Oval Definition:oval:org.opensuse.security:def:52790
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 18 for SLE 15) (Important)
Description:

This update for the Linux Kernel 4.12.14-150_52 fixes several issues.

The following security issues were fixed:

- CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1176722) - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518).
Family:unixClass:patch
Status:Reference(s):1171252
1171254
1175992
1176012
1176072
1176382
1176896
915545
920160
921753
942801
948790
948791
958963
960155
962052
CVE-2002-2443
CVE-2007-6600
CVE-2009-0844
CVE-2009-0845
CVE-2009-0846
CVE-2009-0847
CVE-2009-3295
CVE-2009-4034
CVE-2009-4136
CVE-2009-4212
CVE-2010-0283
CVE-2010-0628
CVE-2010-1169
CVE-2010-1170
CVE-2010-1172
CVE-2010-1320
CVE-2010-1321
CVE-2010-1322
CVE-2010-1323
CVE-2010-1324
CVE-2010-3433
CVE-2010-4020
CVE-2010-4021
CVE-2010-4022
CVE-2011-0281
CVE-2011-0282
CVE-2011-0284
CVE-2011-0285
CVE-2011-1098
CVE-2011-1154
CVE-2011-1155
CVE-2011-1527
CVE-2011-1528
CVE-2011-1529
CVE-2011-1530
CVE-2011-1898
CVE-2012-0029
CVE-2012-0217
CVE-2012-0866
CVE-2012-0867
CVE-2012-0868
CVE-2012-1012
CVE-2012-1013
CVE-2012-1016
CVE-2012-2143
CVE-2012-2625
CVE-2012-2655
CVE-2012-3432
CVE-2012-3433
CVE-2012-3488
CVE-2012-3489
CVE-2012-4411
CVE-2012-4535
CVE-2012-4536
CVE-2012-4537
CVE-2012-4538
CVE-2012-4539
CVE-2012-4544
CVE-2012-5510
CVE-2012-5511
CVE-2012-5513
CVE-2012-5514
CVE-2012-5515
CVE-2012-5525
CVE-2012-5634
CVE-2012-6075
CVE-2013-0151
CVE-2013-0152
CVE-2013-0153
CVE-2013-0211
CVE-2013-0255
CVE-2013-0292
CVE-2013-1415
CVE-2013-1417
CVE-2013-1418
CVE-2013-1442
CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
CVE-2013-1917
CVE-2013-1918
CVE-2013-1919
CVE-2013-1922
CVE-2013-1952
CVE-2013-2007
CVE-2013-3495
CVE-2013-4355
CVE-2013-4356
CVE-2013-4361
CVE-2013-4375
CVE-2013-4416
CVE-2013-4494
CVE-2013-4509
CVE-2013-4540
CVE-2013-4551
CVE-2013-4553
CVE-2013-4554
CVE-2014-0060
CVE-2014-0061
CVE-2014-0062
CVE-2014-0063
CVE-2014-0064
CVE-2014-0065
CVE-2014-0066
CVE-2014-0067
CVE-2014-3124
CVE-2014-4341
CVE-2014-4342
CVE-2014-4343
CVE-2014-4344
CVE-2014-4345
CVE-2014-5351
CVE-2014-5352
CVE-2014-5353
CVE-2014-5354
CVE-2014-5355
CVE-2014-6268
CVE-2014-7154
CVE-2014-7155
CVE-2014-7156
CVE-2014-7188
CVE-2014-8169
CVE-2014-9421
CVE-2014-9422
CVE-2014-9423
CVE-2014-9687
CVE-2015-2265
CVE-2015-2304
CVE-2015-2694
CVE-2015-2695
CVE-2015-2696
CVE-2015-2697
CVE-2015-2698
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE-2015-3451
CVE-2015-4491
CVE-2015-5288
CVE-2015-5289
CVE-2015-7552
CVE-2015-7673
CVE-2015-7674
CVE-2015-8629
CVE-2015-8630
CVE-2015-8631
CVE-2015-8918
CVE-2015-8919
CVE-2015-8920
CVE-2015-8921
CVE-2015-8922
CVE-2015-8923
CVE-2015-8924
CVE-2015-8925
CVE-2015-8926
CVE-2015-8928
CVE-2015-8929
CVE-2015-8930
CVE-2015-8931
CVE-2015-8932
CVE-2015-8933
CVE-2015-8934
CVE-2016-1541
CVE-2016-1572
CVE-2016-3119
CVE-2016-3120
CVE-2016-4300
CVE-2016-4301
CVE-2016-4302
CVE-2016-4809
CVE-2017-5209
CVE-2017-5545
CVE-2017-5834
CVE-2017-5835
CVE-2017-5836
CVE-2017-6435
CVE-2017-6436
CVE-2017-6437
CVE-2017-6438
CVE-2017-6439
CVE-2017-6440
CVE-2017-7982
CVE-2020-0431
CVE-2020-12653
CVE-2020-12654
CVE-2020-14381
CVE-2020-14386
CVE-2020-24394
CVE-2020-25212
SUSE-SU-2015:0805-1
SUSE-SU-2015:2195-1
SUSE-SU-2016:0225-1
SUSE-SU-2016:0241-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Live Patching 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6-LTSS
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • kdenetwork4-filesharing-17.12.3-lp150.1 is installed
  • OR kdenetwork4-filesharing-lang-17.12.3-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • pdns-4.1.11-20 is installed
  • OR pdns-backend-geoip-4.1.8-lp151.2.3 is installed
  • OR pdns-backend-godbc-4.1.11-20 is installed
  • OR pdns-backend-ldap-4.1.11-20 is installed
  • OR pdns-backend-lua-4.1.11-20 is installed
  • OR pdns-backend-mydns-4.1.11-20 is installed
  • OR pdns-backend-mysql-4.1.11-20 is installed
  • OR pdns-backend-postgresql-4.1.11-20 is installed
  • OR pdns-backend-remote-4.1.11-20 is installed
  • OR pdns-backend-sqlite3-4.1.11-20 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND puppet-2.6.18-0.12 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • MozillaFirefox-38.5.0esr-28 is installed
  • OR MozillaFirefox-translations-38.5.0esr-28 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • flash-player-11.2.202.569-0.35 is installed
  • OR flash-player-gnome-11.2.202.569-0.35 is installed
  • OR flash-player-kde4-11.2.202.569-0.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • xen-4.4.1_06-2 is installed
