OVAL Reference oval:org.opensuse.security:def:58221

Oval Definition:

oval:org.opensuse.security:def:58221

Revision Date:	2020-12-01	Version:	1
Title:	Security update for procps (Important)
Description:	This update for procps fixes the following security issues: - CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100). - CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100). - CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function. This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100). - CVE-2018-1125: Prevent stack buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100). - CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100). (These issues were previously released for SUSE Linux Enterprise 12 SP3 and SP4.) Also the following non-security issue was fixed: - Fix CPU summary showing old data. (bsc#1121753)
Family:	unix	Class:	patch
Status:		Reference(s):	1000106 1003030 1003032 1004981 1005004 1005005 1007157 1007941 1009100 1009103 1009104 1009105 1009107 1009108 1009109 1009111 1011652 1017646 1053364 1054849 1083247 1092100 1097410 1103098 1103411 1106873 1118595 1118596 1119069 1119105 1121753 1130324 1148987 1159352 1167373 1170643 1173304 1174415 1178387 958791 CVE-2015-8540 CVE-2016-10087 CVE-2016-7777 CVE-2016-7908 CVE-2016-7909 CVE-2016-8667 CVE-2016-8669 CVE-2016-8910 CVE-2016-9377 CVE-2016-9378 CVE-2016-9379 CVE-2016-9380 CVE-2016-9381 CVE-2016-9382 CVE-2016-9383 CVE-2016-9384 CVE-2016-9385 CVE-2016-9386 CVE-2016-9637 CVE-2017-12836 CVE-2018-0486 CVE-2018-0489 CVE-2018-0495 CVE-2018-10858 CVE-2018-1122 CVE-2018-1123 CVE-2018-1124 CVE-2018-1125 CVE-2018-1126 CVE-2018-12384 CVE-2018-12404 CVE-2018-12405 CVE-2018-15518 CVE-2018-17466 CVE-2018-18492 CVE-2018-18493 CVE-2018-18494 CVE-2018-18498 CVE-2018-19873 CVE-2018-5391 CVE-2019-13627 CVE-2019-16775 CVE-2019-16776 CVE-2019-16777 CVE-2019-18860 CVE-2019-9924 CVE-2020-14059 CVE-2020-15900 CVE-2020-25692 CVE-2020-3899 SUSE-SU-2016:3067-1 SUSE-SU-2017:0860-1 SUSE-SU-2017:2419-1 SUSE-SU-2018:0720-1 SUSE-SU-2018:2320-2 SUSE-SU-2019:0450-1 SUSE-SU-2019:0838-2 SUSE-SU-2019:2510-1 SUSE-SU-2020:0247-1 SUSE-SU-2020:1211-1 SUSE-SU-2020:1803-1 SUSE-SU-2020:2097-1 SUSE-SU-2020:3314-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND texlive-lm-fonts-2017.133.2.004svn28119-lp150.4 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND enigmail-2.0.11-31 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information xen-4.7.1_02-25 is installed OR xen-doc-html-4.7.1_02-25 is installed OR xen-libs-4.7.1_02-25 is installed OR xen-libs-32bit-4.7.1_02-25 is installed OR xen-tools-4.7.1_02-25 is installed OR xen-tools-domU-4.7.1_02-25 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libdcerpc-binding0-4.4.2-38.20 is installed OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed OR libdcerpc0-4.4.2-38.20 is installed OR libdcerpc0-32bit-4.4.2-38.20 is installed OR libndr-krb5pac0-4.4.2-38.20 is installed OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed OR libndr-nbt0-4.4.2-38.20 is installed OR libndr-nbt0-32bit-4.4.2-38.20 is installed OR libndr-standard0-4.4.2-38.20 is installed OR libndr-standard0-32bit-4.4.2-38.20 is installed OR libndr0-4.4.2-38.20 is installed OR libndr0-32bit-4.4.2-38.20 is installed OR libnetapi0-4.4.2-38.20 is installed OR libnetapi0-32bit-4.4.2-38.20 is installed OR libsamba-credentials0-4.4.2-38.20 