Oval Definition:	oval:org.opensuse.security:def:52789
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 19 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-150_55 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1176722) - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518). Family: unix Class: patch Status: Reference(s): 1171252 1171254 1175992 1176012 1176072 1176382 1176896 814440 867595 904348 921949 924493 927591 930145 933514 935961 936076 936773 937766 939826 939926 940853 941202 941867 942938 944749 945582 945626 946078 947241 947321 947478 948521 948685 948831 949100 949463 949504 949706 949744 950013 950750 950862 950998 951110 951165 951199 951440 951546 952666 952758 953796 953980 954635 955148 955210 955224 955422 955533 955644 956047 956053 956703 956711 958963 960155 CVE-2006-4484 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-0407 CVE-2010-1146 CVE-2010-1436 CVE-2010-1641 CVE-2010-2066 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-4352 CVE-2010-4531 CVE-2011-0712 CVE-2011-1020 CVE-2011-1577 CVE-2011-2203 CVE-2012-0056 CVE-2012-0786 CVE-2012-2669 CVE-2012-3524 CVE-2012-5532 CVE-2013-0160 CVE-2013-0231 CVE-2013-0913 CVE-2013-1992 CVE-2013-2001 CVE-2013-2168 CVE-2013-2850 CVE-2013-4312 CVE-2014-0038 CVE-2014-00691 CVE-2014-0107 CVE-2014-0196 CVE-2014-3477 CVE-2014-3532 CVE-2014-3533 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-7202 CVE-2014-7203 CVE-2014-7824 CVE-2014-8119 CVE-2014-8148 CVE-2014-9721 CVE-2015-0245 CVE-2015-0272 CVE-2015-0458 CVE-2015-0459 CVE-2015-0460 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0484 CVE-2015-0488 CVE-2015-0491 CVE-2015-0492 CVE-2015-1350 CVE-2015-2925 CVE-2015-4000 CVE-2015-5283 CVE-2015-5307 CVE-2015-6908 CVE-2015-7552 CVE-2015-7799 CVE-2015-7833 CVE-2015-7872 CVE-2015-7884 CVE-2015-7885 CVE-2015-7990 CVE-2015-8104 CVE-2015-8709 CVE-2015-8812 CVE-2015-8964 CVE-2016-0617 CVE-2016-0723 CVE-2016-0728 CVE-2016-0758 CVE-2016-10109 CVE-2016-10200 CVE-2016-1237 CVE-2016-1583 CVE-2016-2117 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2383 CVE-2016-2384 CVE-2016-2847 CVE-2016-3134 CVE-2016-3135 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3140 CVE-2016-3156 CVE-2016-3672 CVE-2016-3689 CVE-2016-3713 CVE-2016-3951 CVE-2016-4470 CVE-2016-4482 CVE-2016-4486 CVE-2016-4557 CVE-2016-4558 CVE-2016-4569 CVE-2016-4578 CVE-2016-4794 CVE-2016-4805 CVE-2016-4951 CVE-2016-4997 CVE-2016-4998 CVE-2016-5195 CVE-2016-5244 CVE-2016-5412 CVE-2016-5696 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039 CVE-2016-7042 CVE-2016-7097 CVE-2016-7117 CVE-2016-7425 CVE-2016-7913 CVE-2016-7917 CVE-2016-8632 CVE-2016-8636 CVE-2016-8645 CVE-2016-8655 CVE-2016-8658 CVE-2016-8666 CVE-2016-9083 CVE-2016-9084 CVE-2016-9191 CVE-2016-9555 CVE-2016-9576 CVE-2016-9793 CVE-2016-9794 CVE-2016-9806 CVE-2016-9919 CVE-2017-1000364 CVE-2017-1000365 CVE-2017-1000380 CVE-2017-2583 CVE-2017-2584 CVE-2017-2596 CVE-2017-2636 CVE-2017-2671 CVE-2017-5551 CVE-2017-5576 CVE-2017-5577 CVE-2017-5897 CVE-2017-5970 CVE-2017-5986 CVE-2017-6074 CVE-2017-6214 CVE-2017-6345 CVE-2017-6346 CVE-2017-6347 CVE-2017-6353 CVE-2017-7184 CVE-2017-7187 CVE-2017-7261 CVE-2017-7294 CVE-2017-7308 CVE-2017-7346 CVE-2017-7374 CVE-2017-7487 CVE-2017-7518 CVE-2017-7616 CVE-2017-7618 CVE-2017-8890 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9150 CVE-2017-9242 CVE-2020-0431 CVE-2020-12653 CVE-2020-12654 CVE-2020-14381 CVE-2020-14386 CVE-2020-24394 CVE-2020-25212 SUSE-SU-2015:0789-1 SUSE-SU-2015:2194-1 SUSE-SU-2016:0224-1 SUSE-SU-2016:0225-1 SUSE-SU-2020:3180-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information kdelibs4-4.14.38-lp150.5 is installed OR kdelibs4-branding-upstream-4.14.38-lp150.5 is installed OR kdelibs4-core-4.14.38-lp150.5 is installed OR libkde4-4.14.38-lp150.5 is installed OR libkdecore4-4.14.38-lp150.5 is installed OR libksuseinstall1-4.14.38-lp150.5 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information chromedriver-76.0.3809.100-lp151.2.20 