OVAL Reference oval:org.opensuse.security:def:52750

Oval Definition:

oval:org.opensuse.security:def:52750

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 1 for SLE 15) (Important)
Description:	This update for the Linux Kernel 4.12.14-25_3 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglected to set a NULL value for a certain structure member, which could have led to a use-after-free in sockfs_setattr (bsc#1126284). - CVE-2018-12232: In net/socket.c there was a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sock_close and sockfs_setattr functions. fchownat did not increment the file descriptor reference count, which allowed close to set the socket to NULL during fchownat's execution, leading to a NULL pointer dereference and system crash (bsc#1127757). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).
Family:	unix	Class:	patch
Status:		Reference(s):	1124729 1124734 1126284 1127757 1128378 1137597 1140747 826717 866902 882089 889526 896023 897614 897906 898772 900292 901317 903357 903359 903850 903967 903970 905465 905467 906439 908275 944460 948976 952099 952810 957812 CVE-2004-0801 CVE-2009-1892 CVE-2010-0407 CVE-2010-2156 CVE-2010-3611 CVE-2010-3616 CVE-2010-4267 CVE-2010-4531 CVE-2011-0413 CVE-2011-0997 CVE-2011-2697 CVE-2011-2722 CVE-2011-2748 CVE-2011-2749 CVE-2011-3146 CVE-2011-3630 CVE-2011-3631 CVE-2011-3632 CVE-2011-4182 CVE-2011-4539 CVE-2011-4868 CVE-2012-3570 CVE-2012-3571 CVE-2012-3954 CVE-2012-3955 CVE-2012-5112 CVE-2012-5133 CVE-2013-1881 CVE-2013-2266 CVE-2013-3495 CVE-2013-4325 CVE-2013-6402 CVE-2013-6427 CVE-2014-1344 CVE-2014-1384 CVE-2014-1385 CVE-2014-1386 CVE-2014-1387 CVE-2014-1388 CVE-2014-1389 CVE-2014-1390 CVE-2014-1748 CVE-2014-2977 CVE-2014-2978 CVE-2014-3230 CVE-2014-5146 CVE-2014-5149 CVE-2014-8594 CVE-2014-8595 CVE-2014-8866 CVE-2014-8867 CVE-2014-9030 CVE-2015-1071 CVE-2015-1076 CVE-2015-1081 CVE-2015-1083 CVE-2015-1120 CVE-2015-1122 CVE-2015-1127 CVE-2015-1153 CVE-2015-1155 CVE-2015-2330 CVE-2015-3195 CVE-2015-3247 CVE-2015-3658 CVE-2015-3659 CVE-2015-3727 CVE-2015-3731 CVE-2015-3741 CVE-2015-3743 CVE-2015-3745 CVE-2015-3747 CVE-2015-3748 CVE-2015-3749 CVE-2015-3752 CVE-2015-4513 CVE-2015-5260 CVE-2015-5261 CVE-2015-5788 CVE-2015-5794 CVE-2015-5801 CVE-2015-5809 CVE-2015-5822 CVE-2015-5928 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 CVE-2016-10163 CVE-2016-10214 CVE-2017-5580 CVE-2017-5937 CVE-2017-5956 CVE-2017-5957 CVE-2017-5993 CVE-2017-5994 CVE-2017-6209 CVE-2017-6210 CVE-2017-6317 CVE-2017-6355 CVE-2017-6386 CVE-2018-12232 CVE-2019-11477 CVE-2019-11478 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 SUSE-SU-2015:1733-1 SUSE-SU-2015:1926-1 SUSE-SU-2015:2342-1 SUSE-SU-2019:1889-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.0 NonFree openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gcab-1.1-lp150.1 is installed OR gcab-lang-1.1-lp150.1 is installed OR libgcab-1_0-0-1.1-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.0 NonFree is installed AND opera-54.0.2952.41-lp150.2.3 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libvirt-5.1.0-lp151.7.3 is installed OR libvirt-admin-5.1.0-lp151.7.3 is installed OR libvirt-bash-completion-5.1.0-lp151.7.3 is installed OR libvirt-client-5.1.0-lp151.7.3 is installed OR libvirt-daemon-5.1.0-lp151.7.3 is installed OR libvirt-daemon-config-network-5.1.0-lp151.7.3 is installed OR