is installed OR libsamba-credentials0-32bit-4.4.2-38.20 is installed OR libsamba-errors0-4.4.2-38.20 is installed OR libsamba-errors0-32bit-4.4.2-38.20 is installed OR libsamba-hostconfig0-4.4.2-38.20 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed OR libsamba-passdb0-4.4.2-38.20 is installed OR libsamba-passdb0-32bit-4.4.2-38.20 is installed OR libsamba-util0-4.4.2-38.20 is installed OR libsamba-util0-32bit-4.4.2-38.20 is installed OR libsamdb0-4.4.2-38.20 is installed OR libsamdb0-32bit-4.4.2-38.20 is installed OR libsmbclient0-4.4.2-38.20 is installed OR libsmbclient0-32bit-4.4.2-38.20 is installed OR libsmbconf0-4.4.2-38.20 is installed OR libsmbconf0-32bit-4.4.2-38.20 is installed OR libsmbldap0-4.4.2-38.20 is installed OR libsmbldap0-32bit-4.4.2-38.20 is installed OR libtevent-util0-4.4.2-38.20 is installed OR libtevent-util0-32bit-4.4.2-38.20 is installed OR libwbclient0-4.4.2-38.20 is installed OR libwbclient0-32bit-4.4.2-38.20 is installed OR samba-4.4.2-38.20 is installed OR samba-client-4.4.2-38.20 is installed OR samba-client-32bit-4.4.2-38.20 is installed OR samba-doc-4.4.2-38.20 is installed OR samba-libs-4.4.2-38.20 is installed OR samba-libs-32bit-4.4.2-38.20 is installed OR samba-winbind-4.4.2-38.20 is installed OR samba-winbind-32bit-4.4.2-38.20 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information libgcrypt-1.6.1-16.68 is installed OR libgcrypt20-1.6.1-16.68 is installed OR libgcrypt20-32bit-1.6.1-16.68 is installed OR libgcrypt20-hmac-1.6.1-16.68 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.68 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information krb5-appl-clients-1.0.3-1 is installed OR krb5-appl-servers-1.0.3-1 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information xen-4.9.4_08-3.66 is installed OR xen-doc-html-4.9.4_08-3.66 is installed OR xen-libs-4.9.4_08-3.66 is installed OR xen-libs-32bit-4.9.4_08-3.66 is installed OR xen-tools-4.9.4_08-3.66 is installed OR xen-tools-domU-4.9.4_08-3.66 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_175-94_79-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_23-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_100-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_27-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.34 is installed OR apache2-doc-2.4.23-29.34 is installed OR apache2-example-pages-2.4.23-29.34 is installed OR apache2-prefork-2.4.23-29.34 is installed OR apache2-utils-2.4.23-29.34 is installed OR apache2-worker-2.4.23-29.34 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
Definition Synopsis
SUSE OpenStack Cloud 7 is installed AND Package Information libprocps3-3.3.9-11.18 is installed OR procps-3.3.9-11.18 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libssh2-1-1.4.3-20.9 is installed OR libssh2-1-32bit-1.4.3-20.9 is installed OR libssh2_org-1.4.3-20.9 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmysqlclient18-10.0.38-29.27 is installed OR mariadb-10.0.38-29.27 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1582892022.cbd70e833-3.19 is installed OR crowbar-core-branding-upstream-6.0+git.1582892022.cbd70e833-3.19 is installed OR crowbar-ha-6.0+git.1574286261.6fd1a34-3.13 is installed OR crowbar-openstack-6.0+git.1580922461.67fb3c087-3.19 is installed OR crowbar-ui-1.3.0+git.1575896697.a01a3a08-17 is installed OR keepalived-2.0.19-3.3 is installed