8683 CVE-2015-8781 CVE-2015-8782 CVE-2015-8783 CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271 CVE-2016-10272 CVE-2016-3186 CVE-2016-3622 CVE-2016-3623 CVE-2016-3658 CVE-2016-3945 CVE-2016-3990 CVE-2016-3991 CVE-2016-5314 CVE-2016-5316 CVE-2016-5317 CVE-2016-5320 CVE-2016-5321 CVE-2016-5323 CVE-2016-5652 CVE-2016-5824 CVE-2016-5827 CVE-2016-5875 CVE-2016-9273 CVE-2016-9297 CVE-2016-9448 CVE-2016-9453 CVE-2016-9584 CVE-2017-5225 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-3846 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 SUSE-SU-2015:1705-2 SUSE-SU-2015:1874-2 SUSE-SU-2015:1892-1 SUSE-SU-2019:0745-1 SUSE-SU-2019:1588-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information firewall-macros-0.5.3-lp150.1 is installed OR firewalld-0.5.3-lp150.1 is installed OR firewalld-lang-0.5.3-lp150.1 is installed OR python3-firewall-0.5.3-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information gvfs-1.34.2.1-lp151.6.3 is installed OR gvfs-32bit-1.34.2.1-lp151.6.3 is installed OR gvfs-backend-afc-1.34.2.1-lp151.6.3 is installed OR gvfs-backend-samba-1.34.2.1-lp151.6.3 is installed OR gvfs-backends-1.34.2.1-lp151.6.3 is installed OR gvfs-devel-1.34.2.1-lp151.6.3 is installed OR gvfs-fuse-1.34.2.1-lp151.6.3 is installed OR gvfs-lang-1.34.2.1-lp151.6.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.7esr-0.3 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.7esr-0.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libsndfile-1.0.20-2.6 is installed OR libsndfile-32bit-1.0.20-2.6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND wireshark-1.12.9-0.12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND patch-2.7.1-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information curl-7.37.0-15 is installed OR libcurl4-7.37.0-15 is installed OR libcurl4-32bit-7.37.0-15 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information grub2-2.02~beta2-104 is installed OR grub2-i386-pc-2.02~beta2-104 is installed OR grub2-snapper-plugin-2.02~beta2-104 is installed OR grub2-systemd-sleep-plugin-2.02~beta2-104 is installed OR grub2-x86_64-efi-2.02~beta2-104 is installed OR grub2-x86_64-xen-2.02~beta2-104 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information freerdp-2.0.0~git.1463131968.4e66df7-11 is installed OR libfreerdp2-2.0.0~git.1463131968.4e66df7-11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libical1-1.0.1-16.3 is installed OR libical1-32bit-1.0.1-16.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_13-default-6-2 is installed OR kernel-livepatch-SLE15_Update_3-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-195-default-2-4 is installed OR kernel-livepatch-SLE15-SP1_Update_0-2-4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND ft2demos-2.5.5-7.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_45-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_45-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_16-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information perl-5.18.2-11 is installed OR perl-32bit-5.18.2-11 is installed OR perl-base-5.18.2-11 is installed OR perl-doc-5.18.2-11 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libdcerpc-binding0-4.4.2-38.20 is installed OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed OR libdcerpc0-4.4.2-38.20 is installed OR libdcerpc0-32bit-4.4.2-38.20 is installed OR libndr-krb5pac0-4.4.2-38.20 is installed OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed OR libndr-nbt0-4.4.2-38.20 is installed OR libndr-nbt0-32bit-4.4.2-38.20 is installed OR libndr-standard0-4.4.2-38.20 is installed OR libndr-standard0-32bit-4.4.2-38.20 is installed OR libndr0-4.4.2-38.20 is installed OR libndr0-32bit-4.4.2-38.20 is