OVAL Reference oval:org.opensuse.security:def:52748

Oval Definition:

oval:org.opensuse.security:def:52748

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 4 for SLE 15) (Important)
Description:	This update for the Linux Kernel 4.12.14-25_16 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglected to set a NULL value for a certain structure member, which could have led to a use-after-free in sockfs_setattr (bsc#1126284). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).
Family:	unix	Class:	patch
Status:		Reference(s):	1124729 1124734 1126284 1128378 1138264 470073 806250 829430 856382 86241 87222 877642 886785 890735 898159 900186 900877 901488 907514 907966 907973 908950 910258 910805 910806 912183 913042 914818 914911 915996 916181 916543 918852 918984 919409 920016 922071 923967 924722 926375 929092 929793 929871 930813 932267 932285 932350 934423 934430 934942 934962 936188 936190 936556 936773 937609 937612 937613 937616 938550 938706 938891 938892 938893 939145 939266 939716 939834 939994 940398 940545 940679 940776 940838 940912 940925 940965 941098 941305 941908 941951 942160 942204 942307 942367 943075 944463 944697 945167 945692 947165 948536 949138 950367 950703 950705 950706 959277 CVE-2006-7250 CVE-2008-5077 CVE-2009-0316 CVE-2009-0590 CVE-2009-0591 CVE-2009-0789 CVE-2009-0790 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-2624 CVE-2010-0001 CVE-2010-0740 CVE-2010-0742 CVE-2010-1633 CVE-2010-2939 CVE-2010-3864 CVE-2010-4341 CVE-2010-4352 CVE-2010-5298 CVE-2011-0014 CVE-2011-1758 CVE-2011-3207 CVE-2011-3210 CVE-2011-4108 CVE-2011-4576 CVE-2011-4577 CVE-2011-4619 CVE-2012-0027 CVE-2012-0050 CVE-2012-0884 CVE-2012-1165 CVE-2012-2110 CVE-2012-2388 CVE-2012-2451 CVE-2012-2686 CVE-2012-3524 CVE-2012-4929 CVE-2013-0166 CVE-2013-0169 CVE-2013-0219 CVE-2013-0220 CVE-2013-0287 CVE-2013-2168 CVE-2013-2944 CVE-2013-4353 CVE-2013-5018 CVE-2013-6075 CVE-2013-6076 CVE-2013-6449 CVE-2013-6450 CVE-2014-0076 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0221 CVE-2014-0222 CVE-2014-0224 CVE-2014-2338 CVE-2014-2497 CVE-2014-3470 CVE-2014-3477 CVE-2014-3505 CVE-2014-3506 CVE-2014-3507 CVE-2014-3508 CVE-2014-3509 CVE-2014-3510 CVE-2014-3511 CVE-2014-3512 CVE-2014-3513 CVE-2014-3532 CVE-2014-3533 CVE-2014-3566 CVE-2014-3567 CVE-2014-3568 CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-5139 CVE-2014-7824 CVE-2014-8146 CVE-2014-8147 CVE-2014-8148 CVE-2014-8275 CVE-2014-9221 CVE-2014-9709 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206 CVE-2015-0209 CVE-2015-0245 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0293 CVE-2015-1774 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792 CVE-2015-3216 CVE-2015-4000 CVE-2015-4037 CVE-2015-4171 CVE-2015-4551 CVE-2015-5156 CVE-2015-5157 CVE-2015-5212 CVE-2015-5213 CVE-2015-5214 CVE-2015-5239 CVE-2015-5283 CVE-2015-5697 CVE-2015-6252 CVE-2015-6815 CVE-2015-6937 CVE-2015-7201 CVE-2015-7202 CVE-2015-7205 CVE-2015-7210 CVE-2015-7212 CVE-2015-7213 CVE-2015-7214 CVE-2015-7222 CVE-2015-7311 CVE-2015-7613 CVE-2015-7835 CVE-2015-7969 CVE-2015-7971 CVE-2016-10166 CVE-2016-10167 CVE-2016-10168 CVE-2016-1601 CVE-2016-5104 CVE-2016-5116 CVE-2016-6128 CVE-2016-6132 CVE-2016-6161 CVE-2016-6207 CVE-2016-6214 CVE-2016-6905 CVE-2016-6906 CVE-2016-6911 CVE-2016-6912 CVE-2016-7568 CVE-2016-8670 CVE-2016-9317 CVE-2016-9933 CVE-2017-12173 CVE-2019-12817 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 SUSE-SU-2015:1727-1 SUSE-SU-2015:1908-1 SUSE-SU-2015:1915-1 SUSE-SU-2015:2335-1 SUSE-SU-2019:1769-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information