OVAL Reference oval:org.opensuse.security:def:52753

Oval Definition:

oval:org.opensuse.security:def:52753

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 8 for SLE 15) (Important)
Description:	This update for the Linux Kernel 4.12.14-25_28 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglected to set a NULL value for a certain structure member, which could have led to a use-after-free in sockfs_setattr (bsc#1126284). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).
Family:	unix	Class:	patch
Status:		Reference(s):	1051510 1055117 1071995 1083647 1083710 1102247 1103991 1103992 1104745 1109837 1111666 1112374 1119222 1123080 1124729 1124734 1126284 1127034 1127315 1127611 1128378 1129770 1130972 1133021 1134090 1134097 1134390 1134399 1135335 1135642 1136217 1136342 1136460 1136461 1136462 1136467 1137458 1137534 1137535 1137584 1137609 1137811 1137827 1138874 1139358 1139619 1140133 1140139 1140322 1140559 1140652 1140676 1140903 1140945 1140948 1141312 1141401 1141402 1141452 1141453 1141454 1141478 1141558 1142023 1142052 1142083 1142112 1142115 1142119 1142220 1142221 1142254 1142350 1142351 1142354 1142359 1142450 1142623 1142673 1142701 1142868 1143003 1143045 1143105 1143185 1143189 1143191 1143209 1143507 910764 911792 928131 943380 946148 952539 953516 953519 953521 954512 956631 CVE-2008-1420 CVE-2009-3379 CVE-2010-0624 CVE-2010-1205 CVE-2011-2501 CVE-2011-2690 CVE-2011-2691 CVE-2011-2692 CVE-2011-3328 CVE-2012-0444 CVE-2012-2369 CVE-2012-4453 CVE-2013-4509 CVE-2013-5653 CVE-2013-6954 CVE-2014-0333 CVE-2014-9092 CVE-2014-9293 CVE-2014-9294 CVE-2014-9297 CVE-2014-9298 CVE-2014-9495 CVE-2014-9654 CVE-2014-9756 CVE-2015-0973 CVE-2015-2924 CVE-2015-3228 CVE-2015-7651 CVE-2015-7652 CVE-2015-7653 CVE-2015-7654 CVE-2015-7655 CVE-2015-7656 CVE-2015-7657 CVE-2015-7658 CVE-2015-7659 CVE-2015-7660 CVE-2015-7661 CVE-2015-7662 CVE-2015-7663 CVE-2015-7805 CVE-2015-8042 CVE-2015-8043 CVE-2015-8044 CVE-2015-8046 CVE-2015-8075 CVE-2015-8370 CVE-2016-0764 CVE-2016-10220 CVE-2016-7978 CVE-2016-7979 CVE-2016-8602 CVE-2016-9601 CVE-2017-15232 CVE-2017-5951 CVE-2017-7207 CVE-2017-8291 CVE-2018-20855 CVE-2019-1125 CVE-2019-11810 CVE-2019-13631 CVE-2019-13648 CVE-2019-14283 CVE-2019-14284 CVE-2019-6974 CVE-2019-7221 CVE-2019-8912 CVE-2019-9213 SUSE-SU-2015:0274-1 SUSE-SU-2015:1958-1 SUSE-SU-2015:2000-1 SUSE-SU-2015:2399-1 SUSE-SU-2019:2073-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gdm-3.26.2.1-lp150.10 is installed OR gdm-lang-3.26.2.1-lp150.10 is installed OR gdmflexiserver-3.26.2.1-lp150.10 is installed OR libgdm1-3.26.2.1-lp150.10 is installed OR typelib-1_0-Gdm-1_0-3.26.2.1-lp150.10 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.10 is installed OR kernel-debug-base-4.12.14-lp151.28.10 is installed OR kernel-debug-devel-4.12.14-lp151.28.10 is installed OR kernel-default-4.12.14-lp151.28.10 is installed OR kernel-default-base-4.12.14-lp151.28.10 is installed OR kernel-default-devel-4.12.14-lp151.28.10 is installed OR kernel-devel-4.12.14-lp151.28.10 is installed OR kernel-docs-4.12.14-lp151.28.10 is installed OR kernel-docs-html-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.10 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.10 is installed OR kernel-macros-4.12.14-lp151.28.10 is installed OR kernel-obs-build-4.12.14-lp151.28.10 is installed OR kernel-obs-qa-4.12.14-lp151.28.10 is installed OR kernel-source-4.12.14-lp151.28.10 is installed OR kernel-source-vanilla-4.12.14-lp151.28.10 is installed OR kernel-syms-4.12.14-lp151.28.10 is installed OR kernel-vanilla-4.12.14-lp151.28.10 is installed OR kernel-vanilla-base-4.12.14-lp151.28.10 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.10 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information gtk2-2.18.9-0.23 is installed OR gtk2-32bit-2.18.9-0.23 is installed OR gtk2-devel-2.18.9-0.23 is installed OR gtk2-lang-2.18.9-0.23 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information libvirt-1.0.5.9-0.9 is installed OR libvirt-client-1.0.5.9-0.9 is installed OR libvirt-client-32bit-1.0.5.9-0.9 is installed OR libvirt-doc-1.0.5.9-0.9 is installed OR libvirt-python-1.0.5.9-0.9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND xscreensaver-5.07-6.36 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND pidgin-otr-4.0.0-6 