OVAL Reference oval:org.opensuse.security:def:52937

Oval Definition:

oval:org.opensuse.security:def:52937

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP2) (Important)
Description:	This update for the Linux Kernel 5.3.18-24_12 fixes several issues. The following security issues were fixed: - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069).
Family:	unix	Class:	patch
Status:		Reference(s):	1133375 1176072 1176382 676471 880007 889207 899908 903279 912607 928547 931448 940413 943989 944309 945345 947337 953233 954847 956491 956852 957805 957986 958963 960155 960857 962336 962846 962872 963193 963572 963762 964461 964727 965319 966054 966245 966573 966831 967251 967292 967299 967903 968010 968141 968448 968512 968667 968670 968687 968812 968813 969439 969571 969655 969690 969735 969992 969993 970062 970114 970504 970506 970604 970892 970909 970911 970948 970955 970956 970958 970970 971049 971124 971125 971126 971159 971170 971360 971600 971628 971947 972003 972174 972844 972891 972933 972951 973378 973556 973570 973660 973855 974165 974308 974406 974418 974646 975371 975488 975533 975945 976739 976868 977582 977685 978401 978822 979169 979213 979419 979485 979548 979867 979879 980348 980364 980371 980377 981143 981344 982354 982698 983213 983318 983394 983904 984456 993453 993454 CVE-2006-4197 CVE-2007-6720 CVE-2009-0179 CVE-2009-0790 CVE-2009-3995 CVE-2009-3996 CVE-2010-2252 CVE-2010-2546 CVE-2011-1761 CVE-2012-2388 CVE-2012-3466 CVE-2012-4929 CVE-2013-2944 CVE-2013-4233 CVE-2013-4234 CVE-2013-5018 CVE-2013-6075 CVE-2013-6076 CVE-2013-6418 CVE-2014-1545 CVE-2014-2338 CVE-2014-4877 CVE-2014-4910 CVE-2014-9221 CVE-2014-9717 CVE-2015-2059 CVE-2015-4171 CVE-2015-7183 CVE-2015-7552 CVE-2015-8023 CVE-2015-8370 CVE-2015-8816 CVE-2015-8845 CVE-2015-8872 CVE-2016-0758 CVE-2016-2053 CVE-2016-2143 CVE-2016-2184 CVE-2016-2185 CVE-2016-2186 CVE-2016-2188 CVE-2016-2782 CVE-2016-2847 CVE-2016-3134 CVE-2016-3136 CVE-2016-3137 CVE-2016-3138 CVE-2016-3139 CVE-2016-3140 CVE-2016-3156 CVE-2016-3672 CVE-2016-3689 CVE-2016-3951 CVE-2016-4482 CVE-2016-4486 CVE-2016-4565 CVE-2016-4569 CVE-2016-4578 CVE-2016-4804 CVE-2016-4805 CVE-2016-4971 CVE-2016-5244 CVE-2016-5423 CVE-2016-5424 CVE-2016-7098 CVE-2017-13089 CVE-2017-13090 CVE-2017-6508 CVE-2018-0494 CVE-2019-9928 CVE-2020-14386 CVE-2020-25212 SUSE-SU-2016:0225-1 SUSE-SU-2016:1690-1 SUSE-SU-2016:2145-1 SUSE-SU-2016:2415-1 SUSE-SU-2020:1300-2 SUSE-SU-2020:3186-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gcab-1.1-lp150.1 is installed OR gcab-lang-1.1-lp150.1 is installed OR libgcab-1_0-0-1.1-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information evince-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-devel-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-lang-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-comicsdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-djvudocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-dvidocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-psdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-tiffdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR evince-plugin-xpsdocument-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR libevdocument3-4-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR libevview3-3-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR nautilus-evince-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-lp151.4.3 is installed OR typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information ImageMagick-6.4.3.6-7.26 is installed OR libMagick++1-6.4.3.6-7.26 is installed OR libMagickCore1-6.4.3.6-7.26 is installed OR libMagickCore1-32bit-6.4.3.6-7.26 is installed OR libMagickWand1-6.4.3.6-7.26 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information bind-9.9.6P1-0.12 is installed OR bind-libs-9.9.6P1-0.12 is installed OR bind-libs-32bit-9.9.6P1-0.12 is installed OR bind-utils-9.9.6P1-0.12 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libmysql55client18-5.5.45-0.11 is installed OR libmysql55client18-32bit-5.5.45-0.11 is installed OR libmysql55client_r18-5.5.45-0.11 is installed OR libmysql55client_r18-32bit-5.5.45-0.11 is installed OR mysql-5.5.45-0.11 is installed OR mysql-client-5.5.45-0.11 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information kernel-default-3.12.60-52.49 is installed OR kernel-default-devel-3.12.60-52.49 is installed OR kernel-default-extra-3.12.60-52.49 is installed OR kernel-devel-3.12.60-52.49 is installed OR kernel-macros-3.12.60-52.49 is installed OR kernel-source-3.12.60-52.49 is installed OR kernel-syms-3.12.60-52.49 is installed OR kernel-xen-3.12.60-52.49 is installed OR kernel-xen-devel-3.12.60-52.49 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND libmusicbrainz4-2.1.5-27 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gnome-keyring-3.20.0-27 is installed OR gnome-keyring-32bit-3.20.0-27 is installed OR gnome-keyring-lang-3.20.0-27 is installed OR gnome-keyring-pam-3.20.0-27 is installed OR gnome-keyring-pam-32bit-3.20.0-27 is installed OR libgck-modules-gnome-keyring-3.20.0-27 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information mozilla-nspr-4.13.1-18 is installed OR mozilla-nspr-32bit-4.13.1-18 