Oval Definition:	oval:org.opensuse.security:def:57094
Revision Date: 2021-09-23 Version: 1 Title: Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important) Description: This update for the Linux Kernel 4.4.180-94_135 fixes several issues. The following security issues were fixed: - CVE-2021-3653: Fixed missing validation of the KVM `int_ctl` VMCB field that would have allowed a malicious L1 guest to enable AVIC support for the L2 guest (bsc#1189420). - CVE-2021-38198: Fixed KVM MMU to use the correct inherited permissions to get shadow page (bsc#1189278). Family: unix Class: patch Status: Reference(s): 1010675 1013930 1014863 1014873 1017497 1018808 1025506 1027038 1027519 1032029 1033238 1033783 1037120 1040153 1040968 1043900 1045290 1046750 1053153 1069708 1070960 1083488 1085449 1093311 1100078 1102682 1103203 1105323 1108940 1111014 1113975 1114405 1114423 1114988 1115040 1115043 1115044 1115045 1115047 1117756 1117951 1127080 1151021 1158809 1189278 1189420 876652 887877 909695 926974 936032 959495 986216 986630 CVE-2011-2895 CVE-2013-4242 CVE-2014-0191 CVE-2014-3591 CVE-2014-4975 CVE-2015-0837 CVE-2015-1855 CVE-2015-3900 CVE-2015-7511 CVE-2015-7551 CVE-2016-2183 CVE-2016-2339 CVE-2016-6313 CVE-2016-9318 CVE-2016-9597 CVE-2017-1000385 CVE-2017-10661 CVE-2017-16939 CVE-2017-7467 CVE-2017-9445 CVE-2018-10902 CVE-2018-1417 CVE-2018-17963 CVE-2018-18849 CVE-2018-18883 CVE-2018-19665 CVE-2018-19961 CVE-2018-19962 CVE-2018-19963 CVE-2018-19964 CVE-2018-19965 CVE-2018-19966 CVE-2018-19967 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-5390 CVE-2018-7566 CVE-2019-14835 CVE-2019-1551 CVE-2019-1559 CVE-2021-3653 CVE-2021-38198 SUSE-SU-2017:0839-1 SUSE-SU-2017:1067-1 SUSE-SU-2017:1092-1 SUSE-SU-2017:1366-1 SUSE-SU-2017:1898-1 SUSE-SU-2017:3322-1 SUSE-SU-2018:0974-1 SUSE-SU-2018:0991-1 SUSE-SU-2018:1764-1 SUSE-SU-2019:0003-1 SUSE-SU-2019:0803-1 SUSE-SU-2020:0028-1 SUSE-SU-2021:3196-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND radvd-2.17-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information kernel-debug-4.12.14-lp151.28.4 is installed OR kernel-debug-base-4.12.14-lp151.28.4 is installed OR kernel-debug-devel-4.12.14-lp151.28.4 is installed OR kernel-default-4.12.14-lp151.28.4 is installed OR kernel-default-base-4.12.14-lp151.28.4 is installed OR kernel-default-devel-4.12.14-lp151.28.4 is installed OR kernel-devel-4.12.14-lp151.28.4 is installed OR kernel-docs-4.12.14-lp151.28.4 is installed OR kernel-docs-html-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-base-4.12.14-lp151.28.4 is installed OR kernel-kvmsmall-devel-4.12.14-lp151.28.4 is installed OR kernel-macros-4.12.14-lp151.28.4 is installed OR kernel-obs-build-4.12.14-lp151.28.4 is installed OR kernel-obs-qa-4.12.14-lp151.28.4 is installed OR kernel-source-4.12.14-lp151.28.4 is installed OR kernel-source-vanilla-4.12.14-lp151.28.4 is installed OR kernel-syms-4.12.14-lp151.28.4 is installed OR kernel-vanilla-4.12.14-lp151.28.4 is installed OR kernel-vanilla-base-4.12.14-lp151.28.4 is installed OR kernel-vanilla-devel-4.12.14-lp151.28.4 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information xen-4.11.1_02-2.3 is installed OR xen-libs-4.11.1_02-2.3 is installed OR xen-libs-32bit-4.11.1_02-2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libxml2-2.9.1-26.12 is installed OR libxml2-2-2.9.1-26.12 is installed OR libxml2-2-32bit-2.9.1-26.12 is installed OR libxml2-doc-2.9.1-26.12 is installed OR libxml2-tools-2.9.1-26.12 is installed OR python-libxml2-2.9.1-26.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_60-default-4-2 is installed OR kgraft-patch-3_12_74-60_64_60-xen-4-2 is installed OR kgraft-patch-SLE12-SP1_Update_21-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libgcrypt20-1.6.1-16.33 is installed OR libgcrypt20-32bit-1.6.1-16.33 is installed OR libgcrypt20-hmac-1.6.1-16.33 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.33 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.1esr-109.34 is installed OR MozillaFirefox-devel-52.8.1esr-109.34 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kernel-firmware-20170530-21.22 is installed OR ucode-amd-20170530-21.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_114-92_67-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_19-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information avahi-0.6.32-30 is installed OR avahi-lang-0.6.32-30 is installed OR avahi-utils-0.6.32-30 is installed OR libavahi-client3-0.6.32-30 is installed OR libavahi-client3-32bit-0.6.32-30 is installed OR libavahi-common3-0.6.32-30 is installed OR libavahi-common3-32bit-0.6.32-30 is installed OR libavahi-core7-0.6.32-30 is installed OR libdns_sd-0.6.32-30 is installed OR libdns_sd-32bit-0.6.32-30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_156-94_64-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_20-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND kgraft-patch-4_4_180-94_135-default-12-2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information qemu-2.9.1-6.19 is installed OR qemu-block-curl-2.9.1-6.19 is installed OR qemu-block-iscsi-2.9.1-6.19 is installed OR qemu-block-rbd-2.9.1-6.19 is installed OR qemu-block-ssh-2.9.1-6.19 is installed OR qemu-guest-agent-2.9.1-6.19 is installed OR qemu-ipxe-1.0.0-6.19 is installed OR qemu-kvm-2.9.1-6.19 is installed OR qemu-lang-2.9.1-6.19 is installed OR qemu-seabios-1.10.2-6.19 is installed OR qemu-sgabios-8-6.19 is installed OR qemu-tools-2.9.1-6.19 is installed OR qemu-vgabios-1.10.2-6.19 is installed OR qemu-x86-2.9.1-6.19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.24.1-2.41 is installed OR libwebkit2gtk-4_0-37-2.24.1-2.41 is installed OR typelib-1_0-JavaScriptCore-4_0-2.24.1-2.41 is installed OR typelib-1_0-WebKit2-4_0-2.24.1-2.41 is installed OR webkit2gtk-4_0-injected-bundles-2.24.1-2.41 is installed OR webkit2gtk3-2.24.1-2.41 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information erlang-17.5.6-3.3 is installed OR erlang-epmd-17.5.6-3.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.2.0-109.95 is installed OR MozillaFirefox-translations-common-68.2.0-109.95 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND python-PyKMIP-0.6.0-3.3 is installed
BACK