Oval Definition:	oval:org.opensuse.security:def:52899
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP1) (Important) Description: This update for the Linux Kernel 4.12.14-197_26 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1176722) - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518). Family: unix Class: patch Status: Reference(s): 1139959 1175992 1176012 1176072 1176382 1176896 897874 898439 912002 918089 918090 952347 955753 986021 987394 CVE-2009-1886 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2010-0547 CVE-2010-0728 CVE-2010-0787 CVE-2010-0926 CVE-2010-1635 CVE-2010-1642 CVE-2010-2063 CVE-2010-3069 CVE-2010-3430 CVE-2010-3431 CVE-2010-3853 CVE-2011-0719 CVE-2011-2522 CVE-2011-2694 CVE-2011-3148 CVE-2011-3149 CVE-2012-0817 CVE-2012-0870 CVE-2012-1182 CVE-2012-2111 CVE-2012-2141 CVE-2012-3355 CVE-2012-6150 CVE-2013-0172 CVE-2013-0213 CVE-2013-0214 CVE-2013-0454 CVE-2013-1863 CVE-2013-1989 CVE-2013-2066 CVE-2013-4124 CVE-2013-4408 CVE-2013-4475 CVE-2013-4476 CVE-2013-4496 CVE-2013-6393 CVE-2013-6418 CVE-2013-6442 CVE-2014-0178 CVE-2014-0239 CVE-2014-0244 CVE-2014-2284 CVE-2014-2285 CVE-2014-2525 CVE-2014-2583 CVE-2014-3493 CVE-2014-3560 CVE-2014-3565 CVE-2014-5351 CVE-2014-5352 CVE-2014-7204 CVE-2014-8143 CVE-2014-9130 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423 CVE-2015-0240 CVE-2015-1606 CVE-2015-1607 CVE-2015-3223 CVE-2015-3294 CVE-2015-5252 CVE-2015-5276 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-5370 CVE-2015-5621 CVE-2015-7560 CVE-2015-8467 CVE-2015-8543 CVE-2015-8899 CVE-2016-0771 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 CVE-2016-2119 CVE-2016-2123 CVE-2016-2125 CVE-2016-2126 CVE-2016-4994 CVE-2016-6153 CVE-2017-11103 CVE-2017-12150 CVE-2017-12151 CVE-2017-12163 CVE-2017-14491 CVE-2017-14492 CVE-2017-14493 CVE-2017-14494 CVE-2017-14495 CVE-2017-14496 CVE-2017-14746 CVE-2017-15275 CVE-2017-2619 CVE-2017-7494 CVE-2018-1050 CVE-2018-1057 CVE-2018-10858 CVE-2018-10919 CVE-2019-13012 CVE-2020-0431 CVE-2020-14381 CVE-2020-14386 CVE-2020-24394 CVE-2020-25212 SUSE-SU-2015:0290-2 SUSE-SU-2015:2171-2 SUSE-SU-2016:1945-1 SUSE-SU-2016:1962-1 SUSE-SU-2019:1833-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND autofs-5.1.3-lp150.5 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information containerd-1.2.5-lp151.2.3 is installed OR containerd-ctr-1.2.5-lp151.2.3 is installed OR containerd-test-1.2.5-lp151.2.3 is installed OR docker-18.09.6_ce-lp151.2.3 is installed OR docker-bash-completion-18.09.6_ce-lp151.2.3 is installed OR docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3 is installed OR docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3 is installed OR docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3 is installed OR docker-test-18.09.6_ce-lp151.2.3 is installed OR docker-zsh-completion-18.09.6_ce-lp151.2.3 is installed OR go-1.12-lp151.2.3 is installed OR go-doc-1.12-lp151.2.3 is installed OR go-race-1.12-lp151.2.3 is installed OR go1.11-1.11.9-lp151.2.3 is installed OR go1.11-doc-1.11.9-lp151.2.3 is installed OR go1.11-race-1.11.9-lp151.2.3 is installed OR go1.12-1.12.4-lp151.2.3 is installed OR go1.12-doc-1.12.4-lp151.2.3 is installed OR go1.12-race-1.12.4-lp151.2.3 is installed OR golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.12-0.4 is installed OR MozillaFirefox-translations-10.0.12-0.4 is installed OR libfreebl3-3.14.1-0.3 is installed OR libfreebl3-32bit-3.14.1-0.3 is installed OR mozilla-nspr-4.9.4-0.3 is installed OR mozilla-nspr-32bit-4.9.4-0.3 is installed OR mozilla-nss-3.14.1-0.3 is installed OR mozilla-nss-32bit-3.14.1-0.3 is installed OR mozilla-nss-tools-3.14.1-0.