OVAL Reference oval:org.opensuse.security:def:52902

Oval Definition:

oval:org.opensuse.security:def:52902

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP1) (Important)
Description:	This update for the Linux Kernel 4.12.14-197_48 fixes several issues. The following security issues were fixed: - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518).
Family:	unix	Class:	patch
Status:		Reference(s):	1145383 1175992 1176012 1176072 1176382 945842 947772 947791 948168 949000 954256 957812 957813 957815 982366 984684 987895 988651 989721 989722 989723 989725 989726 989727 989728 989729 989730 989731 989732 989733 989734 CVE-2009-1273 CVE-2009-1886 CVE-2009-1888 CVE-2009-2813 CVE-2009-2906 CVE-2009-2948 CVE-2010-0547 CVE-2010-0728 CVE-2010-0787 CVE-2010-0926 CVE-2010-1635 CVE-2010-1642 CVE-2010-2063 CVE-2010-3069 CVE-2011-0719 CVE-2011-1098 CVE-2011-1154 CVE-2011-1155 CVE-2011-2522 CVE-2011-2694 CVE-2011-3602 CVE-2012-0817 CVE-2012-0870 CVE-2012-1182 CVE-2012-2111 CVE-2012-4510 CVE-2012-6150 CVE-2013-0172 CVE-2013-0213 CVE-2013-0214 CVE-2013-0454 CVE-2013-1863 CVE-2013-2001 CVE-2013-2131 CVE-2013-4124 CVE-2013-4282 CVE-2013-4408 CVE-2013-4475 CVE-2013-4476 CVE-2013-4496 CVE-2013-6442 CVE-2014-0178 CVE-2014-0239 CVE-2014-0244 CVE-2014-3493 CVE-2014-3560 CVE-2014-6272 CVE-2014-8143 CVE-2015-0240 CVE-2015-0247 CVE-2015-1572 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196 CVE-2015-3223 CVE-2015-3247 CVE-2015-5252 CVE-2015-5260 CVE-2015-5261 CVE-2015-5276 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-5370 CVE-2015-7560 CVE-2015-8467 CVE-2016-0749 CVE-2016-10195 CVE-2016-10196 CVE-2016-10197 CVE-2016-2110 CVE-2016-2111 CVE-2016-2112 CVE-2016-2113 CVE-2016-2115 CVE-2016-2118 CVE-2016-2119 CVE-2016-2150 CVE-2016-3458 CVE-2016-3485 CVE-2016-3498 CVE-2016-3500 CVE-2016-3503 CVE-2016-3508 CVE-2016-3511 CVE-2016-3550 CVE-2016-3552 CVE-2016-3587 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610 CVE-2016-9577 CVE-2016-9578 CVE-2019-14806 CVE-2020-14381 CVE-2020-14386 CVE-2020-24394 CVE-2020-25212 SUSE-SU-2015:1833-1 SUSE-SU-2015:2230-1 SUSE-SU-2016:1997-1 SUSE-SU-2016:2012-1 SUSE-SU-2019:2308-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information bind-9.11.2-lp150.7 is installed OR bind-chrootenv-9.11.2-lp150.7 is installed OR bind-utils-9.11.2-lp150.7 is installed OR libbind9-160-9.11.2-lp150.7 is installed OR libdns169-9.11.2-lp150.7 is installed OR libirs160-9.11.2-lp150.7 is installed OR libisc166-9.11.2-lp150.7 is installed OR libisccc160-9.11.2-lp150.7 is installed OR libisccfg160-9.11.2-lp150.7 is installed OR liblwres160-9.11.2-lp150.7 is installed OR python3-bind-9.11.2-lp150.7 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information ncat-7.70-lp151.3.3 is installed OR ndiff-7.70-lp151.3.3 is installed OR nmap-7.70-lp151.3.3 is installed OR nping-7.70-lp151.3.3 is installed OR zenmap-7.70-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.6esr-0.4 is installed OR MozillaFirefox-translations-17.0.6esr-0.4 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.6.0esr-0.8 is installed OR MozillaFirefox-translations-31.6.0esr-0.8 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information java-1_7_0-openjdk-1.7.0.91-0.14 is installed OR java-1_7_0-openjdk-demo-1.7.0.91-0.14 is installed OR java-1_7_0-openjdk-devel-1.7.0.91-0.14 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information cpp48-4.8.5-24 is installed OR gcc48-4.8.5-24 is installed OR gcc48-32bit-4.8.5-24 is installed OR gcc48-c++-4.8.5-24 is installed OR gcc48-gij-4.8.5-24 is installed OR gcc48-gij-32bit-4.8.5-24 is installed OR gcc48-info-4.8.5-24 is installed OR libasan0-4.8.5-24 is installed OR libasan0-32bit-4.8.5-24 is installed OR libgcj48-4.8.5-24 is installed OR libgcj48-32bit-4.8.5-24 is installed OR libgcj48-jar-4.8.5-24 is installed OR libgcj_bc1-4.8.5-24 is installed OR libstdc++48-devel-4.8.5-24 is installed OR libstdc++48-devel-32bit-4.8.5-24 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libXxf86vm1-1.1.3-3 is installed OR libXxf86vm1-32bit-1.1.3-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information cups-pk-helper-0.2.5-3 is installed OR cups-pk-helper-lang-0.2.5-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND libspice-server1-0.12.8-1 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information e2fsprogs-1.43.8-1 is installed OR libcom_err2-1.43.8-1 is installed OR libcom_err2-32bit-1.43.8-1 is installed OR libext2fs2-1.43.8-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 is installed AND Package Information python-Werkzeug-0.12.2-3.3 is installed OR python2-Werkzeug-0.12.2-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND Package Information kernel-livepatch-4_12_14-197_48-default-3-2 is installed OR kernel-livepatch-SLE15-SP1_Update_13-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND coolkey-1.1.0-147 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_69-60_64_29-default-10-2 is installed OR kgraft-patch-3_12_69-60_64_29-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_12-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libXt6-1.1.4-3 is installed OR libXt6-32bit-1.1.4-3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information krb5-1.12.5-40.31 is installed OR krb5-32bit-1.12.5-40.31 is installed OR krb5-client-1.12.5-40.31 is installed OR krb5-doc-1.12.5-40.31 is installed OR krb5-plugin-kdb-ldap-1.12.5-40.31 is installed OR krb5-plugin-preauth-otp-1.12.5-40.31 is installed OR krb5-plugin-preauth-pkinit-1.12.5-40.31 is installed OR krb5-server-1.12.5-40.31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information git-2.12.3-27.14 is installed OR git-core-2.12.3-27.14 is installed OR git-doc-2.12.3-27.14 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_35-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_12-11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openslp-2.0.0-18.15 is installed OR openslp-32bit-2.0.0-18.15 is installed OR openslp-server-2.0.0-18.15 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information accountsservice-0.6.42-16.3 is installed OR accountsservice-lang-0.6.42-16.3 is installed OR libaccountsservice0-0.6.42-16.3 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-16.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information openssh-7.2p2-74.30 is installed OR openssh-askpass-gnome-7.2p2-74.30 is installed OR openssh-fips-7.2p2-74.30 is installed OR openssh-helpers-7.2p2-74.30 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.6.0-109.110 is installed OR MozillaFirefox-translations-common-68.6.0-109.110 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND python-requests-2.20.1-4.3 is installed

BACK