installed OR libnetapi0-4.4.2-38.20 is installed OR libnetapi0-32bit-4.4.2-38.20 is installed OR libsamba-credentials0-4.4.2-38.20 is installed OR libsamba-credentials0-32bit-4.4.2-38.20 is installed OR libsamba-errors0-4.4.2-38.20 is installed OR libsamba-errors0-32bit-4.4.2-38.20 is installed OR libsamba-hostconfig0-4.4.2-38.20 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed OR libsamba-passdb0-4.4.2-38.20 is installed OR libsamba-passdb0-32bit-4.4.2-38.20 is installed OR libsamba-util0-4.4.2-38.20 is installed OR libsamba-util0-32bit-4.4.2-38.20 is installed OR libsamdb0-4.4.2-38.20 is installed OR libsamdb0-32bit-4.4.2-38.20 is installed OR libsmbclient0-4.4.2-38.20 is installed OR libsmbclient0-32bit-4.4.2-38.20 is installed OR libsmbconf0-4.4.2-38.20 is installed OR libsmbconf0-32bit-4.4.2-38.20 is installed OR libsmbldap0-4.4.2-38.20 is installed OR libsmbldap0-32bit-4.4.2-38.20 is installed OR libtevent-util0-4.4.2-38.20 is installed OR libtevent-util0-32bit-4.4.2-38.20 is installed OR libwbclient0-4.4.2-38.20 is installed OR libwbclient0-32bit-4.4.2-38.20 is installed OR samba-4.4.2-38.20 is installed OR samba-client-4.4.2-38.20 is installed OR samba-client-32bit-4.4.2-38.20 is installed OR samba-doc-4.4.2-38.20 is installed OR samba-libs-4.4.2-38.20 is installed OR samba-libs-32bit-4.4.2-38.20 is installed OR samba-winbind-4.4.2-38.20 is installed OR samba-winbind-32bit-4.4.2-38.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_117-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_31-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_56-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_17-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND gdb-8.3.1-2.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_7_0-openjdk-1.7.0.251-43.35 is installed OR java-1_7_0-openjdk-demo-1.7.0.251-43.35 is installed OR java-1_7_0-openjdk-devel-1.7.0.251-43.35 is installed OR java-1_7_0-openjdk-headless-1.7.0.251-43.35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information cups-filters-1.0.58-15.2 is installed OR cups-filters-cups-browsed-1.0.58-15.2 is installed OR cups-filters-foomatic-rip-1.0.58-15.2 is installed OR cups-filters-ghostscript-1.0.58-15.2 is installed OR libqpdf18-7.1.1-3.3 is installed OR qpdf-7.1.1-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information crowbar-core-4.0+git.1578392992.fabfd186c-9.63 is installed OR crowbar-core-branding-upstream-4.0+git.1578392992.fabfd186c-9.63 is installed OR crowbar-openstack-4.0+git.1579171175.d53ab6363-9.68 is installed OR openstack-neutron-fwaas-9.0.2~dev5-4.6 is installed OR openstack-neutron-fwaas-doc-9.0.2~dev5-4.6 is installed OR python-neutron-fwaas-9.0.2~dev5-4.6 is installed OR ruby2.1-rubygem-crowbar-client-3.9.1-7.17 is installed OR rubygem-crowbar-client-3.9.1-7.17 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information grafana-4.5.1-4.3 is installed OR kafka-0.9.0.1-5.3 is installed OR logstash-2.4.1-5.4 is installed OR openstack-monasca-installer-20180622_15.06-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information glib2-2.48.2-12.15 is installed OR glib2-lang-2.48.2-12.15 is installed OR glib2-tools-2.48.2-12.15 is installed OR libgio-2_0-0-2.48.2-12.15 is installed OR libgio-2_0-0-32bit-2.48.2-12.15 is installed OR libglib-2_0-0-2.48.2-12.15 is installed OR libglib-2_0-0-32bit-2.48.2-12.15 is installed OR libgmodule-2_0-0-2.48.2-12.15 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed OR libgobject-2_0-0-2.48.2-12.15 is installed OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed OR libgthread-2_0-0-2.48.2-12.15 is installed OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-urllib3-1.23-3.6 is installed

BACK