  • OR xen-kmp-default-4.4.1_06_k3.12.28_4-2 is installed
  • OR xen-libs-4.4.1_06-2 is installed
  • OR xen-libs-32bit-4.4.1_06-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • ibus-chewing-1.4.10.1-2 is installed
  • OR ibus-pinyin-1.5.0-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND autofs-5.0.9-21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • krb5-1.12.5-39 is installed
  • OR krb5-32bit-1.12.5-39 is installed
  • OR krb5-client-1.12.5-39 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • dbus-1-glib-0.100.2-3 is installed
  • OR dbus-1-glib-32bit-0.100.2-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-150_52-default-3-2 is installed
  • OR kernel-livepatch-SLE15_Update_18-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_10-default-7-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_3-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND davfs2-1.5.2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • xen-4.5.5_12-22.18 is installed
  • OR xen-doc-html-4.5.5_12-22.18 is installed
  • OR xen-kmp-default-4.5.5_12_k3.12.74_60.64.45-22.18 is installed
  • OR xen-libs-4.5.5_12-22.18 is installed
  • OR xen-libs-32bit-4.5.5_12-22.18 is installed
  • OR xen-tools-4.5.5_12-22.18 is installed
  • OR xen-tools-domU-4.5.5_12-22.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND ant-1.9.4-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libQt5Concurrent5-5.6.1-17.6 is installed
  • OR libQt5Core5-5.6.1-17.6 is installed
  • OR libQt5DBus5-5.6.1-17.6 is installed
  • OR libQt5Gui5-5.6.1-17.6 is installed
  • OR libQt5Network5-5.6.1-17.6 is installed
  • OR libQt5OpenGL5-5.6.1-17.6 is installed
  • OR libQt5PrintSupport5-5.6.1-17.6 is installed
  • OR libQt5Sql5-5.6.1-17.6 is installed
  • OR libQt5Sql5-mysql-5.6.1-17.6 is installed
  • OR libQt5Sql5-postgresql-5.6.1-17.6 is installed
  • OR libQt5Sql5-sqlite-5.6.1-17.6 is installed
  • OR libQt5Sql5-unixODBC-5.6.1-17.6 is installed
  • OR libQt5Test5-5.6.1-17.6 is installed
  • OR libQt5Widgets5-5.6.1-17.6 is installed
  • OR libQt5Xml5-5.6.1-17.6 is installed
  • OR libqt5-qtbase-5.6.1-17.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • libdcerpc-atsvc0-4.2.4-28.29 is installed
  • OR samba-4.2.4-28.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_35-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_12-8-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • glibc-2.22-61 is installed
  • OR glibc-32bit-2.22-61 is installed
  • OR glibc-devel-2.22-61 is installed
  • OR glibc-devel-32bit-2.22-61 is installed
  • OR glibc-html-2.22-61 is installed
  • OR glibc-i18ndata-2.22-61 is installed
  • OR glibc-info-2.22-61 is installed
  • OR glibc-locale-2.22-61 is installed
  • OR glibc-locale-32bit-2.22-61 is installed
  • OR glibc-profile-2.22-61 is installed
  • OR glibc-profile-32bit-2.22-61 is installed
  • OR nscd-2.22-61 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-109.95 is installed
  • OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.103 is installed
  • OR kernel-default-base-4.4.180-94.103 is installed
  • OR kernel-default-devel-4.4.180-94.103 is installed
  • OR kernel-default-man-4.4.180-94.103 is installed
  • OR kernel-devel-4.4.180-94.103 is installed
  • OR kernel-macros-4.4.180-94.103 is installed
  • OR kernel-source-4.4.180-94.103 is installed
  • OR kernel-syms-4.4.180-94.103 is installed
  • OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • dovecot22-2.2.31-19.11 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.11 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.11 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • accountsservice-0.6.42-16.3 is installed
  • OR accountsservice-lang-0.6.42-16.3 is installed
  • OR libaccountsservice0-0.6.42-16.3 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6-LTSS is installed
  • AND Package Information
  • ruby2.1-rubygem-actionview-4_2-4.2.9-9.9 is installed
  • OR ruby2.1-rubygem-activesupport-4_2-4.2.9-7.6 is installed
  • OR rubygem-actionview-4_2-4.2.9-9.9 is installed
  • OR rubygem-activesupport-4_2-4.2.9-7.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libsolv-0.6.36-2.16 is installed
  • OR libsolv-tools-0.6.36-2.16 is installed
  • OR libzypp-16.20.0-2.39 is installed
  • OR perl-solv-0.6.36-2.16 is installed
  • OR python-solv-0.6.36-2.16 is installed
  • OR zypper-1.13.51-21.26 is installed
  • OR zypper-log-1.13.51-21.26 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND nodejs6-6.14.3-11.15 is installed
    • BACK