Oval Definition:	oval:org.opensuse.security:def:52898
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP1) (Important) Description: This update for the Linux Kernel 4.12.14-197_29 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1176722) - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518). Family: unix Class: patch Status: Reference(s): 1138172 1138173 1175992 1176012 1176072 1176382 1176896 911837 952062 962189 987394 CVE-2006-2607 CVE-2008-4225 CVE-2008-4226 CVE-2008-4409 CVE-2008-5984 CVE-2009-0186 CVE-2010-0424 CVE-2010-4494 CVE-2011-1944 CVE-2011-2696 CVE-2011-3602 CVE-2012-5134 CVE-2013-0211 CVE-2013-0338 CVE-2013-1969 CVE-2013-2063 CVE-2013-4314 CVE-2014-0191 CVE-2014-3660 CVE-2014-8157 CVE-2014-8158 CVE-2014-9496 CVE-2014-9756 CVE-2015-1038 CVE-2015-2304 CVE-2015-7805 CVE-2015-8025 CVE-2015-8075 CVE-2015-8704 CVE-2015-8918 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8928 CVE-2015-8929 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-1541 CVE-2016-2335 CVE-2016-4300 CVE-2016-4301 CVE-2016-4302 CVE-2016-4809 CVE-2016-6153 CVE-2017-18201 CVE-2017-7585 CVE-2017-7586 CVE-2017-7741 CVE-2017-7742 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365 CVE-2019-11039 CVE-2019-11040 CVE-2020-0431 CVE-2020-14381 CVE-2020-14386 CVE-2020-24394 CVE-2020-25212 SUSE-SU-2015:0288-1 SUSE-SU-2015:2053-2 SUSE-SU-2016:0174-1 SUSE-SU-2016:1945-1 SUSE-SU-2019:1832-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information augeas-1.10.1-lp150.1 is installed OR augeas-lenses-1.10.1-lp150.1 is installed OR libaugeas0-1.10.1-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information bzip2-1.0.6-lp151.5.3 is installed OR bzip2-doc-1.0.6-lp151.5.3 is installed OR libbz2-1-1.0.6-lp151.5.3 is installed OR libbz2-1-32bit-1.0.6-lp151.5.3 is installed OR libbz2-devel-1.0.6-lp151.5.3 is installed OR libbz2-devel-32bit-1.0.6-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.11-0.3 is installed OR MozillaFirefox-translations-10.0.11-0.3 is installed OR libfreebl3-3.14-0.3 is installed OR libfreebl3-32bit-3.14-0.3 is installed OR mozilla-nss-3.14-0.3 is installed OR mozilla-nss-32bit-3.14-0.3 is installed OR mozilla-nss-tools-3.14-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-17.0.9esr-0.7 is installed OR MozillaFirefox-translations-17.0.9esr-0.7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gtk2-2.18.9-0.39 is installed OR gtk2-32bit-2.18.9-0.39 is installed OR gtk2-lang-2.18.9-0.39 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information jasper-1.900.1-170 is installed OR libjasper1-1.900.1-170 is installed OR libjasper1-32bit-1.900.1-170 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXtst6-1.2.2-3 is installed OR libXtst6-32bit-1.2.2-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libsndfile1-1.0.25-35 is installed OR libsndfile1-32bit-1.0.25-35 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information dia-0.97.3-15 is installed OR dia-lang-0.97.3-15 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information php7-7.2.5-4.35 is installed OR php7-embed-7.2.5-4.35 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_29-default-7-2 is installed OR kernel-livepatch-SLE15-SP1_Update_8-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bzip2-1.0.6-27 is installed OR bzip2-doc-1.0.6-27 is installed OR libbz2-1-1.0.6-27 is installed OR libbz2-1-32bit-1.0.6-27 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND wpa_supplicant-2.6-15.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXinerama1-1.1.3-3 is installed OR libXinerama1-32bit-1.1.3-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information freeradius-server-3.0.3-17.12 is installed OR freeradius-server-doc-3.0.3-17.12 is installed OR freeradius-server-krb5-3.0.3-17.12 is installed OR freeradius-server-ldap-3.0.3-17.12 is installed OR freeradius-server-libs-3.0.3-17.12 is installed OR freeradius-server-mysql-3.0.3-17.12 is installed OR freeradius-server-perl-3.0.3-17.12 is installed OR freeradius-server-postgresql-3.0.3-17.12 is installed OR freeradius-server-python-3.0.3-17.12 is installed OR freeradius-server-sqlite-3.0.3-17.12 is installed OR freeradius-server-utils-3.0.3-17.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.6_05-43.42 is installed OR xen-doc-html-4.7.6_05-43.42 is installed OR xen-libs-4.7.6_05-43.42 is installed OR xen-libs-32bit-4.7.6_05-43.42 is installed OR xen-tools-4.7.6_05-43.42 is installed OR xen-tools-domU-4.7.6_05-43.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information xen-4.7.6_02-43.36 is installed OR xen-doc-html-4.7.6_02-43.36 is installed OR xen-libs-4.7.6_02-43.36 is installed OR xen-libs-32bit-4.7.6_02-43.36 is installed OR xen-tools-4.7.6_02-43.36 is installed OR xen-tools-domU-4.7.6_02-43.36 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_176-94_88-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_24-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libsystemd0-228-150.53 is installed OR libsystemd0-32bit-228-150.53 is installed OR libudev1-228-150.53 is installed OR libudev1-32bit-228-150.53 is installed OR systemd-228-150.53 is installed OR systemd-32bit-228-150.53 is installed OR systemd-bash-completion-228-150.53 is installed OR systemd-sysvinit-228-150.53 is installed OR udev-228-150.53 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information openstack-manila-5.1.1~dev2-3.23 is installed OR openstack-manila-api-5.1.1~dev2-3.23 is installed OR openstack-manila-data-5.1.1~dev2-3.23 is installed OR openstack-manila-doc-5.1.1~dev2-3.23 is installed OR openstack-manila-scheduler-5.1.1~dev2-3.23 is installed OR openstack-manila-share-5.1.1~dev2-3.23 is installed OR python-manila-5.1.1~dev2-3.23 is installed OR venv-openstack-manila-5.1.1~dev2-12.27 is installed OR venv-openstack-manila-x86_64-5.1.1~dev2-12.27 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information mariadb-10.2.31-3.25 is installed OR mariadb-galera-10.2.31-3.25 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ansible-2.4.6.0-3.3 is installed
BACK