OVAL Reference oval:org.opensuse.security:def:52895

Oval Definition:

oval:org.opensuse.security:def:52895

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP1) (Important)
Description:	This update for the Linux Kernel 4.12.14-197_40 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1176722) - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518).
Family:	unix	Class:	patch
Status:		Reference(s):	1118832 1119396 1126711 1126713 1126821 1126823 1126827 1127122 1128722 1128883 1128886 1128887 1128889 1128892 1129032 1132837 1132838 1134322 1175992 1176012 1176072 1176382 1176896 950474 960317 984990 985609 985665 985669 985673 985675 985679 985682 985685 985688 985689 985697 985698 985700 985703 985704 985706 985826 985832 985835 988579 CVE-2010-0624 CVE-2010-3609 CVE-2010-4352 CVE-2011-4405 CVE-2012-3524 CVE-2013-0157 CVE-2013-1986 CVE-2013-2168 CVE-2014-0011 CVE-2014-1829 CVE-2014-1830 CVE-2014-3477 CVE-2014-3532 CVE-2014-3533 CVE-2014-3566 CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639 CVE-2014-4975 CVE-2014-7824 CVE-2014-8080 CVE-2014-8090 CVE-2014-8148 CVE-2014-8240 CVE-2014-9112 CVE-2014-9114 CVE-2015-0245 CVE-2015-0255 CVE-2015-0848 CVE-2015-1855 CVE-2015-3900 CVE-2015-4588 CVE-2015-4695 CVE-2015-4696 CVE-2015-5218 CVE-2015-7551 CVE-2015-7645 CVE-2015-8459 CVE-2015-8460 CVE-2015-8634 CVE-2015-8635 CVE-2015-8636 CVE-2015-8638 CVE-2015-8639 CVE-2015-8640 CVE-2015-8641 CVE-2015-8642 CVE-2015-8643 CVE-2015-8644 CVE-2015-8645 CVE-2015-8646 CVE-2015-8647 CVE-2015-8648 CVE-2015-8649 CVE-2015-8650 CVE-2015-8651 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-2339 CVE-2016-2779 CVE-2016-4172 CVE-2016-4173 CVE-2016-4174 CVE-2016-4175 CVE-2016-4176 CVE-2016-4177 CVE-2016-4178 CVE-2016-4179 CVE-2016-4180 CVE-2016-4181 CVE-2016-4182 CVE-2016-4183 CVE-2016-4184 CVE-2016-4185 CVE-2016-4186 CVE-2016-4187 CVE-2016-4188 CVE-2016-4189 CVE-2016-4190 CVE-2016-4217 CVE-2016-4218 CVE-2016-4219 CVE-2016-4220 CVE-2016-4221 CVE-2016-4222 CVE-2016-4223 CVE-2016-4224 CVE-2016-4225 CVE-2016-4226 CVE-2016-4227 CVE-2016-4228 CVE-2016-4229 CVE-2016-4230 CVE-2016-4231 CVE-2016-4232 CVE-2016-4233 CVE-2016-4234 CVE-2016-4235 CVE-2016-4236 CVE-2016-4237 CVE-2016-4238 CVE-2016-4239 CVE-2016-4240 CVE-2016-4241 CVE-2016-4242 CVE-2016-4243 CVE-2016-4244 CVE-2016-4245 CVE-2016-4246 CVE-2016-4247 CVE-2016-4248 CVE-2016-4249 CVE-2016-4300 CVE-2016-4301 CVE-2016-4302 CVE-2016-4809 CVE-2016-5011 CVE-2016-6354 CVE-2017-2616 CVE-2018-19935 CVE-2018-20783 CVE-2018-7738 CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023 CVE-2019-9024 CVE-2019-9637 CVE-2019-9638 CVE-2019-9639 CVE-2019-9640 CVE-2019-9641 CVE-2019-9675 CVE-2020-0431 CVE-2020-14381 CVE-2020-14386 CVE-2020-24394 CVE-2020-25212 SUSE-SU-2015:1770-1 SUSE-SU-2015:2401-1 SUSE-SU-2016:1826-1 SUSE-SU-2016:1909-1 SUSE-SU-2019:1461-1 SUSE-SU-2020:3180-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information apache2-mod_php7-7.2.5-lp150.1 is installed OR php7-7.2.5-lp150.1 is installed OR php7-ctype-7.2.5-lp150.1 is installed OR php7-dom-7.2.5-lp150.1 is installed OR php7-iconv-7.2.5-lp150.1 is installed OR php7-json-7.2.5-lp150.1 is installed OR php7-mysql-7.2.5-lp150.1 is installed OR php7-pdo-7.2.5-lp150.1 is installed OR php7-pgsql-7.2.5-lp150.1 is installed OR php7-sqlite-7.2.5-lp150.1 is installed OR php7-tokenizer-7.2.5-lp150.1 is installed OR php7-xmlreader-7.2.5-lp150.1 is installed OR php7-xmlwriter-7.2.5-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libopenssl-1_0_0-devel-1.0.2p-lp151.5.3 is installed OR libopenssl-1_0_0-devel-32bit-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-32bit-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-hmac-1.0.2p-lp151.5.3 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-cavs-1.0.2p-lp151.5.3 is installed OR openssl-1_0_0-doc-1.0.2p-lp151.5.