Oval Definition:	oval:org.opensuse.security:def:52896
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP1) (Important) Description: This update for the Linux Kernel 4.12.14-197_37 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1176722) - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518). Family: unix Class: patch Status: Reference(s): 1103678 1137001 1175992 1176012 1176072 1176382 1176896 856322 897048 897512 898513 900914 910491 915410 922710 953516 953519 953521 984990 985609 985665 985669 985673 985675 985679 985682 985685 985688 985689 985697 985698 985700 985703 985704 985706 985826 985832 985835 CVE-2008-0928 CVE-2008-1227 CVE-2008-1945 CVE-2008-2382 CVE-2008-4539 CVE-2010-1172 CVE-2012-3515 CVE-2013-0292 CVE-2013-1987 CVE-2013-1991 CVE-2013-2000 CVE-2013-2064 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-4544 CVE-2013-6399 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0150 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-1932 CVE-2014-2653 CVE-2014-3461 CVE-2014-3640 CVE-2014-5044 CVE-2014-7840 CVE-2014-8106 CVE-2014-8242 CVE-2014-9221 CVE-2014-9512 CVE-2014-9756 CVE-2015-1779 CVE-2015-3209 CVE-2015-3456 CVE-2015-4037 CVE-2015-5154 CVE-2015-5225 CVE-2015-5276 CVE-2015-5278 CVE-2015-5279 CVE-2015-5352 CVE-2015-5600 CVE-2015-5745 CVE-2015-6563 CVE-2015-6564 CVE-2015-6815 CVE-2015-6855 CVE-2015-7295 CVE-2015-7512 CVE-2015-7549 CVE-2015-7805 CVE-2015-8075 CVE-2015-8325 CVE-2015-8345 CVE-2015-8504 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-0777 CVE-2016-0778 CVE-2016-10028 CVE-2016-10155 CVE-2016-1568 CVE-2016-1714 CVE-2016-1908 CVE-2016-1922 CVE-2016-1981 CVE-2016-2198 CVE-2016-3115 CVE-2016-3710 CVE-2016-3712 CVE-2016-4002 CVE-2016-4020 CVE-2016-4300 CVE-2016-4301 CVE-2016-4302 CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4809 CVE-2016-4952 CVE-2016-4964 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6210 CVE-2016-6351 CVE-2016-6490 CVE-2016-6515 CVE-2016-6833 CVE-2016-6836 CVE-2016-6888 CVE-2016-7116 CVE-2016-7155 CVE-2016-7156 CVE-2016-7157 CVE-2016-7161 CVE-2016-7170 CVE-2016-7421 CVE-2016-7422 CVE-2016-7423 CVE-2016-7466 CVE-2016-7907 CVE-2016-7908 CVE-2016-7909 CVE-2016-7994 CVE-2016-7995 CVE-2016-8576 CVE-2016-8577 CVE-2016-8578 CVE-2016-8667 CVE-2016-8668 CVE-2016-8669 CVE-2016-8909 CVE-2016-8910 CVE-2016-9082 CVE-2016-9101 CVE-2016-9102 CVE-2016-9103 CVE-2016-9104 CVE-2016-9105 CVE-2016-9106 CVE-2016-9381 CVE-2016-9602 CVE-2016-9776 CVE-2016-9845 CVE-2016-9846 CVE-2016-9907 CVE-2016-9908 CVE-2016-9911 CVE-2016-9912 CVE-2016-9913 CVE-2016-9921 CVE-2016-9922 CVE-2016-9923 CVE-2017-10664 CVE-2017-10806 CVE-2017-10911 CVE-2017-11334 CVE-2017-11434 CVE-2017-12809 CVE-2017-13672 CVE-2017-13711 CVE-2017-14167 CVE-2017-15038 CVE-2017-15119 CVE-2017-15124 CVE-2017-15268 CVE-2017-15289 CVE-2017-16845 CVE-2017-17381 CVE-2017-18043 CVE-2017-2615 CVE-2017-2620 CVE-2017-2630 CVE-2017-2633 CVE-2017-5525 CVE-2017-5526 CVE-2017-5552 CVE-2017-5578 CVE-2017-5579 CVE-2017-5667 CVE-2017-5715 CVE-2017-5856 CVE-2017-5857 CVE-2017-5898 CVE-2017-5931 CVE-2017-5973 CVE-2017-5987 CVE-2017-6058 CVE-2017-6505 CVE-2017-7471 CVE-2017-7475 CVE-2017-7493 CVE-2017-8112 CVE-2017-8309 CVE-2017-8379 CVE-2017-8380 CVE-2017-9503 CVE-2017-9524 CVE-2017-9814 CVE-2018-11806 CVE-2018-12617 CVE-2018-3639 