Oval Definition:oval:org.opensuse.security:def:57147
Revision Date:2021-12-14Version:1
Title:Security update for the Linux Kernel (Live Patch 41 for SLE 12 SP3) (Important)
Description:

This update for the Linux Kernel 4.4.180-94_150 fixes several issues.

The following security issues were fixed:

- CVE-2021-0935: In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. (bsc#1192032) - CVE-2021-28688: The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. (bsc#1183646)
Family:unixClass:patch
Status:Reference(s):1016370
1017099
1020983
1023275
1033466
1033467
1033468
1048367
1053972
1056421
1056562
1056621
1056622
1057511
1065000
1068386
1069509
1076957
1083125
1085447
1090338
1090368
1090646
1090869
1092582
1096740
1097356
1100973
1104367
1110785
1113769
1115339
1118319
1118320
1120843
1120885
1125580
1125931
1127458
1128189
1131543
1131587
1132374
1132472
1134848
1135281
1136424
1136446
1137586
1137832
1172906
1172935
1173197
1182294
1192042
840510
844175
985612
987866
989528
CVE-2008-1483
CVE-2009-0186
CVE-2011-2696
CVE-2013-4351
CVE-2013-4402
CVE-2014-9496
CVE-2014-9756
CVE-2015-7805
CVE-2015-8075
CVE-2015-8936
CVE-2016-10012
CVE-2016-10507
CVE-2016-10708
CVE-2016-2775
CVE-2016-6170
CVE-2017-12636
CVE-2017-13166
CVE-2017-14039
CVE-2017-14040
CVE-2017-14041
CVE-2017-14164
CVE-2017-15906
CVE-2017-3136
CVE-2017-3137
CVE-2017-3138
CVE-2018-1087
CVE-2018-17972
CVE-2018-3665
CVE-2018-5848
CVE-2018-8007
CVE-2018-8781
CVE-2018-8897
CVE-2018-9568
CVE-2019-11190
CVE-2019-11477
CVE-2019-11478
CVE-2019-11479
CVE-2019-11833
CVE-2019-11884
CVE-2019-12749
CVE-2019-1543
CVE-2019-3840
CVE-2019-3846
CVE-2019-5489
CVE-2020-14093
CVE-2020-14154
CVE-2020-14954
CVE-2021-0935
CVE-2021-28688
SUSE-SU-2017:0998-1
SUSE-SU-2017:1411-1
SUSE-SU-2017:2649-1
SUSE-SU-2018:1516-1
SUSE-SU-2018:1548-1
SUSE-SU-2018:2097-1
SUSE-SU-2018:2578-1
SUSE-SU-2018:2685-1
SUSE-SU-2018:4157-1
SUSE-SU-2019:0787-1
SUSE-SU-2019:1533-1
SUSE-SU-2019:1591-1
SUSE-SU-2020:1794-1
SUSE-SU-2021:4052-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • PackageKit-1.1.10-lp150.2 is installed
  • OR PackageKit-backend-zypp-1.1.10-lp150.2 is installed
  • OR PackageKit-gstreamer-plugin-1.1.10-lp150.2 is installed
  • OR PackageKit-gtk3-module-1.1.10-lp150.2 is installed
  • OR PackageKit-lang-1.1.10-lp150.2 is installed
  • OR libpackagekit-glib2-18-1.1.10-lp150.2 is installed
  • OR typelib-1_0-PackageKitGlib-1_0-1.1.10-lp150.2 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • bind-9.11.2-lp151.11.3 is installed
  • OR bind-chrootenv-9.11.2-lp151.11.3 is installed
  • OR bind-devel-9.11.2-lp151.11.3 is installed
  • OR bind-devel-32bit-9.11.2-lp151.11.3 is installed
  • OR bind-doc-9.11.2-lp151.11.3 is installed
  • OR bind-lwresd-9.11.2-lp151.11.3 is installed
  • OR bind-utils-9.11.2-lp151.11.3 is installed
  • OR libbind9-160-9.11.2-lp151.11.3 is installed
  • OR libbind9-160-32bit-9.11.2-lp151.11.3 is installed
  • OR libdns169-9.11.2-lp151.11.3 is installed
  • OR libdns169-32bit-9.11.2-lp151.11.3 is installed
  • OR libirs-devel-9.11.2-lp151.11.3 is installed
  • OR libirs160-9.11.2-lp151.11.3 is installed
  • OR libirs160-32bit-9.11.2-lp151.11.3 is installed
  • OR libisc166-9.11.2-lp151.11.3 is installed
  • OR libisc166-32bit-9.11.2-lp151.11.3 is installed
  • OR libisccc160-9.11.2-lp151.11.3 is installed
  • OR libisccc160-32bit-9.11.2-lp151.11.3 is installed
  • OR libisccfg160-9.11.2-lp151.11.3 is installed
  • OR libisccfg160-32bit-9.11.2-lp151.11.3 is installed
  • OR liblwres160-9.11.2-lp151.11.3 is installed
  • OR liblwres160-32bit-9.11.2-lp151.11.3 is installed
  • OR python3-bind-9.11.2-lp151.11.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • gpg2-2.0.9-25.33.37 is installed