OR openstack-barbican-7.0.1~dev24-3.6 is installed OR openstack-barbican-api-7.0.1~dev24-3.6 is installed OR openstack-barbican-keystone-listener-7.0.1~dev24-3.6 is installed OR openstack-barbican-retry-7.0.1~dev24-3.6 is installed OR openstack-barbican-worker-7.0.1~dev24-3.6 is installed OR openstack-ceilometer-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-central-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-compute-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-ipmi-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-agent-notification-11.0.2~dev21-3.10 is installed OR openstack-ceilometer-polling-11.0.2~dev21-3.10 is installed OR openstack-cinder-13.0.9~dev11-3.16 is installed OR openstack-cinder-api-13.0.9~dev11-3.16 is installed OR openstack-cinder-backup-13.0.9~dev11-3.16 is installed OR openstack-cinder-scheduler-13.0.9~dev11-3.16 is installed OR openstack-cinder-volume-13.0.9~dev11-3.16 is installed OR openstack-dashboard-14.1.1~dev1-3.12 is installed OR openstack-dashboard-theme-SUSE-2018.2+git.1555335229.5c8dec9-3.3 is installed OR openstack-designate-7.0.1~dev23-3.13 is installed OR openstack-designate-agent-7.0.1~dev23-3.13 is installed OR openstack-designate-api-7.0.1~dev23-3.13 is installed OR openstack-designate-central-7.0.1~dev23-3.13 is installed OR openstack-designate-producer-7.0.1~dev23-3.13 is installed OR openstack-designate-sink-7.0.1~dev23-3.13 is installed OR openstack-designate-worker-7.0.1~dev23-3.13 is installed OR openstack-heat-11.0.3~dev31-3.13 is installed OR openstack-heat-api-11.0.3~dev31-3.13 is installed OR openstack-heat-api-cfn-11.0.3~dev31-3.13 is installed OR openstack-heat-engine-11.0.3~dev31-3.13 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev31-3.13 is installed OR openstack-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed OR openstack-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed OR openstack-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed OR openstack-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed OR openstack-ironic-11.1.4~dev22-3.13 is installed OR openstack-ironic-api-11.1.4~dev22-3.13 is installed OR openstack-ironic-conductor-11.1.4~dev22-3.13 is installed OR openstack-ironic-python-agent-3.3.3~dev6-3.13 is installed OR openstack-keystone-14.1.1~dev36-3.19 is installed OR openstack-magnum-7.2.1~dev1-3.10 is installed OR openstack-magnum-api-7.2.1~dev1-3.10 is installed OR openstack-magnum-conductor-7.2.1~dev1-3.10 is installed OR openstack-monasca-agent-2.8.1~dev13-3.6 is installed OR openstack-neutron-13.0.7~dev48-3.19 is installed OR openstack-neutron-dhcp-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-fwaas-13.0.3~dev4-3.9 is installed OR openstack-neutron-gbp-5.0.1~dev491-3.16 is installed OR openstack-neutron-ha-tool-13.0.7~dev48-3.19 is installed OR openstack-neutron-l3-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-linuxbridge-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-macvtap-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-metadata-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-metering-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-openvswitch-agent-13.0.7~dev48-3.19 is installed OR openstack-neutron-server-13.0.7~dev48-3.19 is installed OR openstack-neutron-vpnaas-13.0.2~dev6-3.6 is installed OR openstack-neutron-vyatta-agent-13.0.2~dev6-3.6 is