CVE-2018-5683 CVE-2018-7550 CVE-2019-12450 CVE-2020-0431 CVE-2020-14381 CVE-2020-14386 CVE-2020-24394 CVE-2020-25212 SUSE-SU-2015:0281-1 SUSE-SU-2015:2000-2 SUSE-SU-2016:0173-1 SUSE-SU-2016:1909-1 SUSE-SU-2019:1594-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information apparmor-abstractions-2.12-lp150.5 is installed OR apparmor-docs-2.12-lp150.5 is installed OR apparmor-parser-2.12-lp150.5 is installed OR apparmor-parser-lang-2.12-lp150.5 is installed OR apparmor-profiles-2.12-lp150.5 is installed OR apparmor-utils-2.12-lp150.5 is installed OR apparmor-utils-lang-2.12-lp150.5 is installed OR perl-apparmor-2.12-lp150.5 is installed OR python3-apparmor-2.12-lp150.5 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libxslt-1.1.32-lp151.3.3 is installed OR libxslt-devel-1.1.32-lp151.3.3 is installed OR libxslt-devel-32bit-1.1.32-lp151.3.3 is installed OR libxslt-python-1.1.32-lp151.3.3 is installed OR libxslt-tools-1.1.32-lp151.3.3 is installed OR libxslt1-1.1.32-lp151.3.3 is installed OR libxslt1-32bit-1.1.32-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.9-0.3 is installed OR MozillaFirefox-branding-SLED-7-0.6.7 is installed OR MozillaFirefox-translations-10.0.9-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-24.6.0esr-0.8 is installed OR MozillaFirefox-branding-SLED-24-0.7 is installed OR MozillaFirefox-translations-24.6.0esr-0.8 is installed OR libfreebl3-3.16.1-0.8 is installed OR libfreebl3-32bit-3.16.1-0.8 is installed OR libsoftokn3-3.16.1-0.8 is installed OR libsoftokn3-32bit-3.16.1-0.8 is installed OR mozilla-nspr-4.10.6-0.3 is installed OR mozilla-nspr-32bit-4.10.6-0.3 is installed OR mozilla-nss-3.16.1-0.8 is installed OR mozilla-nss-32bit-3.16.1-0.8 is installed OR mozilla-nss-tools-3.16.1-0.8 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information grub2-2.00-0.54 is installed OR grub2-x86_64-efi-2.00-0.54 is installed OR grub2-x86_64-xen-2.00-0.54 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information strongswan-5.1.3-9 is installed OR strongswan-doc-5.1.3-9 is installed OR strongswan-ipsec-5.1.3-9 is installed OR strongswan-libs0-5.1.3-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXrender1-0.9.8-3 is installed OR libXrender1-32bit-0.9.8-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-gij-4.8.5-30 is installed OR gcc48-gij-32bit-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libgcj48-4.8.5-30 is installed OR libgcj48-32bit-4.8.5-30 is installed OR libgcj48-jar-4.8.5-30 is installed OR libgcj_bc1-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libsilc-1_1-2-1.1.10-24 is installed OR libsilcclient-1_1-3-1.1.10-24 is installed OR silc-toolkit-1.1.10-24 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information dbus-1-glib-0.100.2-3 is installed OR dbus-1-glib-32bit-0.100.2-3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information glib2-2.54.3-4.15 is installed OR glib2-devel-32bit-2.54.3-4.15 is installed OR glib2-tools-32bit-2.54.3-4.15 is installed OR libgthread-2_0-0-32bit-2.54.3-4.15 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_37-default-6-2 is installed OR kernel-livepatch-SLE15-SP1_Update_10-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND binutils-2.25.0-13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_20-22.36 is installed OR xen-doc-html-4.5.5_20-22.36 is installed OR xen-kmp-default-4.5.5_20_k3.12.74_60.64.63-22.36 is installed OR xen-libs-4.5.5_20-22.36 is installed OR xen-libs-32bit-4.5.5_20-22.36 is installed OR xen-tools-4.5.5_20-22.36 is installed OR xen-tools-domU-4.5.5_20-22.