OVAL Reference oval:org.opensuse.security:def:52939

Oval Definition:

oval:org.opensuse.security:def:52939

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP2) (Important)
Description:	This update for the Linux Kernel 5.3.18-22 fixes several issues. The following security issues were fixed: - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-14386: Fixed a memory corruption which could have lead to an attacker gaining root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity (bsc#1176069). - CVE-2020-24394: The NFS server code can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support. This occurs because the current umask is not considered (bsc#1175518).
Family:	unix	Class:	patch
Status:		Reference(s):	1092115 1175992 1176072 1176382 979208 982366 983549 983638 983639 983643 983646 983651 983652 983653 983655 983671 984006 984126 985659 985860 991012 991013 991015 991016 991017 991018 991019 991020 991344 999701 CVE-2008-0928 CVE-2008-1945 CVE-2008-2382 CVE-2008-4539 CVE-2009-0159 CVE-2009-1252 CVE-2009-2473 CVE-2009-2474 CVE-2010-2800 CVE-2010-2801 CVE-2011-1761 CVE-2012-3515 CVE-2013-4143 CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4233 CVE-2013-4234 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-4544 CVE-2013-5211 CVE-2013-6399 CVE-2014-0107 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0150 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3640 CVE-2014-7300 CVE-2014-7840 CVE-2014-8106 CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 CVE-2014-9297 CVE-2014-9298 CVE-2014-9556 CVE-2014-9732 CVE-2015-0797 CVE-2015-1779 CVE-2015-1798 CVE-2015-1799 CVE-2015-3209 CVE-2015-3405 CVE-2015-3456 CVE-2015-4037 CVE-2015-4467 CVE-2015-4468 CVE-2015-4469 CVE-2015-4470 CVE-2015-4471 CVE-2015-4472 CVE-2015-5154 CVE-2015-5219 CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-5300 CVE-2015-6815 CVE-2015-6855 CVE-2015-7295 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7848 CVE-2015-7849 CVE-2015-7850 CVE-2015-7851 CVE-2015-7852 CVE-2015-7853 CVE-2015-7854 CVE-2015-7855 CVE-2015-7871 CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8139 CVE-2015-8140 CVE-2015-8158 CVE-2016-1547 CVE-2016-1548 CVE-2016-1549 CVE-2016-1550 CVE-2016-1551 CVE-2016-1602 CVE-2016-2099 CVE-2016-2516 CVE-2016-2517 CVE-2016-2518 CVE-2016-2519 CVE-2016-2815 CVE-2016-2818 CVE-2016-2819 CVE-2016-2821 CVE-2016-2822 CVE-2016-2824 CVE-2016-2828 CVE-2016-2831 CVE-2016-2834 CVE-2016-4463 CVE-2016-4953 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956 CVE-2016-4957 CVE-2016-5250 CVE-2016-5257 CVE-2016-5261 CVE-2016-5270 CVE-2016-5272 CVE-2016-5274 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5280 CVE-2016-5281 CVE-2016-5284 CVE-2016-5350 CVE-2016-5351 CVE-2016-5352 CVE-2016-5353 CVE-2016-5354 CVE-2016-5355 CVE-2016-5356 CVE-2016-5357 CVE-2016-5358 CVE-2016-5359 CVE-2016-6504 CVE-2016-6505 CVE-2016-6506 CVE-2016-6507 CVE-2016-6508 CVE-2016-6509 CVE-2016-6510 CVE-2016-6511 CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-9042 CVE-2016-9310 CVE-2016-9311 CVE-2016-9445 CVE-2016-9446 CVE-2016-9447 CVE-2016-9809 CVE-2017-6451 CVE-2017-6458 CVE-2017-6460 CVE-2017-6462 CVE-2017-6463 CVE-2017-6464 CVE-2018-9154 CVE-2020-14386 CVE-2020-24394 CVE-2020-25212 SUSE-SU-2016:1691-1 SUSE-SU-2016:2154-1 SUSE-SU-2016:2434-1 SUSE-SU-2016:2453-1 SUSE-SU-2020:1420-2 SUSE-SU-2020:3187-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information gdk-pixbuf-loader-rsvg-2.42.3-lp150.1 is installed OR librsvg-2-2-2.42.3-lp150.1 is installed OR rsvg-thumbnailer-2.42.3-lp150.1 is installed OR typelib-1_0-Rsvg-2_0-2.42.3-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information libheimdal-7.7.0-lp151.3.3 is installed OR libheimdal-devel-7.7.0-lp151.3.