OVAL Reference oval:org.opensuse.security:def:53877

Oval Definition:

oval:org.opensuse.security:def:53877

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Critical)
Description:	The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-12351: Fixed a type confusion while processing AMP packets aka 'BleedingTooth' aka 'BadKarma' (bsc#1177724). - CVE-2020-12352: Fixed an information leak when processing certain AMP packets aka 'BleedingTooth' aka 'BadChoice' (bsc#1177725). - CVE-2020-25645: Fixed an issue which traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177511). The following non-security bugs were fixed: - drm/sun4i: mixer: Extend regmap max_register (git-fixes). - i2c: meson: fix clock setting overwrite (git-fixes). - iommu/vt-d: Correctly calculate agaw in domain_init() (bsc#1176400). - mac80211: do not allow bigger VHT MPDUs than the hardware supports (git-fixes). - macsec: avoid use-after-free in macsec_handle_frame() (git-fixes). - mmc: core: do not set limits.discard_granularity as 0 (git-fixes). - mm: memcg: switch to css_tryget() in get_mem_cgroup_from_mm() (bsc#1177685). - NFS: On fatal writeback errors, we need to call nfs_inode_remove_request() (bsc#1177340). - NFS: Revalidate the file mapping on all fatal writeback errors (bsc#1177340). - nvme: add a Identify Namespace Identification Descriptor list quirk (bsc#1174748). add two previous futile attempts to fix the bug to blacklist.conf - nvme: Fix ctrl use-after-free during sysfs deletion (bsc#1174748). - nvme: fix deadlock caused by ANA update wrong locking (bsc#1174748). - nvme: fix possible io failures when removing multipathed ns (bsc#1174748). - nvme: make nvme_identify_ns propagate errors back (bsc#1174748). Refresh: - patches.suse/nvme-flush-scan_work-when-resetting-controller.patch - nvme: make nvme_report_ns_ids propagate error back (bsc#1174748). - nvme-multipath: do not reset on unknown status (bsc#1174748). - nvme: Namepace identification descriptor list is optional (bsc#1174748). - nvme: pass status to nvme_error_status (bsc#1174748). - nvme-rdma: Avoid double freeing of async event data (bsc#1174748). - nvme: return error from nvme_alloc_ns() (bsc#1174748). - powerpc/dma: Fix dma_map_ops::get_required_mask (bsc#1065729). - scsi-hisi-kabi-fixes.patch - scsi-hisi-kabi-fixes.patch - scsi: hisi_sas: Add debugfs ITCT file and add file operations (bsc#1140683). - scsi: hisi_sas: Add manual trigger for debugfs dump (bsc#1140683). - scsi: hisi_sas: Add missing seq_printf() call in hisi_sas_show_row_32() (bsc#1140683). - scsi: hisi_sas: Change return variable type in phy_up_v3_hw() (bsc#1140683). - scsi: hisi_sas: Correct memory allocation size for DQ debugfs (bsc#1140683). - scsi: hisi_sas: Do some more tidy-up (bsc#1140683). - scsi: hisi_sas: Fix a timeout race of driver internal and SMP IO (bsc#1140683). - scsi: hisi_sas: Fix type casting and missing static qualifier in debugfs code (bsc#1140683). Refresh: - scsi-hisi_sas-Issue-internal-abort-on-all-relevant-q.patch - scsi: hisi_sas: No need to check return value of debugfs_create functions (bsc#1140683). Update: - scsi: hisi_sas: Some misc tidy-up (bsc#1140683). - scsi: qla2xxx: Add IOCB resource tracking (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Add rport fields in debugfs (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Add SLER and PI control support (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Correct the check for sscanf() return value (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix buffer-buffer credit extraction error (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix crash on session cleanup with unload (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix I/O errors during LIP reset tests (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix I/O failures during remote port toggle testing (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix memory size truncation (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix MPI reset needed message (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Fix reset of MPI firmware (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Make tgt_port_database available in initiator mode (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Performance tweak (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Reduce duplicate code in reporting speed (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Remove unneeded variable 'rval' (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Setup debugfs entries for remote ports (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Update version to 10.02.00.102-k (bsc#1176946 bsc#1175520 bsc#1172538). - scsi: qla2xxx: Update version to 10.02.00.103-k (bsc#1176946 bsc#1175520 bsc#1172538).
