Oval Definition:	oval:org.opensuse.security:def:58098
Revision Date: 2021-03-17 Version: 1 Title: Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP3) (Important) Description: This update for the Linux Kernel 4.4.180-94_138 fixes several issues. The following security issues were fixed: - CVE-2020-27786: Fixed a potential user after free which could have led to memory corruption or privilege escalation (bsc#1179616). - CVE-2020-28374: Fixed insufficient identifier checking in the LIO SCSI target code which could have been used by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#1178684). - CVE-2020-25645: Fixed an issue where the traffic between two Geneve endpoints may have been unencrypted when IPsec was configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted (bsc#1177513). - CVE-2020-0429: Fixed a potential memory corruption due to a use after free which could have led local escalation of privilege with System execution privileges needed (bsc#1176931). - CVE-2020-1749: Fixed an issue in some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6 where the kernel was not correctly routing tunneled data over the encrypted link rather sending the data unencrypted (bsc#1165631). Family: unix Class: patch Status: Reference(s): 1005480 1005893 1006221 1016366 1016368 1016369 1016370 1028842 1045640 1062063 1066644 1071459 1071460 1076033 1100078 1102682 1103203 1105323 1106191 1107256 1111331 1113975 1115045 1117951 1119376 1120943 1123161 1126140 1126141 1126192 1126195 1126196 1126201 1127080 1129071 1129622 1130675 1130972 1132663 1133375 1134399 1135905 1139358 1140012 1140652 1140903 1140945 1141401 1141402 1141452 1141453 1141454 1141628 1142023 1142098 1142857 1143045 1143048 1143189 1143191 1143797 1144257 1144273 1144288 1144920 1145652 1145920 1145922 1146163 1146358 1146359 1146874 1149813 1152497 1154448 1154456 1154458 1154461 1155945 1157888 1158003 1158004 1158005 1158006 1158007 1158809 1160163 1160467 1160468 1160770 1161181 1165631 1168630 1168994 1174662 1175626 1175656 1176931 1177513 1178684 1179616 CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2016-8858 CVE-2017-16548 CVE-2017-17433 CVE-2017-17434 CVE-2017-18551 CVE-2018-10902 CVE-2018-10938 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-12207 CVE-2018-19965 CVE-2018-20030 CVE-2018-20060 CVE-2018-20815 CVE-2018-20855 CVE-2018-20856 CVE-2018-5390 CVE-2019-10207 CVE-2019-11091 CVE-2019-11135 CVE-2019-11236 CVE-2019-1125 CVE-2019-11810 CVE-2019-12067 CVE-2019-12068 CVE-2019-12155 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284 CVE-2019-14378 CVE-2019-14896 CVE-2019-14897 CVE-2019-15117 CVE-2019-15118 CVE-2019-1551 CVE-2019-1559 CVE-2019-15890 CVE-2019-17340 CVE-2019-17341 CVE-2019-17342 CVE-2019-17343 CVE-2019-17344 CVE-2019-17347 CVE-2019-18420 CVE-2019-18421 CVE-2019-18424 CVE-2019-18425 CVE-2019-19577 CVE-2019-19578 CVE-2019-19579 CVE-2019-19580 CVE-2019-19581 CVE-2019-19583 CVE-2019-3819 CVE-2019-8675 CVE-2019-8696 CVE-2019-9278 CVE-2019-9740 CVE-2019-9824 CVE-2019-9928 CVE-2020-0429 CVE-2020-10713 CVE-2020-1749 CVE-2020-25645 CVE-2020-27786 CVE-2020-28374 CVE-2020-6819 CVE-2020-6820 CVE-2020-7211 CVE-2020-9862 CVE-2020-9893 CVE-2020-9894 CVE-2020-9895 CVE-2020-9915 CVE-2020-9925 SUSE-SU-2017:0264-1 SUSE-SU-2018:0118-1 SUSE-SU-2019:0803-1 SUSE-SU-2019:1268-1 SUSE-SU-2019:1600-1 SUSE-SU-2019:2299-1 SUSE-SU-2019:2399-1 SUSE-SU-2019:3057-1 SUSE-SU-2020:0388-1 SUSE-SU-2020:0457-1 SUSE-SU-2020:0474-1 SUSE-SU-2020:0928-1 SUSE-SU-2020:2232-1 SUSE-SU-2020:2628-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libneon27-0.30.2-lp150.2 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND ucode-intel-20191115-lp151.2.15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information xen-4.5.5_28-22.64 is installed OR xen-doc-html-4.5.5_28-22.64 is installed OR xen-kmp-default-4.5.5_28_k3.12.74_60.64.124-22.64 is installed OR xen-libs-4.5.5_28-22.64 is installed OR xen-libs-32bit-4.5.5_28-22.64 is installed