Oval Definition:	oval:org.opensuse.security:def:58029
Revision Date: 2021-10-18 Version: 1 Title: Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important) Description: This update for the Linux Kernel 4.4.180-94_141 fixes several issues. The following security issues were fixed: - CVE-2021-3715: Fixed a user-after-free in the Linux kernel's Traffic Control networking subsystem which could lead to local privilege escalation. (bsc#1190350). - CVE-2021-38160: Fixed a bug that could lead to a data corruption or loss. This can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size in drivers/char/virtio_console.c (bsc#1190118) - CVE-2021-3640: Fixed a user-after-free bug in the function sco_sock_sendmsg which could lead to local privilege escalation. (bsc#1188613) - CVE-2021-3573: Fixed a user-after-free bug in the function hci_sock_bound_ioctl which could lead to local privilege escalation. (bsc#1187054). Family: unix Class: patch Status: Reference(s): 1005023 1006984 1006989 1009318 1011130 1011136 1013376 1014159 1014524 1015567 1022098 1023988 1029912 1037811 1043886 1060644 1069591 1076696 1080919 1088004 1088009 1090174 1092548 1096745 1097560 1097824 1100453 1101506 1101591 1103809 1103810 1104076 1104199 1114981 1115518 1119376 1119971 1120323 1121563 1125330 1125352 1126056 1127557 1127987 1128657 1129071 1129821 1130230 1130262 1130840 1132348 1132400 1132663 1132721 1141853 1149955 1153238 1154824 1155419 1159478 1159479 1159482 1159486 1160471 1162423 1164871 1170441 1171098 1171195 1171202 1171218 1171219 1171689 1171698 1172221 1172317 1173274 1174091 1174701 1187054 1188613 1190118 1190350 955942 977043 CVE-2013-1430 CVE-2014-9848 CVE-2016-8707 CVE-2016-8866 CVE-2016-9556 CVE-2016-9559 CVE-2016-9773 CVE-2017-16927 CVE-2017-6967 CVE-2018-10915 CVE-2018-12020 CVE-2018-12470 CVE-2018-12471 CVE-2018-12472 CVE-2018-14647 CVE-2018-16864 CVE-2018-16865 CVE-2018-16866 CVE-2018-18335 CVE-2018-18335 CVE-2018-18356 CVE-2018-18356 CVE-2018-18506 CVE-2018-18506 CVE-2018-20060 CVE-2018-20852 CVE-2018-5150 CVE-2018-5154 CVE-2018-5155 CVE-2018-5157 CVE-2018-5158 CVE-2018-5159 CVE-2018-5168 CVE-2018-5174 CVE-2018-5178 CVE-2018-5183 CVE-2018-6954 CVE-2019-11236 CVE-2019-15681 CVE-2019-15690 CVE-2019-16056 CVE-2019-16935 CVE-2019-18388 CVE-2019-18389 CVE-2019-18390 CVE-2019-18391 CVE-2019-20788 CVE-2019-20907 CVE-2019-3842 CVE-2019-5785 CVE-2019-5785 CVE-2019-6454 CVE-2019-6454 CVE-2019-9740 CVE-2019-9788 CVE-2019-9788 CVE-2019-9790 CVE-2019-9790 CVE-2019-9791 CVE-2019-9791 CVE-2019-9792 CVE-2019-9792 CVE-2019-9793 CVE-2019-9793 CVE-2019-9794 CVE-2019-9794 CVE-2019-9795 CVE-2019-9795 CVE-2019-9796 CVE-2019-9796 CVE-2019-9801 CVE-2019-9801 CVE-2019-9810 CVE-2019-9810 CVE-2019-9813 CVE-2019-9813 CVE-2019-9947 CVE-2020-0543 CVE-2020-10757 CVE-2020-12114 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12656 CVE-2020-14422 CVE-2021-3573 CVE-2021-3640 CVE-2021-3715 CVE-2021-38160 SUSE-SU-2016:3258-1 SUSE-SU-2018:0510-1 SUSE-SU-2018:1334-2 SUSE-SU-2018:1698-1 SUSE-SU-2018:2898-1 SUSE-SU-2018:3909-1 SUSE-SU-2019:0135-1 SUSE-SU-2019:0425-1 SUSE-SU-2019:0852-1 SUSE-SU-2019:1265-1 SUSE-SU-2019:1860-1 SUSE-SU-2019:2399-1 SUSE-SU-2020:0016-1 SUSE-SU-2020:1165-1 SUSE-SU-2020:1597-1 SUSE-SU-2020:2699-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libXp6-1.0.3-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information dovecot23-2.3.3-lp151.2.6 is installed OR dovecot23-backend-mysql-2.3.3-lp151.2.6 is installed OR dovecot23-backend-pgsql-2.3.3-lp151.2.6 is installed OR dovecot23-backend-sqlite-2.3.3-lp151.2.6 is installed OR dovecot23-devel-2.3.3-lp151.2.6 is installed OR dovecot23-fts-2.3.3-lp151.2.6 is installed OR dovecot23-fts-lucene-2.3.3-lp151.2.6 is installed OR dovecot23-fts-solr-2.3.3-lp151.2.6 is installed OR dovecot23-fts-squat-2.3.3-lp151.2.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information libgudev-1_0-0-210-116.22 is installed OR libgudev-1_0-0-32bit-210-116.22 is installed OR libgudev-1_0-devel-210-116.22 is installed OR libudev-devel-210-116.22 is installed OR libudev1-210-116.22 is installed OR libudev1-32bit-210-116.22 is installed OR systemd-210-116.22 is installed OR systemd-32bit-210-116.22 is installed OR systemd-bash-completion-210-116.22 is installed OR systemd-devel-210-116.22 is installed OR systemd-sysvinit-210-116.22 is installed OR typelib-1_0-GUdev-1_0-210-116.22 is installed OR udev-210-116.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information ImageMagick-6.8.8.1-54 is installed OR libMagickCore-6_Q16-1-6.8.8.1-54 is installed OR libMagickWand-6_Q16-1-6.8.8.1-54 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information MozillaFirefox-52.8.0esr-109.31 is installed OR MozillaFirefox-devel-52.8.0esr-109.31 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information xen-4.7.6_05-43.42 is installed OR xen-doc-html-4.7.6_05-43.42 is installed OR xen-libs-4.7.6_05-43.42 is installed OR xen-libs-32bit-4.7.6_05-43.42 is installed OR xen-tools-4.7.6_05-43.42 is installed OR xen-tools-domU-4.7.6_05-43.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information gpg2-2.0.24-9.3 is installed OR gpg2-lang-2.0.24-9.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_7_0-openjdk-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-demo-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-devel-1.7.0.241-43.30 is installed OR java-1_7_0-openjdk-headless-1.7.0.241-43.30 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND kgraft-patch-4_4_180-94_141-default-10-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-4-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND mailman-2.1.17-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND mailman-2.1.17-1 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND cobbler-2.6.6-49.14 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information tomcat-9.0.36-3.45 is installed OR tomcat-admin-webapps-9.0.36-3.45 is installed OR tomcat-docs-webapp-9.0.36-3.45 is installed OR tomcat-el-3_0-api-9.0.36-3.45 is installed OR tomcat-javadoc-9.0.36-3.45 is installed OR tomcat-jsp-2_3-api-9.0.36-3.45 is installed OR tomcat-lib-9.0.36-3.45 is installed OR tomcat-servlet-4_0-api-9.0.36-3.45 is installed OR tomcat-webapps-9.0.36-3.45 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND nodejs6-6.14.4-11.18 is installed
BACK