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.9esr-0.3 is installed OR MozillaFirefox-translations-17.0.9esr-0.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information bind-9.9.6P1-0.19 is installed OR bind-libs-9.9.6P1-0.19 is installed OR bind-libs-32bit-9.9.6P1-0.19 is installed OR bind-utils-9.9.6P1-0.19 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libmysql55client18-5.5.47-0.17 is installed OR libmysql55client18-32bit-5.5.47-0.17 is installed OR libmysql55client_r18-5.5.47-0.17 is installed OR libmysql55client_r18-32bit-5.5.47-0.17 is installed OR mysql-5.5.47-0.17 is installed OR mysql-client-5.5.47-0.17 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND Package Information MozillaFirefox-45.2.0esr-75 is installed OR MozillaFirefox-branding-SLE-45.0-28 is installed OR MozillaFirefox-translations-45.2.0esr-75 is installed OR libfreebl3-3.21.1-46 is installed OR libfreebl3-32bit-3.21.1-46 is installed OR libsoftokn3-3.21.1-46 is installed OR libsoftokn3-32bit-3.21.1-46 is installed OR mozilla-nspr-4.12-15 is installed OR mozilla-nspr-32bit-4.12-15 is installed OR mozilla-nss-3.21.1-46 is installed OR mozilla-nss-32bit-3.21.1-46 is installed OR mozilla-nss-certs-3.21.1-46 is installed OR mozilla-nss-certs-32bit-3.21.1-46 is installed OR mozilla-nss-sysinit-3.21.1-46 is installed OR mozilla-nss-sysinit-32bit-3.21.1-46 is installed OR mozilla-nss-tools-3.21.1-46 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND libneon27-0.30.0-3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information gnome-settings-daemon-3.20.1-40 is installed OR gnome-settings-daemon-lang-3.20.1-40 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ntp-4.2.8p10-63 is installed OR ntp-doc-4.2.8p10-63 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information gstreamer-0_10-plugins-bad-0.10.23-25 is installed OR gstreamer-0_10-plugins-bad-lang-0.10.23-25 is installed OR libgstbasecamerabinsrc-0_10-23-0.10.23-25 is installed OR libgstbasecamerabinsrc-0_10-23-32bit-0.10.23-25 is installed OR libgstbasevideo-0_10-23-0.10.23-25 is installed OR libgstbasevideo-0_10-23-32bit-0.10.23-25 is installed OR libgstcodecparsers-0_10-23-0.10.23-25 is installed OR libgstphotography-0_10-23-0.10.23-25 is installed OR libgstphotography-0_10-23-32bit-0.10.23-25 is installed OR libgstsignalprocessor-0_10-23-0.10.23-25 is installed OR libgstsignalprocessor-0_10-23-32bit-0.10.23-25 is installed OR libgstvdp-0_10-23-0.10.23-25 is installed OR libgstvdp-0_10-23-32bit-0.10.23-25 is installed
Definition Synopsis
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed AND jasper-2.0.14-3.11 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND Package Information kernel-livepatch-5_3_18-22-default-3-8 is installed OR kernel-livepatch-SLE15-SP2_Update_0-3-8 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information gnome-settings-daemon-3.10.2-20 is installed OR gnome-settings-daemon-lang-3.10.2-20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_115-default-2-2 is installed OR kgraft-patch-3_12_74-60_64_115-xen-2-2 is installed OR