ft2demos-2.9-lp150.2 is installed OR ftbench-2.9-lp150.2 is installed OR ftdiff-2.9-lp150.2 is installed OR ftdump-2.9-lp150.2 is installed OR ftgamma-2.9-lp150.2 is installed OR ftgrid-2.9-lp150.2 is installed OR ftinspect-2.9-lp150.2 is installed OR ftlint-2.9-lp150.2 is installed OR ftmulti-2.9-lp150.2 is installed OR ftstring-2.9-lp150.2 is installed OR ftvalid-2.9-lp150.2 is installed OR ftview-2.9-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information fence-agents-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed OR fence-agents-amt_ws-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed OR fence-agents-devel-4.4.0+git.1558595666.5f79f9e9-lp151.2.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information freetype2-2.3.7-25.32 is installed OR freetype2-32bit-2.3.7-25.32 is installed OR freetype2-devel-2.3.7-25.32 is installed OR ft2demos-2.3.7-25.32 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND libssh2-0.2-5.20 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information xen-4.4.3_02-26 is installed OR xen-doc-html-4.4.3_02-26 is installed OR xen-kmp-default-4.4.3_02_3.0.101_65-26 is installed OR xen-kmp-pae-4.4.3_02_3.0.101_65-26 is installed OR xen-libs-4.4.3_02-26 is installed OR xen-libs-32bit-4.4.3_02-26 is installed OR xen-tools-4.4.3_02-26 is installed OR xen-tools-domU-4.4.3_02-26 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND perl-Config-IniFiles-2.82-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information dbus-1-1.8.16-14 is installed OR dbus-1-x11-1.8.16-14 is installed OR libdbus-1-3-1.8.16-14 is installed OR libdbus-1-3-32bit-1.8.16-14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gvim-7.4.326-2 is installed OR vim-7.4.326-2 is installed OR vim-data-7.4.326-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gd-2.1.0-23 is installed OR gd-32bit-2.1.0-23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libipa_hbac0-1.16.1-2 is installed OR libsss_certmap0-1.16.1-2 is installed OR libsss_idmap0-1.16.1-2 is installed OR libsss_nss_idmap0-1.16.1-2 is installed OR libsss_simpleifp0-1.16.1-2 is installed OR libsss_sudo-1.13.4-34.7 is installed OR python-sssd-config-1.16.1-2 is installed OR sssd-1.16.1-2 is installed OR sssd-32bit-1.16.1-2 is installed OR sssd-ad-1.16.1-2 is installed OR sssd-ipa-1.16.1-2 is installed OR sssd-krb5-1.16.1-2 is installed OR sssd-krb5-common-1.16.1-2 is installed OR sssd-ldap-1.16.1-2 is installed OR sssd-proxy-1.16.1-2 is installed OR sssd-tools-1.16.1-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_16-default-5-2 is installed OR kernel-livepatch-SLE15_Update_4-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_4-default-2-2 is installed OR kernel-livepatch-SLE15-SP1_Update_1-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gdk-pixbuf-lang-2.30.6-1 is installed OR gdk-pixbuf-query-loaders-2.30.6-1 is installed OR gdk-pixbuf-query-loaders-32bit-2.30.6-1 is installed OR libgdk_pixbuf-2_0-0-2.30.6-1 is installed OR libgdk_pixbuf-2_0-0-32bit-2.30.6-1 is installed OR typelib-1_0-GdkPixbuf-2_0-2.30.6-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_48-default-7-2 is installed OR kgraft-patch-3_12_74-60_64_48-xen-7-2 is installed OR kgraft-patch-SLE12-SP1_Update_17-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND perl-LWP-Protocol-https-6.04-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND ucode-intel-20180807-13.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-default-4.4.121-92.120 is installed OR kernel-default-base-4.4.121-92.120 is installed OR kernel-default-devel-4.4.121-92.120 is installed OR kernel-devel-4.4.121-92.120 is installed OR kernel-macros-4.4.121-92.120 is installed OR kernel-source-4.4.121-92.120 is installed OR kernel-syms-4.4.121-92.120 is installed OR kgraft-patch-4_4_121-92_120-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_32-1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-10-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-10-2 is installed