OR xen-tools-4.5.5_28-22.64 is installed OR xen-tools-domU-4.5.5_28-22.64 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information openssh-7.2p2-66 is installed OR openssh-askpass-gnome-7.2p2-66 is installed OR openssh-fips-7.2p2-66 is installed OR openssh-helpers-7.2p2-66 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.120 is installed OR kernel-default-base-4.4.121-92.120 is installed OR kernel-default-devel-4.4.121-92.120 is installed OR kernel-devel-4.4.121-92.120 is installed OR kernel-macros-4.4.121-92.120 is installed OR kernel-source-4.4.121-92.120 is installed OR kernel-syms-4.4.121-92.120 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information curl-7.37.0-37.40 is installed OR libcurl4-7.37.0-37.40 is installed OR libcurl4-32bit-7.37.0-37.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_120-92_70-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_20-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND coolkey-1.1.0-147 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND python-ipaddress-1.0.18-3.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND kgraft-patch-4_4_180-94_138-default-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.8.0-109.119 is installed OR MozillaFirefox-translations-common-68.8.0-109.119 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information avahi-0.6.32-32.3 is installed OR avahi-glib2-0.6.32-32.3 is installed OR avahi-lang-0.6.32-32.3 is installed OR avahi-utils-0.6.32-32.3 is installed OR libavahi-client3-0.6.32-32.3 is installed OR libavahi-client3-32bit-0.6.32-32.3 is installed OR libavahi-common3-0.6.32-32.3 is installed OR libavahi-common3-32bit-0.6.32-32.3 is installed OR libavahi-core7-0.6.32-32.3 is installed OR libavahi-glib1-0.6.32-32.3 is installed OR libavahi-glib1-32bit-0.6.32-32.3 is installed OR libdns_sd-0.6.32-32.3 is installed OR libdns_sd-32bit-0.6.32-32.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information strongswan-5.1.3-26.5 is installed OR strongswan-doc-5.1.3-26.5 is installed OR strongswan-hmac-5.1.3-26.5 is installed OR strongswan-ipsec-5.1.3-26.5 is installed OR strongswan-libs0-5.1.3-26.5 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information qemu-2.6.2-41.52 is installed OR qemu-block-curl-2.6.2-41.52 is installed OR qemu-block-rbd-2.6.2-41.52 is installed OR qemu-block-ssh-2.6.2-41.52 is installed OR qemu-guest-agent-2.6.2-41.52 is installed OR qemu-ipxe-1.0.0-41.52 is installed OR qemu-kvm-2.6.2-41.52 is installed OR qemu-lang-2.6.2-41.52 is installed OR qemu-s390-2.6.2-41.52 is installed OR qemu-seabios-1.9.1-41.52 is installed OR qemu-sgabios-8-41.52 is installed OR qemu-tools-2.6.2-41.52 is installed OR qemu-vgabios-1.9.1-41.52 is installed OR qemu-x86-2.6.2-41.52 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libvirt-3.3.0-5.40 is installed OR libvirt-admin-3.3.0-5.40 is installed OR libvirt-client-3.3.0-5.40 is installed OR libvirt-daemon-3.3.0-5.40 is installed OR libvirt-daemon-config-network-3.3.0-5.40 is installed OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed OR libvirt-daemon-driver-network-3.3.0-5.40 is installed OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed OR libvirt-daemon-hooks-3.3.0-5.40 is installed OR libvirt-daemon-lxc-3.3.0-5.40 is installed OR libvirt-daemon-qemu-3.3.0-5.40 is installed OR libvirt-daemon-xen-3.3.0-5.40 is installed OR libvirt-doc-3.3.0-5.40 is installed OR libvirt-libs-3.3.0-5.40 is installed OR libvirt-lock-sanlock-3.3.0-5.40 is installed OR libvirt-nss-3.3.0-5.40 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information postgresql96-9.6.15-3.29 is installed OR postgresql96-contrib-9.6.15-3.29 is installed OR postgresql96-docs-9.6.15-3.29 is installed OR postgresql96-libs-9.6.15-3.29 is installed OR postgresql96-plperl-9.6.15-3.29 is installed OR postgresql96-plpython-9.6.15-3.29 is installed OR postgresql96-pltcl-9.6.15-3.29 is installed OR postgresql96-server-9.6.15-3.29 is installed
BACK