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.8.0esr-0.13 is installed OR MozillaFirefox-translations-31.8.0esr-0.13 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND icedtea-web-1.5.3-0.9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information krb5-1.12.1-9 is installed OR krb5-32bit-1.12.1-9 is installed OR krb5-client-1.12.1-9 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXv1-1.0.10-3 is installed OR libXv1-32bit-1.0.10-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND ctags-5.8-7 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libsnmp30-5.7.3-4 is installed OR libsnmp30-32bit-5.7.3-4 is installed OR net-snmp-5.7.3-4 is installed OR perl-SNMP-5.7.3-4 is installed OR snmp-mibs-5.7.3-4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND dnsmasq-2.78-18.3 is installed Definition Synopsis SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information glib2-2.54.3-4.18 is installed OR glib2-devel-32bit-2.54.3-4.18 is installed OR glib2-tools-32bit-2.54.3-4.18 is installed OR libgthread-2_0-0-32bit-2.54.3-4.18 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_26-default-7-2 is installed OR kernel-livepatch-SLE15-SP1_Update_7-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND cifs-utils-6.4-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_54-default-5-2 is installed OR kgraft-patch-3_12_74-60_64_54-xen-5-2 is installed OR kgraft-patch-SLE12-SP1_Update_19-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXp6-1.0.2-3 is installed OR libXp6-32bit-1.0.2-3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libssh2-1-1.4.3-20.6 is installed OR libssh2-1-32bit-1.4.3-20.6 is installed OR libssh2_org-1.4.3-20.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information ntp-4.2.8p12-64.8 is installed OR ntp-doc-4.2.8p12-64.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libvirt-2.0.0-27.45 is installed OR libvirt-client-2.0.0-27.45 is installed OR libvirt-daemon-2.0.0-27.45 is installed OR libvirt-daemon-config-network-2.0.0-27.45 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-interface-2.0.0-27.45 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.45 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.45 is installed OR libvirt-daemon-driver-network-2.0.0-27.45 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.45 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.45 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.45 is installed OR libvirt-daemon-driver-secret-2.0.0-27.45 is installed OR libvirt-daemon-driver-storage-2.0.0-27.45 is installed OR libvirt-daemon-hooks-2.0.0-27.45 is installed OR libvirt-daemon-lxc-2.0.0-27.45 is installed OR libvirt-daemon-qemu-2.0.0-27.45 is installed OR libvirt-daemon-xen-2.0.0-27.45 is installed OR libvirt-doc-2.0.0-27.45 is installed OR libvirt-lock-sanlock-2.0.0-27.45 is installed OR libvirt-nss-2.0.0-27.45 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information MozillaFirefox-52.2.0esr-108 is installed OR MozillaFirefox-translations-52.2.0esr-108 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-default-man-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libpython3_4m1_0-3.4.6-25.16 is installed OR python3-3.4.6-25.16 is installed OR python3-base-3.4.6-25.16 is installed OR python3-curses-3.4.6-25.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information MozillaFirefox-52.9.0esr-109.38 is installed OR MozillaFirefox-translations-52.9.0esr-109.38 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libopenssl-devel-1.0.2j-60.46 is installed OR libopenssl1_0_0-1.0.2j-60.46 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.46 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.46 is installed OR openssl-1.0.2j-60.46 is installed OR openssl-doc-1.0.2j-60.46 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND squid-3.5.21-26.20 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information mariadb-10.2.22-4.11 is installed OR mariadb-client-10.2.22-4.11 is installed OR mariadb-errormessages-10.2.22-4.11 is installed OR mariadb-galera-10.2.22-4.11 is installed OR mariadb-tools-10.2.22-4.11 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.3 is installed
BACK