Definition Synopsis
Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cpio-2.11-35 is installed OR cpio-lang-2.11-35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.107 is installed OR kernel-default-base-4.4.180-94.107 is installed OR kernel-default-devel-4.4.180-94.107 is installed OR kernel-devel-4.4.180-94.107 is installed OR kernel-macros-4.4.180-94.107 is installed OR kernel-source-4.4.180-94.107 is installed OR kernel-syms-4.4.180-94.107 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.4.1-109.101 is installed OR MozillaFirefox-translations-common-68.4.1-109.101 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND shadow-4.2.1-27.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information MozillaFirefox-52.6.0esr-109.13 is installed OR MozillaFirefox-devel-52.6.0esr-109.13 is installed OR MozillaFirefox-translations-52.6.0esr-109.13 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information xen-4.7.6_06-43.59 is installed OR xen-doc-html-4.7.6_06-43.59 is installed OR xen-libs-4.7.6_06-43.59 is installed OR xen-libs-32bit-4.7.6_06-43.59 is installed OR xen-tools-4.7.6_06-43.59 is installed OR xen-tools-domU-4.7.6_06-43.59 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-cryptography-2.0.3-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND ucode-intel-20190618-13.47 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1569587091.3f083d63c-3.10 is installed OR crowbar-core-branding-upstream-6.0+git.1569587091.3f083d63c-3.10 is installed OR crowbar-ha-6.0+git.1567673476.1342c3d-3.10 is installed OR crowbar-openstack-6.0+git.1569805311.a94583476-3.10 is installed OR crowbar-ui-1.3.0+git.1568396400.0344a727-11 is installed OR grafana-6.2.5-3.6 is installed OR grafana-monasca-ui-drilldown-1.14.1~dev9-3.6 is installed OR novnc-1.1.0-3.3 is installed OR openstack-cinder-13.0.7~dev16-3.10 is installed OR openstack-cinder-api-13.0.7~dev16-3.10 is installed OR openstack-cinder-backup-13.0.7~dev16-3.10 is installed OR openstack-cinder-scheduler-13.0.7~dev16-3.10 is installed OR openstack-cinder-volume-13.0.7~dev16-3.10 is installed OR openstack-dashboard-14.0.4~dev11-3.6 is installed OR openstack-designate-7.0.1~dev22-3.10 is installed OR openstack-designate-agent-7.0.1~dev22-3.10 is installed OR openstack-designate-api-7.0.1~dev22-3.10 is installed OR openstack-designate-central-7.0.1~dev22-3.10 is installed OR openstack-designate-producer-7.0.1~dev22-3.10 is installed OR openstack-designate-sink-7.0.1~dev22-3.10 is installed OR openstack-designate-worker-7.0.1~dev22-3.10 is installed OR openstack-glance-17.0.1~dev30-3.3 is installed OR openstack-glance-api-17.0.1~dev30-3.3 is installed OR openstack-heat-11.0.3~dev23-3.10 is installed OR openstack-heat-api-11.0.3~dev23-3.10 is installed OR openstack-heat-api-cfn-11.0.3~dev23-3.10 is installed OR openstack-heat-engine-11.0.3~dev23-3.10 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev23-3.10 is installed OR openstack-horizon-plugin-heat-ui-1.4.1~dev4-4.6 is installed OR openstack-horizon-plugin-monasca-ui-1.14.1~dev9-3.6 is installed OR openstack-ironic-11.1.4~dev15-3.10 is installed OR openstack-ironic-api-11.1.4~dev15-3.10 