  • OR gpg2-lang-2.0.9-25.33.37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • libopenssl1_1-1.1.1-2.9 is installed
  • OR libopenssl1_1-32bit-1.1.1-2.9 is installed
  • OR openssl-1_1-1.1.1-2.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • bind-9.9.9P1-59 is installed
  • OR bind-chrootenv-9.9.9P1-59 is installed
  • OR bind-doc-9.9.9P1-59 is installed
  • OR bind-libs-9.9.9P1-59 is installed
  • OR bind-libs-32bit-9.9.9P1-59 is installed
  • OR bind-utils-9.9.9P1-59 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_69-default-5-2 is installed
  • OR kgraft-patch-3_12_74-60_64_69-xen-5-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_24-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libsndfile1-1.0.25-25 is installed
  • OR libsndfile1-32bit-1.0.25-25 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • MozillaFirefox-60.4.0esr-109.55 is installed
  • OR MozillaFirefox-devel-60.4.0esr-109.55 is installed
  • OR MozillaFirefox-translations-common-60.4.0esr-109.55 is installed
  • OR libfreebl3-3.40.1-58.18 is installed
  • OR libfreebl3-32bit-3.40.1-58.18 is installed
  • OR libsoftokn3-3.40.1-58.18 is installed
  • OR libsoftokn3-32bit-3.40.1-58.18 is installed
  • OR mozilla-nspr-4.20-19.6 is installed
  • OR mozilla-nspr-32bit-4.20-19.6 is installed
  • OR mozilla-nss-3.40.1-58.18 is installed
  • OR mozilla-nss-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-certs-3.40.1-58.18 is installed
  • OR mozilla-nss-certs-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-sysinit-3.40.1-58.18 is installed
  • OR mozilla-nss-sysinit-32bit-3.40.1-58.18 is installed
  • OR mozilla-nss-tools-3.40.1-58.18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND ucode-intel-20180807-13.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_50-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_15-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache2-mod_nss-1.0.14-18 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • ceph-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR ceph-common-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR libcephfs2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librados2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR libradosstriper1-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librbd1-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR librgw2-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-cephfs-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rados-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rbd-12.2.12+git.1587570958.35d78d0243-2.45 is installed
  • OR python-rgw-12.2.12+git.1587570958.35d78d0243-2.45 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND kgraft-patch-4_4_180-94_150-default-2-2.1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libprocps3-3.3.9-11.14 is installed
  • OR procps-3.3.9-11.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • elfutils-0.158-7.7 is installed
  • OR libasm1-0.158-7.7 is installed
  • OR libasm1-32bit-0.158-7.7 is installed
  • OR libdw1-0.158-7.7 is installed
  • OR libdw1-32bit-0.158-7.7 is installed
  • OR libebl1-0.158-7.7 is installed
  • OR libebl1-32bit-0.158-7.7 is installed
  • OR libelf-devel-0.158-7.7 is installed
  • OR libelf1-0.158-7.7 is installed
  • OR libelf1-32bit-0.158-7.7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND couchdb-1.7.2-2.8 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libruby2_1-2_1-2.1.9-19.3 is installed
  • OR ruby2.1-2.1.9-19.3 is installed
  • OR ruby2.1-stdlib-2.1.9-19.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND python-cryptography-2.0.3-3.3 is installed
    • BACK