libvirt-daemon-config-nwfilter-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-interface-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-libxl-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-lxc-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-network-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-nodedev-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-nwfilter-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-qemu-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-secret-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-core-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-disk-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-gluster-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-iscsi-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-logical-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-mpath-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-rbd-5.1.0-lp151.7.3 is installed OR libvirt-daemon-driver-storage-scsi-5.1.0-lp151.7.3 is installed OR libvirt-daemon-hooks-5.1.0-lp151.7.3 is installed OR libvirt-daemon-lxc-5.1.0-lp151.7.3 is installed OR libvirt-daemon-qemu-5.1.0-lp151.7.3 is installed OR libvirt-daemon-xen-5.1.0-lp151.7.3 is installed OR libvirt-devel-5.1.0-lp151.7.3 is installed OR libvirt-devel-32bit-5.1.0-lp151.7.3 is installed OR libvirt-doc-5.1.0-lp151.7.3 is installed OR libvirt-libs-5.1.0-lp151.7.3 is installed OR libvirt-lock-sanlock-5.1.0-lp151.7.3 is installed OR libvirt-nss-5.1.0-lp151.7.3 is installed OR wireshark-plugin-libvirt-5.1.0-lp151.7.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information glibc-2.11.3-17.45.49 is installed OR glibc-32bit-2.11.3-17.45.49 is installed OR glibc-devel-2.11.3-17.45.49 is installed OR glibc-devel-32bit-2.11.3-17.45.49 is installed OR glibc-i18ndata-2.11.3-17.45.49 is installed OR glibc-locale-2.11.3-17.45.49 is installed OR glibc-locale-32bit-2.11.3-17.45.49 is installed OR nscd-2.11.3-17.45.49 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libtasn1-1.5-1.28 is installed OR libtasn1-3-1.5-1.28 is installed OR libtasn1-3-32bit-1.5-1.28 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information xen-4.4.3_06-29 is installed OR xen-doc-html-4.4.3_06-29 is installed OR xen-kmp-default-4.4.3_06_3.0.101_65-29 is installed OR xen-kmp-pae-4.4.3_06_3.0.101_65-29 is installed OR xen-libs-4.4.3_06-29 is installed OR xen-libs-32bit-4.4.3_06-29 is installed OR xen-tools-4.4.3_06-29 is installed OR xen-tools-domU-4.4.3_06-29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND perl-LWP-Protocol-https-6.04-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information dhcp-4.3.3-2 is installed OR dhcp-client-4.3.3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND hardlink-1.0-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.15-4 is installed OR librsvg-2-2-2.40.15-4 is installed OR librsvg-2-2-32bit-2.40.15-4 is installed OR rsvg-view-2.40.15-4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_3-default-8-2 is installed OR kernel-livepatch-SLE15_Update_1-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-195-default-4-10 is installed OR kernel-livepatch-SLE15-SP1_Update_0-4-10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gdm-3.10.0.1-23 is installed OR gdm-branding-upstream-3.10.0.1-23 is installed OR gdm-lang-3.10.0.1-23 is installed OR gdmflexiserver-3.10.0.1-23 is installed OR libgdm1-3.10.0.1-23 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libopenssl1_0_0-1.0.1i-54.17 is installed OR libopenssl1_0_0-32bit-1.0.1i-54.17 is installed OR libopenssl1_0_0-hmac-1.0.1i-54.17 is installed OR libopenssl1_0_0-hmac-32bit-1.0.1i-54.17 is installed OR openssl-1.0.1i-54.17 is installed OR openssl-doc-1.0.1i-54.