Family:	unix	Class:	patch
Status:		Reference(s):	1033109 1033111 1033112 1033113 1033118 1033120 1033126 1033127 1033128 1033129 1033131 1038438 1042804 1042805 1042829 1043353 1043354 1047908 1050037 1050072 1050098 1050100 1050635 1051442 1052470 1052708 1052717 1052721 1052768 1052777 1052781 1054600 1055068 1055374 1055455 1055456 1057000 1057662 1060162 1062752 1065729 1072362 1072901 1074120 1074125 1074185 1074309 1075939 1076021 1076051 1077375 1080249 1080918 1080951 1081725 1083213 1083926 1083927 1083993 1086001 1088004 1088009 1088420 1088662 1089124 1107030 1140683 1172538 1174748 1175520 1176400 1176946 1177027 1177340 1177511 1177685 1177724 1177725 906574 924828 924960 933288 933878 936227 942865 948011 952188 952189 952190 957566 957567 957598 957600 960837 969785 971741 972127 CVE-2010-4530 CVE-2011-2895 CVE-2012-2738 CVE-2012-4453 CVE-2013-6370 CVE-2013-6371 CVE-2014-8964 CVE-2015-2325 CVE-2015-2327 CVE-2015-2328 CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 CVE-2015-2806 CVE-2015-3210 CVE-2015-3217 CVE-2015-5073 CVE-2015-8380 CVE-2015-8381 CVE-2015-8382 CVE-2015-8383 CVE-2015-8384 CVE-2015-8385 CVE-2015-8386 CVE-2015-8387 CVE-2015-8388 CVE-2015-8389 CVE-2015-8390 CVE-2015-8391 CVE-2015-8392 CVE-2015-8393 CVE-2015-8394 CVE-2015-8395 CVE-2016-10371 CVE-2016-10713 CVE-2016-1283 CVE-2016-2851 CVE-2016-3191 CVE-2017-10995 CVE-2017-11505 CVE-2017-11525 CVE-2017-11526 CVE-2017-11539 CVE-2017-11639 CVE-2017-11750 CVE-2017-12565 CVE-2017-12640 CVE-2017-12641 CVE-2017-12643 CVE-2017-12671 CVE-2017-12673 CVE-2017-12676 CVE-2017-12935 CVE-2017-13059 CVE-2017-13141 CVE-2017-13142 CVE-2017-13147 CVE-2017-14103 CVE-2017-14649 CVE-2017-15218 CVE-2017-17504 CVE-2017-17681 CVE-2017-17879 CVE-2017-17884 CVE-2017-17914 CVE-2017-18008 CVE-2017-18027 CVE-2017-18029 CVE-2017-7592 CVE-2017-7593 CVE-2017-7594 CVE-2017-7595 CVE-2017-7596 CVE-2017-7597 CVE-2017-7598 CVE-2017-7599 CVE-2017-7600 CVE-2017-7601 CVE-2017-7602 CVE-2017-9261 CVE-2017-9262 CVE-2017-9403 CVE-2017-9404 CVE-2017-9432 CVE-2017-9433 CVE-2018-1000156 CVE-2018-1055 CVE-2018-1060 CVE-2018-1061 CVE-2018-5246 CVE-2018-5685 CVE-2018-5729 CVE-2018-5730 CVE-2018-6871 CVE-2018-6951 CVE-2020-12351 CVE-2020-12352 CVE-2020-25645 SUSE-SU-2015:0904-1 SUSE-SU-2015:1897-1 SUSE-SU-2016:0707-1 SUSE-SU-2016:2971-1 SUSE-SU-2017:2569-1 SUSE-SU-2018:0349-1 SUSE-SU-2018:0846-1 SUSE-SU-2018:1076-1 SUSE-SU-2018:1128-1 SUSE-SU-2018:2696-1 SUSE-SU-2020:2972-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Workstation Extension 15 SP1 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information freerdp-2.0.0~rc2-lp150.1 is installed OR libfreerdp2-2.0.0~rc2-lp150.1 is installed OR libwinpr2-2.0.0~rc2-lp150.1 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND transfig-3.2.6a-lp151.4.3 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP2 is installed AND bogofilter-1.1.1-174.27 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.36 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.36 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information gpg2-2.0.9-25.33.41 is installed OR gpg2-lang-2.0.9-25.33.41 