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND dracut-037-66 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information ibus-chewing-1.4.14-4 is installed OR ibus-pinyin-1.5.0-7 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ghostscript-9.15-22 is installed OR ghostscript-x11-9.15-22 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information NetworkManager-1.0.12-13.6 is installed OR NetworkManager-lang-1.0.12-13.6 is installed OR libnm-glib-vpn1-1.0.12-13.6 is installed OR libnm-glib4-1.0.12-13.6 is installed OR libnm-util2-1.0.12-13.6 is installed OR libnm0-1.0.12-13.6 is installed OR typelib-1_0-NM-1_0-1.0.12-13.6 is installed OR typelib-1_0-NMClient-1_0-1.0.12-13.6 is installed OR typelib-1_0-NetworkManager-1_0-1.0.12-13.6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-25_28-default-2-2 is installed OR kernel-livepatch-SLE15_Update_8-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.15 is installed OR kernel-default-livepatch-4.12.14-197.15 is installed OR kernel-default-livepatch-devel-4.12.14-197.15 is installed OR kernel-livepatch-4_12_14-197_15-default-1-3.5 is installed OR kernel-livepatch-SLE15-SP1_Update_4-1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information glibc-2.19-31 is installed OR glibc-32bit-2.19-31 is installed OR glibc-devel-2.19-31 is installed OR glibc-devel-32bit-2.19-31 is installed OR glibc-html-2.19-31 is installed OR glibc-i18ndata-2.19-31 is installed OR glibc-info-2.19-31 is installed OR glibc-locale-2.19-31 is installed OR glibc-locale-32bit-2.19-31 is installed OR glibc-profile-2.19-31 is installed OR glibc-profile-32bit-2.19-31 is installed OR nscd-2.19-31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libzypp-15.25.17-46.22 is installed OR zypper-1.12.59-46.10 is installed OR zypper-log-1.12.59-46.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND powerpc-utils-1.3.2-17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND ctags-5.8-7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libsqlite3-0-3.8.10.2-9.15 is installed OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed OR sqlite3-3.8.10.2-9.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information evince-3.20.2-6.27 is installed OR evince-browser-plugin-3.20.2-6.27 is installed OR evince-lang-3.20.2-6.27 is installed OR evince-plugin-djvudocument-3.20.2-6.27 is installed OR evince-plugin-dvidocument-3.20.2-6.27 is installed OR evince-plugin-pdfdocument-3.20.2-6.27 is installed OR evince-plugin-psdocument-3.20.2-6.27 is installed OR evince-plugin-tiffdocument-3.20.2-6.27 is installed OR evince-plugin-xpsdocument-3.20.2-6.27 is installed OR libevdocument3-4-3.20.2-6.27 is installed OR libevview3-3-3.20.2-6.27 is installed OR nautilus-evince-3.20.2-6.27 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information perl-Mail-SpamAssassin-3.4.2-44.8 is installed OR spamassassin-3.4.2-44.8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information xen-4.9.2_10-3.41 is installed OR xen-doc-html-4.9.2_10-3.41 is installed OR xen-libs-4.9.2_10-3.41 is installed OR xen-libs-32bit-4.9.2_10-3.41 is installed OR xen-tools-4.9.2_10-3.41 is installed OR xen-tools-domU-4.9.2_10-3.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND apache2-mod_jk-1.2.40-5 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information kernel-default-3.12.74-60.64.82 is installed OR kernel-default-base-3.12.74-60.64.82 is installed OR kernel-default-devel-3.12.74-60.64.82 is installed OR kernel-devel-3.12.74-60.64.82 is installed OR kernel-macros-3.12.74-60.64.82 is installed OR kernel-source-3.12.74-60.64.82 is installed OR kernel-syms-3.12.74-60.64.82 is installed OR kernel-xen-3.12.74-60.64.82 is installed OR kernel-xen-base-3.12.74-60.64.82 is installed OR kernel-xen-devel-3.12.74-60.64.82 is installed OR kgraft-patch-3_12_74-60_64_82-default-1-2.9 is installed OR kgraft-patch-3_12_74-60_64_82-xen-1-2.9 is installed OR kgraft-patch-SLE12-SP1_Update_25-1-2.9 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information dnsmasq-2.78-18.12 is installed OR dnsmasq-utils-2.78-18.12 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmysqlclient18-10.0.38-29.27 is installed OR mariadb-10.0.38-29.27 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND haproxy-1.6.11-11.3 is installed

BACK