is installed OR openstack-ironic-conductor-11.1.4~dev15-3.10 is installed OR openstack-ironic-python-agent-3.3.3~dev5-3.10 is installed OR openstack-keystone-14.1.1~dev16-3.10 is installed OR openstack-manila-7.3.1~dev6-4.10 is installed OR openstack-manila-api-7.3.1~dev6-4.10 is installed OR openstack-manila-data-7.3.1~dev6-4.10 is installed OR openstack-manila-scheduler-7.3.1~dev6-4.10 is installed OR openstack-manila-share-7.3.1~dev6-4.10 is installed OR openstack-neutron-13.0.5~dev50-3.10 is installed OR openstack-neutron-dhcp-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-gbp-5.0.1~dev472-3.10 is installed OR openstack-neutron-ha-tool-13.0.5~dev50-3.10 is installed OR openstack-neutron-l3-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-linuxbridge-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-macvtap-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-metadata-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-metering-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-openvswitch-agent-13.0.5~dev50-3.10 is installed OR openstack-neutron-server-13.0.5~dev50-3.10 is installed OR openstack-nova-18.2.3~dev22-3.10 is installed OR openstack-nova-api-18.2.3~dev22-3.10 is installed OR openstack-nova-cells-18.2.3~dev22-3.10 is installed OR openstack-nova-compute-18.2.3~dev22-3.10 is installed OR openstack-nova-conductor-18.2.3~dev22-3.10 is installed OR openstack-nova-console-18.2.3~dev22-3.10 is installed OR openstack-nova-novncproxy-18.2.3~dev22-3.10 is installed OR openstack-nova-placement-api-18.2.3~dev22-3.10 is installed OR openstack-nova-scheduler-18.2.3~dev22-3.10 is installed OR openstack-nova-serialproxy-18.2.3~dev22-3.10 is installed OR openstack-nova-vncproxy-18.2.3~dev22-3.10 is installed OR openstack-octavia-3.1.2~dev45-3.10 is installed OR openstack-octavia-amphora-agent-3.1.2~dev45-3.10 is installed OR openstack-octavia-api-3.1.2~dev45-3.10 is installed OR openstack-octavia-health-manager-3.1.2~dev45-3.10 is installed OR openstack-octavia-housekeeping-3.1.2~dev45-3.10 is installed OR openstack-octavia-worker-3.1.2~dev45-3.10 is installed OR openstack-sahara-9.0.2~dev12-3.3 is installed OR openstack-sahara-api-9.0.2~dev12-3.3 is installed OR openstack-sahara-engine-9.0.2~dev12-3.3 is installed OR openstack-tempest-19.0.0-15 is installed OR openstack-tempest-test-19.0.0-15 is installed OR openstack-watcher-1.12.1~dev19-4.3 is installed OR openstack-watcher-doc-1.12.1~dev19-4.3 is installed OR python-cinder-13.0.7~dev16-3.10 is installed OR python-cinder-tempest-plugin-0.1.0-11 is installed OR python-designate-7.0.1~dev22-3.10 is installed OR python-glance-17.0.1~dev30-3.3 is installed OR python-heat-11.0.3~dev23-3.10 is installed OR python-horizon-14.0.4~dev11-3.6 is installed OR python-horizon-plugin-heat-ui-1.4.1~dev4-4.6 is installed OR python-horizon-plugin-monasca-ui-1.14.1~dev9-3.6 is installed OR python-ironic-11.1.4~dev15-3.10 is installed OR python-keystone-14.1.1~dev16-3.10 is installed OR python-manila-7.3.1~dev6-4.10 is installed OR python-neutron-13.0.5~dev50-3.10 is installed OR python-neutron-gbp-5.0.1~dev472-3.10 is installed OR python-nova-18.2.3~dev22-3.10 is installed OR python-octavia-3.1.2~dev45-3.10 is installed OR python-openstack_auth-14.0.4~dev11-3.6 is installed OR python-sahara-9.0.2~dev12-3.3 is installed OR python-tempest-19.0.0-15 is installed OR python-urllib3-1.23-3.9 is installed OR python-watcher-1.12.1~dev19-4.3 is installed OR ruby2.1-rubygem-easy_diff-1.0.0-4.3 is installed OR rubygem-easy_diff-1.0.0-4.3 is installed

BACK