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 is installed AND dracut-037-34 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information libotr-4.0.0-9 is installed OR libotr5-4.0.0-9 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information libpcre1-8.39-5 is installed OR libpcre1-32bit-8.39-5 is installed OR libpcre16-0-8.39-5 is installed OR libpcrecpp0-8.39-5 is installed OR libpcrecpp0-32bit-8.39-5 is installed OR pcre-8.39-5 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libpython3_4m1_0-3.4.6-25.16 is installed OR python3-3.4.6-25.16 is installed OR python3-base-3.4.6-25.16 is installed OR python3-curses-3.4.6-25.16 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information libjson-c2-0.11-2 is installed OR libjson-c2-32bit-0.11-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information bash-4.2-75 is installed OR bash-doc-4.2-75 is installed OR libreadline6-6.2-75 is installed OR libreadline6-32bit-6.2-75 is installed OR readline-doc-6.2-75 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_62-60_62-default-10-2 is installed OR kgraft-patch-3_12_62-60_62-xen-10-2 is installed OR kgraft-patch-SLE12-SP1_Update_7-10-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libsystemd0-228-117 is installed OR libsystemd0-32bit-228-117 is installed OR libudev1-228-117 is installed OR libudev1-32bit-228-117 is installed OR systemd-228-117 is installed OR systemd-32bit-228-117 is installed OR systemd-bash-completion-228-117 is installed OR systemd-sysvinit-228-117 is installed OR udev-228-117 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.104 is installed OR kernel-default-base-4.4.121-92.104 is installed OR kernel-default-devel-4.4.121-92.104 is installed OR kernel-devel-4.4.121-92.104 is installed OR kernel-macros-4.4.121-92.104 is installed OR kernel-source-4.4.121-92.104 is installed OR kernel-syms-4.4.121-92.104 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.20-30.36 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.20-30.36 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_64-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_18-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information gstreamer-plugins-base-1.8.3-12 is installed OR gstreamer-plugins-base-lang-1.8.3-12 is installed OR libgstallocators-1_0-0-1.8.3-12 is installed OR libgstapp-1_0-0-1.8.3-12 is installed OR libgstapp-1_0-0-32bit-1.8.3-12 is installed OR libgstaudio-1_0-0-1.8.3-12 is installed OR libgstaudio-1_0-0-32bit-1.8.3-12 is installed OR libgstfft-1_0-0-1.8.3-12 is installed OR libgstpbutils-1_0-0-1.8.3-12 is installed OR libgstpbutils-1_0-0-32bit-1.8.3-12 is installed OR libgstriff-1_0-0-1.8.3-12 is installed OR libgstrtp-1_0-0-1.8.3-12 is installed OR libgstrtsp-1_0-0-1.8.3-12 is installed OR libgstsdp-1_0-0-1.8.3-12 is installed OR libgsttag-1_0-0-1.8.3-12 is installed OR libgsttag-1_0-0-32bit-1.8.3-12 is installed OR libgstvideo-1_0-0-1.8.3-12 is installed OR libgstvideo-1_0-0-32bit-1.8.3-12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information ghostscript-9.27-23.28 is installed OR ghostscript-x11-9.27-23.28 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.23 is installed OR openssh-askpass-gnome-7.2p2-74.23 is installed OR openssh-fips-7.2p2-74.23 is installed OR openssh-helpers-7.2p2-74.