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information grub2-2.02-11 is installed OR grub2-i386-pc-2.02-11 is installed OR grub2-snapper-plugin-2.02-11 is installed OR grub2-systemd-sleep-plugin-2.02-11 is installed OR grub2-x86_64-efi-2.02-11 is installed OR grub2-x86_64-xen-2.02-11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND Package Information gstreamer-plugins-base-1.12.5-3.3 is installed OR libgstaudio-1_0-0-32bit-1.12.5-3.3 is installed OR libgsttag-1_0-0-32bit-1.12.5-3.3 is installed OR libgstvideo-1_0-0-32bit-1.12.5-3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND Package Information kernel-livepatch-5_3_18-24_12-default-2-2 is installed OR kernel-livepatch-SLE15-SP2_Update_2-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information glibc-2.19-31 is installed OR glibc-32bit-2.19-31 is installed OR glibc-devel-2.19-31 is installed OR glibc-devel-32bit-2.19-31 is installed OR glibc-html-2.19-31 is installed OR glibc-i18ndata-2.19-31 is installed OR glibc-info-2.19-31 is installed OR glibc-locale-2.19-31 is installed OR glibc-locale-32bit-2.19-31 is installed OR glibc-profile-2.19-31 is installed OR glibc-profile-32bit-2.19-31 is installed OR nscd-2.19-31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-devel-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cpp48-4.8.5-30 is installed OR gcc48-4.8.5-30 is installed OR gcc48-32bit-4.8.5-30 is installed OR gcc48-c++-4.8.5-30 is installed OR gcc48-info-4.8.5-30 is installed OR gcc48-locale-4.8.5-30 is installed OR libasan0-4.8.5-30 is installed OR libasan0-32bit-4.8.5-30 is installed OR libstdc++48-devel-4.8.5-30 is installed OR libstdc++48-devel-32bit-4.8.5-30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information glib2-2.48.2-12.12 is installed OR glib2-lang-2.48.2-12.12 is installed OR glib2-tools-2.48.2-12.12 is installed OR libgio-2_0-0-2.48.2-12.12 is installed OR libgio-2_0-0-32bit-2.48.2-12.12 is installed OR libglib-2_0-0-2.48.2-12.12 is installed OR libglib-2_0-0-32bit-2.48.2-12.12 is installed OR libgmodule-2_0-0-2.48.2-12.12 is installed OR libgmodule-2_0-0-32bit-2.48.2-12.12 is installed OR libgobject-2_0-0-2.48.2-12.12 is installed OR libgobject-2_0-0-32bit-2.48.2-12.12 is installed OR libgthread-2_0-0-2.48.2-12.12 is installed OR libgthread-2_0-0-32bit-2.48.2-12.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libwireshark9-2.4.9-48.29 is installed OR libwiretap7-2.4.9-48.29 is installed OR libwscodecs1-2.4.9-48.29 is installed OR libwsutil8-2.4.9-48.29 is installed OR wireshark-2.4.9-48.29 is installed OR wireshark-gtk-2.4.9-48.29 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kernel-default-4.4.121-92.85 is installed OR kernel-default-base-4.4.121-92.85 is installed OR kernel-default-devel-4.4.121-92.85 is installed OR kernel-default-man-4.4.121-92.85 is installed OR kernel-devel-4.4.121-92.85 is installed OR kernel-macros-4.4.121-92.85 is installed OR kernel-source-4.4.121-92.85 is installed OR kernel-syms-4.4.121-92.85 is installed OR kgraft-patch-4_4_121-92_85-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_23-1-3.5 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND apache2-mod_nss-1.0.14-18 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_107-default-3-2 is installed OR kgraft-patch-SLE12-SP3_Update_29-3-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-60.8.0-109.83 is installed OR MozillaFirefox-translations-common-60.8.0-109.83 is installed OR libfreebl3-3.44.1-58.28 is installed OR libfreebl3-32bit-3.44.1-58.28 is installed OR libfreebl3-hmac-3.44.1-58.28 is installed OR libfreebl3-hmac-32bit-3.44.1-58.28 is installed OR libsoftokn3-3.44.1-58.28 is installed OR libsoftokn3-32bit-3.44.1-58.28 is installed OR libsoftokn3-hmac-3.44.1-58.28 is installed OR libsoftokn3-hmac-32bit-3.44.1-58.28 is installed OR mozilla-nss-3.44.1-58.28 is installed OR mozilla-nss-32bit-3.44.1-58.28 is installed OR mozilla-nss-certs-3.44.1-58.28 is installed OR mozilla-nss-certs-32bit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-3.44.1-58.28 is installed OR mozilla-nss-sysinit-32bit-3.44.1-58.28 is installed OR mozilla-nss-tools-3.44.1-58.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information rsyslog-8.24.0-3.7 is installed OR rsyslog-diag-tools-8.24.0-3.7 is installed OR rsyslog-doc-8.24.0-3.7 is installed OR rsyslog-module-gssapi-8.24.0-3.7 is installed OR rsyslog-module-gtls-8.24.0-3.7 is installed OR rsyslog-module-mysql-8.24.0-3.7 is installed OR rsyslog-module-pgsql-8.24.0-3.7 is installed OR rsyslog-module-relp-8.24.0-3.7 is installed OR rsyslog-module-snmp-8.24.0-3.7 is installed OR rsyslog-module-udpspoof-8.24.0-3.7 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND clamav-0.100.2-33.18 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information openstack-dashboard-8.0.2~a0~dev7-2 is installed OR python-horizon-8.0.2~a0~dev7-2 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information hostinfo-1.0.1-19.5 is installed OR supportutils-3.0-95.21 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-60.7.2-109.80 is installed OR MozillaFirefox-translations-common-60.7.2-109.80 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_8_0-openjdk-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed

BACK