is installed OR chromium-76.0.3809.100-lp151.2.20 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND postgresql-8.3.23-0.4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13 is installed OR MozillaFirefox-translations-31.8.0esr-0.13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information flash-player-11.2.202.559-0.32 is installed OR flash-player-gnome-11.2.202.559-0.32 is installed OR flash-player-kde4-11.2.202.559-0.32 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND xalan-j2-2.7.0-264 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND hyper-v-6-11 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information augeas-1.2.0-10 is installed OR augeas-lenses-1.2.0-10 is installed OR libaugeas0-1.2.0-10 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information kernel-default-4.4.73-5 is installed OR kernel-default-devel-4.4.73-5 is installed OR kernel-default-extra-4.4.73-5 is installed OR kernel-devel-4.4.73-5 is installed OR kernel-macros-4.4.73-5 is installed OR kernel-source-4.4.73-5 is installed OR kernel-syms-4.4.73-5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information dbus-1-1.8.22-29.10 is installed OR dbus-1-x11-1.8.22-29.10 is installed OR libdbus-1-3-1.8.22-29.10 is installed OR libdbus-1-3-32bit-1.8.22-29.10 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND Package Information kernel-livepatch-4_12_14-150_55-default-3-2 is installed OR kernel-livepatch-SLE15_Update_19-3-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_15-default-7-2 is installed OR kernel-livepatch-SLE15-SP1_Update_4-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information cyrus-sasl-2.1.26-7 is installed OR cyrus-sasl-32bit-2.1.26-7 is installed OR cyrus-sasl-crammd5-2.1.26-7 is installed OR cyrus-sasl-crammd5-32bit-2.1.26-7 is installed OR cyrus-sasl-digestmd5-2.1.26-7 is installed OR cyrus-sasl-gssapi-2.1.26-7 is installed OR cyrus-sasl-gssapi-32bit-2.1.26-7 is installed OR cyrus-sasl-otp-2.1.26-7 is installed OR cyrus-sasl-otp-32bit-2.1.26-7 is installed OR cyrus-sasl-plain-2.1.26-7 is installed OR cyrus-sasl-plain-32bit-2.1.26-7 is installed OR cyrus-sasl-saslauthd-2.1.26-7 is installed OR cyrus-sasl-sqlauxprop-2.1.26-7 is installed OR cyrus-sasl-sqlauxprop-32bit-2.1.26-7 is installed OR libsasl2-3-2.1.26-7 is installed OR libsasl2-3-32bit-2.1.26-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND sudo-1.8.10p3-2.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information git-2.12.3-27.17 is installed OR git-core-2.12.3-27.17 is installed OR git-doc-2.12.3-27.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND ucode-intel-20180807-13.29 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information glib2-lang-2.48.2-10 is installed OR glib2-tools-2.48.2-10 is installed OR libgio-2_0-0-2.48.2-10 is installed OR libgio-2_0-0-32bit-2.48.2-10 is installed OR libglib-2_0-0-2.48.2-10 is installed OR libglib-2_0-0-32bit-2.48.2-10 is installed OR libgmodule-2_0-0-2.48.2-10 is installed OR libgmodule-2_0-0-32bit-2.48.2-10 is installed OR libgobject-2_0-0-2.48.2-10 is installed OR libgobject-2_0-0-32bit-2.48.2-10 is installed OR libgthread-2_0-0-2.48.2-10 is installed OR libgthread-2_0-0-32bit-2.48.2-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libspice-server1-0.12.8-6 is installed OR spice-0.12.8-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.8 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.8 is installed Definition Synopsis SUSE OpenStack Cloud 6-LTSS is installed AND Package Information ruby2.1-rubygem-puma-2.16.0-4.3 is installed OR rubygem-puma-2.16.0-4.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmariadb3-3.0.3-3.3 is installed OR mariadb-10.2.15-4.3 is installed OR mariadb-client-10.2.15-4.3 is installed OR mariadb-connector-c-3.0.3-3.3 is installed OR mariadb-errormessages-10.2.15-4.3 is installed OR mariadb-galera-10.2.15-4.3 is installed OR mariadb-tools-10.2.15-4.3 is installed OR xtrabackup-2.4.10-4.3 is installed
BACK