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND libXfont1-1.5.1-10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information icu-52.1-8.7 is installed OR libicu-doc-52.1-8.7 is installed OR libicu52_1-52.1-8.7 is installed OR libicu52_1-32bit-52.1-8.7 is installed OR libicu52_1-data-52.1-8.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-8-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-8-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_32-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_11-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_jk-1.2.40-5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpython2_7-1_0-2.7.13-28.31 is installed OR libpython2_7-1_0-32bit-2.7.13-28.31 is installed OR python-2.7.13-28.31 is installed OR python-32bit-2.7.13-28.31 is installed OR python-base-2.7.13-28.31 is installed OR python-base-32bit-2.7.13-28.31 is installed OR python-curses-2.7.13-28.31 is installed OR python-demo-2.7.13-28.31 is installed OR python-devel-2.7.13-28.31 is installed OR python-doc-2.7.13-28.31 is installed OR python-doc-pdf-2.7.13-28.31 is installed OR python-gdbm-2.7.13-28.31 is installed OR python-idle-2.7.13-28.31 is installed OR python-tk-2.7.13-28.31 is installed OR python-xml-2.7.13-28.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libspice-server1-0.12.8-6 is installed OR spice-0.12.8-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information gdm-3.10.0.1-54.6 is installed OR gdm-lang-3.10.0.1-54.6 is installed OR gdmflexiserver-3.10.0.1-54.6 is installed OR libgdm1-3.10.0.1-54.6 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-54.6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information MozillaFirefox-60.2.2esr-109.46 is installed OR MozillaFirefox-branding-SLE-60-32.3 is installed OR MozillaFirefox-devel-60.2.2esr-109.46 is installed OR MozillaFirefox-translations-common-60.2.2esr-109.46 is installed OR apache2-mod_nss-1.0.14-19.6 is installed OR libfreebl3-3.36.4-58.15 is installed OR libfreebl3-32bit-3.36.4-58.15 is installed OR libfreebl3-hmac-3.36.4-58.15 is installed OR libfreebl3-hmac-32bit-3.36.4-58.15 is installed OR libsoftokn3-3.36.4-58.15 is installed OR libsoftokn3-32bit-3.36.4-58.15 is installed OR libsoftokn3-hmac-3.36.4-58.15 is installed OR libsoftokn3-hmac-32bit-3.36.4-58.15 is installed OR mozilla-nspr-4.19-19.3 is installed OR mozilla-nspr-32bit-4.19-19.3 is installed OR mozilla-nss-3.36.4-58.15 is installed OR mozilla-nss-32bit-3.36.4-58.15 is installed OR mozilla-nss-certs-3.36.4-58.15 is installed OR mozilla-nss-certs-32bit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-3.36.4-58.15 is installed OR mozilla-nss-sysinit-32bit-3.36.4-58.15 is installed OR mozilla-nss-tools-3.36.4-58.15 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND ipmitool-1.8.18-5.9 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.29-3.22 is installed OR mariadb-galera-10.2.29-3.22 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-Django-1.11.11-3.3 is installed
BACK