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cpp48-4.8.5-31.17 is installed OR gcc48-4.8.5-31.17 is installed OR gcc48-32bit-4.8.5-31.17 is installed OR gcc48-c++-4.8.5-31.17 is installed OR gcc48-info-4.8.5-31.17 is installed OR gcc48-locale-4.8.5-31.17 is installed OR libasan0-4.8.5-31.17 is installed OR libasan0-32bit-4.8.5-31.17 is installed OR libstdc++48-devel-4.8.5-31.17 is installed OR libstdc++48-devel-32bit-4.8.5-31.17 is installed
Definition Synopsis
SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information kernel-default-4.12.14-197.64 is installed OR kernel-default-extra-4.12.14-197.64 is installed
Definition Synopsis
SUSE OpenStack Cloud 6 is installed AND python-Django-1.8.9-1 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libdcerpc-binding0-4.4.2-38.25 is installed OR libdcerpc-binding0-32bit-4.4.2-38.25 is installed OR libdcerpc0-4.4.2-38.25 is installed OR libdcerpc0-32bit-4.4.2-38.25 is installed OR libndr-krb5pac0-4.4.2-38.25 is installed OR libndr-krb5pac0-32bit-4.4.2-38.25 is installed OR libndr-nbt0-4.4.2-38.25 is installed OR libndr-nbt0-32bit-4.4.2-38.25 is installed OR libndr-standard0-4.4.2-38.25 is installed OR libndr-standard0-32bit-4.4.2-38.25 is installed OR libndr0-4.4.2-38.25 is installed OR libndr0-32bit-4.4.2-38.25 is installed OR libnetapi0-4.4.2-38.25 is installed OR libnetapi0-32bit-4.4.2-38.25 is installed OR libsamba-credentials0-4.4.2-38.25 is installed OR libsamba-credentials0-32bit-4.4.2-38.25 is installed OR libsamba-errors0-4.4.2-38.25 is installed OR libsamba-errors0-32bit-4.4.2-38.25 is installed OR libsamba-hostconfig0-4.4.2-38.25 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.25 is installed OR libsamba-passdb0-4.4.2-38.25 is installed OR libsamba-passdb0-32bit-4.4.2-38.25 is installed OR libsamba-util0-4.4.2-38.25 is installed OR libsamba-util0-32bit-4.4.2-38.25 is installed OR libsamdb0-4.4.2-38.25 is installed OR libsamdb0-32bit-4.4.2-38.25 is installed OR libsmbclient0-4.4.2-38.25 is installed OR libsmbclient0-32bit-4.4.2-38.25 is installed OR libsmbconf0-4.4.2-38.25 is installed OR libsmbconf0-32bit-4.4.2-38.25 is installed OR libsmbldap0-4.4.2-38.25 is installed OR libsmbldap0-32bit-4.4.2-38.25 is installed OR libtevent-util0-4.4.2-38.25 is installed OR libtevent-util0-32bit-4.4.2-38.25 is installed OR libwbclient0-4.4.2-38.25 is installed OR libwbclient0-32bit-4.4.2-38.25 is installed OR samba-4.4.2-38.25 is installed OR samba-client-4.4.2-38.25 is installed OR samba-client-32bit-4.4.2-38.25 is installed OR samba-doc-4.4.2-38.25 is installed OR samba-libs-4.4.2-38.25 is installed OR samba-libs-32bit-4.4.2-38.25 is installed OR samba-winbind-4.4.2-38.25 is installed OR samba-winbind-32bit-4.4.2-38.25 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND python-Twisted-15.2.1-9.8 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-actionpack-4_2-4.2.9-7.6 is installed OR rubygem-actionpack-4_2-4.2.9-7.6 is installed

BACK