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND perl-XML-LibXML-2.0019-5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.92 is installed OR kernel-default-base-4.4.121-92.92 is installed OR kernel-default-devel-4.4.121-92.92 is installed OR kernel-devel-4.4.121-92.92 is installed OR kernel-macros-4.4.121-92.92 is installed OR kernel-source-4.4.121-92.92 is installed OR kernel-syms-4.4.121-92.92 is installed OR kgraft-patch-4_4_121-92_92-default-1-3.7 is installed OR kgraft-patch-SLE12-SP2_Update_24-1-3.7 is installed OR lttng-modules-2.7.1-9.4 is installed OR lttng-modules-kmp-default-2.7.1_k4.4.121_92.92-9.4 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_38-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_13-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cracklib-2.9.0-7 is installed OR libcrack2-2.9.0-7 is installed OR libcrack2-32bit-2.9.0-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libjpeg-turbo-1.5.3-31.19 is installed OR libjpeg62-62.2.0-31.19 is installed OR libjpeg62-32bit-62.2.0-31.19 is installed OR libjpeg62-turbo-1.5.3-31.19 is installed OR libjpeg8-8.1.2-31.19 is installed OR libjpeg8-32bit-8.1.2-31.19 is installed OR libturbojpeg0-8.1.2-31.19 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpolkit0-0.113-5.18 is installed OR polkit-0.113-5.18 is installed OR typelib-1_0-Polkit-1_0-0.113-5.18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.6.0-109.110 is installed OR MozillaFirefox-translations-common-68.6.0-109.110 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libtirpc-1.0.1-17.6 is installed OR libtirpc-netconfig-1.0.1-17.6 is installed OR libtirpc3-1.0.1-17.6 is installed OR libtirpc3-32bit-1.0.1-17.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND apache-commons-httpclient-3.1-4 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information kernel-firmware-20160516git-10.8 is installed OR ucode-amd-20160516git-10.8 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information gcc9-9.2.1+r275327-1.3 is installed OR libasan5-9.2.1+r275327-1.3 is installed OR libasan5-32bit-9.2.1+r275327-1.3 is installed OR libatomic1-9.2.1+r275327-1.3 is installed OR libatomic1-32bit-9.2.1+r275327-1.3 is installed OR libgcc_s1-9.2.1+r275327-1.3 is installed OR libgcc_s1-32bit-9.2.1+r275327-1.3 is installed OR libgfortran5-9.2.1+r275327-1.3 is installed OR libgfortran5-32bit-9.2.1+r275327-1.3 is installed OR libgo14-9.2.1+r275327-1.3 is installed OR libgo14-32bit-9.2.1+r275327-1.3 is installed OR libgomp1-9.2.1+r275327-1.3 is installed OR libgomp1-32bit-9.2.1+r275327-1.3 is installed OR libitm1-9.2.1+r275327-1.3 is installed OR libitm1-32bit-9.2.1+r275327-1.3 is installed OR liblsan0-9.2.1+r275327-1.3 is installed OR libquadmath0-9.2.1+r275327-1.3 is installed OR libquadmath0-32bit-9.2.1+r275327-1.3 is installed OR libstdc++6-9.2.1+r275327-1.3 is installed OR libstdc++6-32bit-9.2.1+r275327-1.3 is installed OR libstdc++6-locale-9.2.1+r275327-1.3 is installed OR libtsan0-9.2.1+r275327-1.3 is installed OR libubsan1-9.2.1+r275327-1.3 is installed OR libubsan1-32bit-9.2.1+r275327-1.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information ardana-monasca-8.0+git.1535031421.9262a47-3.12 is installed OR ardana-spark-8.0+git.1534267176.a5f3a22-3.6 is installed OR kafka-0.10.2.2-5.6 is installed OR openstack-monasca-api-2.2.1~dev24-3.6 is installed OR python-monasca-api-2.2.1~dev24-3.6 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information ruby2.1-rubygem-haml-4.0.6-3.3 is installed OR rubygem-haml-4.0.6-3.3 is installed

BACK