installed OR openstack-nova-18.2.4~dev63-3.19 is installed OR openstack-nova-api-18.2.4~dev63-3.19 is installed OR openstack-nova-cells-18.2.4~dev63-3.19 is installed OR openstack-nova-compute-18.2.4~dev63-3.19 is installed OR openstack-nova-conductor-18.2.4~dev63-3.19 is installed OR openstack-nova-console-18.2.4~dev63-3.19 is installed OR openstack-nova-novncproxy-18.2.4~dev63-3.19 is installed OR openstack-nova-placement-api-18.2.4~dev63-3.19 is installed OR openstack-nova-scheduler-18.2.4~dev63-3.19 is installed OR openstack-nova-serialproxy-18.2.4~dev63-3.19 is installed OR openstack-nova-vncproxy-18.2.4~dev63-3.19 is installed OR openstack-octavia-3.2.2~dev8-3.19 is installed OR openstack-octavia-amphora-agent-3.2.2~dev8-3.19 is installed OR openstack-octavia-amphora-image-0.1.2-7.6 is installed OR openstack-octavia-amphora-image-x86_64-0.1.2-7.6 is installed OR openstack-octavia-api-3.2.2~dev8-3.19 is installed OR openstack-octavia-health-manager-3.2.2~dev8-3.19 is installed OR openstack-octavia-housekeeping-3.2.2~dev8-3.19 is installed OR openstack-octavia-worker-3.2.2~dev8-3.19 is installed OR openstack-sahara-9.0.2~dev15-3.9 is installed OR openstack-sahara-api-9.0.2~dev15-3.9 is installed OR openstack-sahara-engine-9.0.2~dev15-3.9 is installed OR openstack-swift-2.19.2~dev48-3.3 is installed OR openstack-swift-account-2.19.2~dev48-3.3 is installed OR openstack-swift-container-2.19.2~dev48-3.3 is installed OR openstack-swift-object-2.19.2~dev48-3.3 is installed OR openstack-swift-proxy-2.19.2~dev48-3.3 is installed OR python-amqp-2.4.2-4.3 is installed OR python-barbican-7.0.1~dev24-3.6 is installed OR python-ceilometer-11.0.2~dev21-3.10 is installed OR python-cinder-13.0.9~dev11-3.16 is installed OR python-designate-7.0.1~dev23-3.13 is installed OR python-heat-11.0.3~dev31-3.13 is installed OR python-horizon-14.1.1~dev1-3.12 is installed OR python-horizon-plugin-designate-ui-7.0.1~dev8-3.6 is installed OR python-horizon-plugin-ironic-ui-3.3.1~dev14-3.3 is installed OR python-horizon-plugin-neutron-lbaas-ui-5.0.1~dev8-11 is installed OR python-horizon-plugin-octavia-ui-2.0.2~dev1-1.3 is installed OR python-ironic-11.1.4~dev22-3.13 is installed OR python-ironic-lib-2.14.2-3.3 is installed OR python-keystone-14.1.1~dev36-3.19 is installed OR python-keystoneauth1-3.10.1~dev10-3.3 is installed OR python-keystoneclient-3.17.1~dev5-3.3 is installed OR python-keystoneclient-doc-3.17.1~dev5-3.3 is installed OR python-keystonemiddleware-5.2.2~dev3-14 is installed OR python-magnum-7.2.1~dev1-3.10 is installed OR python-monasca-agent-2.8.1~dev13-3.6 is installed OR python-neutron-13.0.7~dev48-3.19 is installed OR python-neutron-fwaas-13.0.3~dev4-3.9 is installed OR python-neutron-gbp-5.0.1~dev491-3.16 is installed OR python-neutron-vpnaas-13.0.2~dev6-3.6 is installed OR python-nova-18.2.4~dev63-3.19 is installed OR python-octavia-3.2.2~dev8-3.19 is installed OR python-openstack_auth-14.1.1~dev1-3.12 is installed OR python-ovs-2.9.0-3.3 is installed OR python-sahara-9.0.2~dev15-3.9 is installed OR python-swift-2.19.2~dev48-3.3 is installed OR ruby2.1-rubygem-crowbar-client-3.9.1-3.3 is installed OR ruby2.1-rubygem-puma-2.16.0-4.3 is installed OR rubygem-crowbar-client-3.9.1-3.3 is installed OR rubygem-puma-2.16.0-4.3 is installed OR supportutils-plugin-suse-openstack-cloud-9.0.1574431436.987b47d-3.6 is installed

BACK