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.7-0.3 is installed OR MozillaFirefox-branding-SLED-7-0.6.7 is installed OR MozillaFirefox-translations-10.0.7-0.3 is installed OR libfreebl3-3.13.6-0.5 is installed OR libfreebl3-32bit-3.13.6-0.5 is installed OR mozilla-nspr-4.9.2-0.6 is installed OR mozilla-nspr-32bit-4.9.2-0.6 is installed OR mozilla-nss-3.13.6-0.5 is installed OR mozilla-nss-32bit-3.13.6-0.5 is installed OR mozilla-nss-tools-3.13.6-0.5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information gnutls-2.4.1-24.39.60 is installed OR libgnutls26-2.4.1-24.39.60 is installed OR libgnutls26-32bit-2.4.1-24.39.60 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gpg2-2.0.9-25.33.41 is installed OR gpg2-lang-2.0.9-25.33.41 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information flash-player-11.2.202.540-108 is installed OR flash-player-gnome-11.2.202.540-108 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXrandr2-1.4.2-3 is installed OR libXrandr2-32bit-1.4.2-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cpio-2.11-29 is installed OR cpio-lang-2.11-29 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libruby2_1-2_1-2.1.9-18 is installed OR ruby2.1-2.1.9-18 is installed OR ruby2.1-stdlib-2.1.9-18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information dbus-1-1.8.22-29.10 is installed OR dbus-1-x11-1.8.22-29.10 is installed OR libdbus-1-3-1.8.22-29.10 is installed OR libdbus-1-3-32bit-1.8.22-29.10 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information php7-7.2.5-4.32 is installed OR php7-embed-7.2.5-4.32 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_40-default-5-2 is installed OR kernel-livepatch-SLE15-SP1_Update_11-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bind-9.9.6P1-30 is installed OR bind-chrootenv-9.9.6P1-30 is installed OR bind-doc-9.9.6P1-30 is installed OR bind-libs-9.9.6P1-30 is installed OR bind-libs-32bit-9.9.6P1-30 is installed OR bind-utils-9.9.6P1-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-52.5.0esr-109.9 is installed OR MozillaFirefox-devel-52.5.0esr-109.9 is installed OR MozillaFirefox-translations-52.5.0esr-109.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXfixes3-5.0.1-3 is installed OR libXfixes3-32bit-5.0.1-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information bash-4.3-83.10 is installed OR bash-doc-4.3-83.10 is installed OR libreadline6-6.3-83.10 is installed OR libreadline6-32bit-6.3-83.10 is installed OR readline-doc-6.3-83.10 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-8-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kernel-default-4.4.121-92.117 is installed OR kernel-default-base-4.4.121-92.117 is installed OR kernel-default-devel-4.4.121-92.117 is installed OR kernel-default-man-4.4.121-92.117 is installed OR kernel-devel-4.4.121-92.117 is installed OR kernel-macros-4.4.121-92.117 is installed OR kernel-source-4.4.121-92.117 is installed OR kernel-syms-4.4.121-92.117 is installed OR kgraft-patch-4_4_121-92_117-default-1-3.3 is installed OR kgraft-patch-SLE12-SP2_Update_31-1-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_69-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_21-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libspice-client-glib-2_0-8-0.33-3.6 is installed OR libspice-client-glib-helper-0.33-3.6 is installed OR libspice-client-gtk-3_0-5-0.33-3.6 is installed OR libspice-controller0-0.33-3.6 is installed OR spice-gtk-0.33-3.6 is installed OR typelib-1_0-SpiceClientGlib-2_0-0.33-3.6 is installed OR typelib-1_0-SpiceClientGtk-3_0-0.33-3.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.40.20-5.6 is installed OR librsvg-2-2-2.40.20-5.6 is installed OR librsvg-2-2-32bit-2.40.20-5.6 is installed OR rsvg-view-2.40.20-5.6 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libwireshark9-2.4.10-48.32 is installed OR libwiretap7-2.4.10-48.32 is installed OR libwscodecs1-2.4.10-48.32 is installed OR libwsutil8-2.4.10-48.32 is installed OR wireshark-2.4.10-48.32 is installed OR wireshark-gtk-2.4.10-48.32 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information java-1_7_0-openjdk-1.7.0.251-43.35 is installed OR java-1_7_0-openjdk-demo-1.7.0.251-43.35 is installed OR java-1_7_0-openjdk-devel-1.7.0.251-43.35 is installed OR java-1_7_0-openjdk-headless-1.7.0.251-43.35 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND haproxy-1.6.11-11.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND python-cryptography-2.0.3-3.3 is installed

BACK