Oval Definition:	oval:org.opensuse.security:def:52746
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 6 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-25_22 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglected to set a NULL value for a certain structure member, which could have led to a use-after-free in sockfs_setattr (bsc#1126284). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729). Family: unix Class: patch Status: Reference(s): 1051510 1071995 1094555 1111666 1112374 1114279 1124729 1124734 1126284 1128378 1128432 1134730 1134738 1135153 1135296 1135642 1136156 1136157 1136271 1136333 1137103 1137194 1137366 1137884 1137985 1138263 1138336 1138374 1138375 1138589 1138681 1138719 1138732 901546 908376 928323 943967 943968 943969 948011 952188 952189 952190 CVE-2004-2779 CVE-2008-2109 CVE-2009-0946 CVE-2009-2473 CVE-2009-2474 CVE-2010-2497 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2010-4530 CVE-2011-0226 CVE-2011-3177 CVE-2012-0804 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2013-3571 CVE-2014-0019 CVE-2014-2240 CVE-2014-3660 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-0797 CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 CVE-2015-3146 CVE-2015-5198 CVE-2015-5199 CVE-2015-5200 CVE-2017-11550 CVE-2017-11551 CVE-2017-8779 CVE-2018-16871 CVE-2019-12614 CVE-2019-12817 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 SUSE-SU-2015:1707-2 SUSE-SU-2015:1892-1 SUSE-SU-2015:1897-1 SUSE-SU-2019:1744-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information flatpak-0.10.4-lp150.2 is installed OR libflatpak0-0.10.4-lp150.2 is installed OR typelib-1_0-Flatpak-1_0-0.10.4-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libu2f-host-1.1.6-lp151.2.6 is installed OR libu2f-host-devel-1.1.6-lp151.2.6 is installed OR libu2f-host-doc-1.1.6-lp151.2.6 is installed OR libu2f-host0-1.1.6-lp151.2.6 is installed OR pam_u2f-1.0.8-lp151.2.3 is installed OR u2f-host-1.1.6-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.10esr-0.4.2 is installed OR MozillaFirefox-branding-SLED-7-0.6.9 is installed OR MozillaFirefox-translations-17.0.10esr-0.4.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libsndfile-1.0.20-2.10 is installed OR libsndfile-32bit-1.0.20-2.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information wpa_supplicant-0.7.1-6.17 is installed OR wpa_supplicant-gui-0.7.1-6.17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND pcsc-ccid-1.4.14-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND cvs-1.12.12-181 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gstreamer-0_10-plugins-bad-0.10.23-20 is installed OR gstreamer-0_10-plugins-bad-lang-0.10.23-20 is installed OR libgstbasecamerabinsrc-0_10-23-0.10.23-20 is installed OR libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-20 is installed OR libgstbasevideo-0_10-23-0.10.23-20 is installed OR libgstbasevideo-0_10-23-32bit-0.10.23-20 is installed OR libgstcodecparsers-0_10-23-0.10.23-20 is installed OR libgstphotography-0_10-23-0.10.23-20 is installed OR libgstphotography-0_10-23-32bit-0.10.23-20 is installed OR libgstsignalprocessor-0_10-23-0.10.23-20 is installed OR libgstsignalprocessor-0_10-23-32bit-0.10.23-20 is installed OR libgstvdp-0_10-23-0.10.23-20 is installed OR libgstvdp-0_10-23-32bit-0.10.23-20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND ft2demos-2.6.3-7.10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND libid3tag0-0.15.1b-184.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_22-default-4-2 is installed OR kernel-livepatch-SLE15_Update_6-4-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.7 is installed OR kernel-default-livepatch-4.12.14-197.7 is installed OR kernel-default-livepatch-devel-4.12.14-197.7 is installed OR kernel-livepatch-4_12_14-197_7-default-1-3.3 is installed OR kernel-livepatch-SLE15-SP1_Update_2-1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information fuse-2.9.3-5 is installed OR libfuse2-2.9.3-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_40-default-8-2 is installed OR kgraft-patch-3_12_74-60_64_40-xen-8-2 is installed OR kgraft-patch-SLE12-SP1_Update_15-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND perl-Config-IniFiles-2.82-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-devel-52.9.0esr-109.38 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information perl-5.18.2-12.20 is installed OR perl-32bit-5.18.2-12.20 is installed OR perl-base-5.18.2-12.20 is installed OR perl-doc-5.18.2-12.20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-5-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND coolkey-1.1.0-147 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libssh2-1-1.4.3-20.14 is installed OR libssh2-1-32bit-1.4.3-20.14 is installed OR libssh2_org-1.4.3-20.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ipmitool-1.8.18-5.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libblkid1-2.29.2-3.12 is installed OR libblkid1-32bit-2.29.2-3.12 is installed OR libfdisk1-2.29.2-3.12 is installed OR libmount1-2.29.2-3.12 is installed OR libmount1-32bit-2.29.2-3.12 is installed OR libsmartcols1-2.29.2-3.12 is installed OR libuuid1-2.29.2-3.12 is installed OR libuuid1-32bit-2.29.2-3.12 is installed OR python-libmount-2.29.2-3.12 is installed OR util-linux-2.29.2-3.12 is installed OR util-linux-lang-2.29.2-3.12 is installed OR util-linux-systemd-2.29.2-3.12 is installed OR uuidd-2.29.2-3.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information bind-9.9.9P1-63.7 is installed OR bind-chrootenv-9.9.9P1-63.7 is installed OR bind-devel-9.9.9P1-63.7 is installed OR bind-doc-9.9.9P1-63.7 is installed OR bind-libs-9.9.9P1-63.7 is installed OR bind-libs-32bit-9.9.9P1-63.7 is installed OR bind-utils-9.9.9P1-63.7 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libQt5Concurrent5-5.6.1-17.13 is installed OR libQt5Core5-5.6.1-17.13 is installed OR libQt5DBus5-5.6.1-17.13 is installed OR libQt5Gui5-5.6.1-17.13 is installed OR libQt5Network5-5.6.1-17.13 is installed OR libQt5OpenGL5-5.6.1-17.13 is installed OR libQt5PrintSupport5-5.6.1-17.13 is installed OR libQt5Sql5-5.6.1-17.13 is installed OR libQt5Sql5-mysql-5.6.1-17.13 is installed OR libQt5Sql5-postgresql-5.6.1-17.13 is installed OR libQt5Sql5-sqlite-5.6.1-17.13 is installed OR libQt5Sql5-unixODBC-5.6.1-17.13 is installed OR libQt5Test5-5.6.1-17.13 is installed OR libQt5Widgets5-5.6.1-17.13 is installed OR libQt5Xml5-5.6.1-17.13 is installed OR libqt5-qtbase-5.6.1-17.13 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND cobbler-2.6.6-49.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed
BACK