kgraft-patch-SLE12-SP1_Update_34-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information cron-4.2-58 is installed OR cronie-1.4.11-58 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information glibc-2.22-62.13 is installed OR glibc-32bit-2.22-62.13 is installed OR glibc-devel-2.22-62.13 is installed OR glibc-devel-32bit-2.22-62.13 is installed OR glibc-html-2.22-62.13 is installed OR glibc-i18ndata-2.22-62.13 is installed OR glibc-info-2.22-62.13 is installed OR glibc-locale-2.22-62.13 is installed OR glibc-locale-32bit-2.22-62.13 is installed OR glibc-profile-2.22-62.13 is installed OR glibc-profile-32bit-2.22-62.13 is installed OR nscd-2.22-62.13 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND yast2-smt-3.0.14-17.3 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libopenssl-devel-1.0.2j-60.30 is installed OR libopenssl1_0_0-1.0.2j-60.30 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed OR openssl-1.0.2j-60.30 is installed OR openssl-doc-1.0.2j-60.30 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information at-3.1.14-7 is installed OR flex-2.5.37-8 is installed OR flex-32bit-2.5.37-8 is installed OR libQtWebKit4-4.8.6+2.3.3-3 is installed OR libQtWebKit4-32bit-4.8.6+2.3.3-3 is installed OR libbonobo-2.32.1-16 is installed OR libbonobo-32bit-2.32.1-16 is installed OR libbonobo-doc-2.32.1-16 is installed OR libbonobo-lang-2.32.1-16 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-5-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_140-94_42-default-10-2 is installed OR kgraft-patch-SLE12-SP3_Update_15-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.23 is installed OR openssh-askpass-gnome-7.2p2-74.23 is installed OR openssh-fips-7.2p2-74.23 is installed OR openssh-helpers-7.2p2-74.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND coolkey-1.1.0-148.3 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND Package Information openstack-heat-5.0.2~a0~dev9-1 is installed OR openstack-heat-api-5.0.2~a0~dev9-1 is installed OR openstack-heat-api-cfn-5.0.2~a0~dev9-1 is installed OR openstack-heat-api-cloudwatch-5.0.2~a0~dev9-1 is installed OR openstack-heat-engine-5.0.2~a0~dev9-1 is installed OR openstack-heat-plugin-heat_docker-5.0.2~a0~dev9-1 is installed OR python-heat-5.0.2~a0~dev9-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.1-2.41 is installed OR libwebkit2gtk-4_0-37-2.24.1-2.41 is installed OR libwebkit2gtk3-lang-2.24.1-2.41 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.1-2.41 is installed OR typelib-1_0-WebKit2-4_0-2.24.1-2.41 is installed OR typelib-1_0-WebKit2WebExtension-4_0-2.24.1-2.41 is installed OR webkit2gtk-4_0-injected-bundles-2.24.1-2.41 is installed OR webkit2gtk3-2.24.1-2.41 is installed OR webkit2gtk3-devel-2.24.1-2.41 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libecpg6-10.9-1.12 is installed OR libpq5-10.9-1.12 is installed OR libpq5-32bit-10.9-1.12 is installed OR postgresql10-10.9-1.12 is installed OR postgresql10-contrib-10.9-1.12 is installed OR postgresql10-docs-10.9-1.12 is installed OR postgresql10-libs-10.9-1.12 is installed OR postgresql10-plperl-10.9-1.12 is installed OR postgresql10-plpython-10.9-1.12 is installed OR postgresql10-pltcl-10.9-1.12 is installed OR postgresql10-server-10.9-1.12 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libpython3_4m1_0-3.4.6-25.29 is installed OR python3-3.4.6-25.29 is installed OR python3-base-3.4.6-25.29 is installed OR python3-curses-3.4.6-25.29 is installed

BACK