Oval Definition:	oval:org.opensuse.security:def:58283
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Important) Description: The SUSE Linux Enterprise 12 SP2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2020-0543: Fixed a side channel attack against special registers which could have resulted in leaking of read values to cores other than the one which called it. This attack is known as Special Register Buffer Data Sampling (SRBDS) or 'CrossTalk' (bsc#1154824). - CVE-2020-12656: Fixed an improper handling of certain domain_release calls leadingch could have led to a memory leak (bsc#1171219). - CVE-2020-12654: Fixed an issue in he wifi driver which could have allowed a remote AP to trigger a heap-based buffer overflow (bsc#1171202). - CVE-2020-12653: Fixed an issue in the wifi driver which could have allowed local users to gain privileges or cause a denial of service (bsc#1171195). - CVE-2020-12652: Fixed an issue which could have allowed local users to hold an incorrect lock during the ioctl operation and trigger a race condition (bsc#1171218). - CVE-2020-12114: Fixed A pivot_root race condition which could have allowed local users to cause a denial of service (panic) by corrupting a mountpoint reference counter (bsc#1171098). - CVE-2020-10757: Fixed an issue where remaping hugepage DAX to anon mmap could have caused user PTE access (bsc#1172317). The following non-security bugs were fixed: - can, slip: Protect tty->disc_data in write_wakeup and close with RCU (bsc#1171698). - KEYS: allow reaching the keys quotas exactly (bsc#1171689). - KEYS: reaching the keys quotas correctly (bsc#1171689). - Revert 'ipc,sem: remove uneeded sem_undo_list lock usage in exit_sem()' (bsc#1172221). - random: always use batched entropy for get_random_u{32,64} (bsc#1164871). Family: unix Class: patch Status: Reference(s): 1001367 1003800 1004477 1005555 1005558 1005562 1005564 1005566 1005569 1005581 1005582 1006539 1008318 1012382 1013095 1013669 1023175 1034005 1034402 1042286 1065600 1065726 1068689 1070805 1084721 1086095 1086535 1088268 1090036 1091158 1091171 1091197 1094825 1095344 1096254 1098996 1099523 1099597 1100105 1101555 1103624 1104731 1105025 1105931 1106293 1107256 1107299 1107385 1107866 1108145 1108382 1108498 1109137 1109330 1110286 1110837 1111062 1111331 1111622 1113192 1113751 1113769 1114190 1114648 1114763 1115433 1115440 1116027 1116183 1116345 1117186 1117187 1118152 1118319 1119714 1119946 1119947 1120743 1120758 1121621 1122668 1123161 1127155 1131595 1133114 1133145 1133190 1133738 1134395 1134701 1135273 1136922 1136935 1137194 1138034 1138291 1140575 1154162 1154824 1162002 1164871 1170383 1171098 1171189 1171191 1171195 1171202 1171218 1171219 1171220 1171689 1171698 1171732 1171988 1172049 1172221 1172317 1172453 1172458 1172775 1172781 1172782 1172783 1172999 1173948 1174115 1174462 1174538 1174543 1178171 945190 990890 CVE-2014-3577 CVE-2015-5262 CVE-2016-3492 CVE-2016-5584 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6663 CVE-2016-7440 CVE-2016-8283 CVE-2016-9811 CVE-2017-0861 CVE-2017-16852 CVE-2018-1000199 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-16862 CVE-2018-16884 CVE-2018-18074 CVE-2018-18281 CVE-2018-18386 CVE-2018-18690 CVE-2018-18710 CVE-2018-19824 CVE-2018-19985 CVE-2018-20169 CVE-2018-20836 CVE-2018-9516 CVE-2018-9568 CVE-2019-10126 CVE-2019-10164 CVE-2019-10638 CVE-2019-10639 CVE-2019-11091 CVE-2019-11365 CVE-2019-11366 CVE-2019-11487 CVE-2019-11599 CVE-2019-12380 CVE-2019-12456 CVE-2019-12614 CVE-2019-12818 CVE-2019-12819 CVE-2019-20810 CVE-2019-20812 CVE-2019-2974 CVE-2019-3459 CVE-2019-3460 CVE-2019-3886 CVE-2020-0305 CVE-2020-0543 CVE-2020-10135 CVE-2020-10711 CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-10773 CVE-2020-12114 CVE-2020-12652 CVE-2020-12653 CVE-2020-12654 CVE-2020-12656 CVE-2020-12771 CVE-2020-13974 CVE-2020-14416 CVE-2020-15652 CVE-2020-15653 CVE-2020-15654 CVE-2020-15655 CVE-2020-15656 CVE-2020-15657 CVE-2020-15658 CVE-2020-15659 CVE-2020-6463 CVE-2020-6514 SUSE-SU-2016:2933-1 SUSE-SU-2017:0242-1 SUSE-SU-2017:1577-1 SUSE-SU-2017:3215-1 SUSE-SU-2018:1236-1 SUSE-SU-2019:0439-1 SUSE-SU-2019:1091-1 SUSE-SU-2020:0050-1 SUSE-SU-2020:0555-1 SUSE-SU-2020:1597-1 SUSE-SU-2020:2100-1 SUSE-SU-2020:2134-1 SUSE-SU-2020:3149-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND dracut-044.1-lp150.13 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libipa_hbac-devel-1.16.1-lp151.7.3 is installed OR libipa_hbac0-1.16.1-lp151.7.3 is installed OR libnfsidmap-sss-1.16.1-lp151.7.3 is installed OR libsss_certmap-devel-1.16.1-lp151.7.3 is installed OR libsss_certmap0-1.16.1-lp151.7.3 is installed OR libsss_idmap-devel-1.16.1-lp151.7.3 is installed OR libsss_idmap0-1.16.1-lp151.7.3 is installed OR libsss_nss_idmap-devel-1.16.1-lp151.7.3 is installed OR libsss_nss_idmap0-1.16.1-lp151.7.3 is installed OR libsss_simpleifp-devel-1.16.1-lp151.7.3 is installed OR libsss_simpleifp0-1.16.1-lp151.7.3 is installed OR python3-ipa_hbac-1.16.1-lp151.7.3 is installed OR python3-sss-murmur-1.16.1-lp151.7.3 is installed OR python3-sss_nss_idmap-1.16.1-lp151.7.3 is installed OR python3-sssd-config-1.16.1-lp151.7.3 is installed OR sssd-1.16.1-lp151.7.3 is installed OR sssd-32bit-1.16.1-lp151.7.3 is installed OR sssd-ad-1.16.1-lp151.7.3 is installed OR sssd-dbus-1.16.1-lp151.7.3 is installed OR sssd-ipa-1.16.1-lp151.7.3 is installed OR sssd-krb5-1.16.1-lp151.7.3 is installed OR sssd-krb5-common-1.16.1-lp151.7.3 is installed OR sssd-ldap-1.16.1-lp151.7.3 is installed OR sssd-proxy-1.16.1-lp151.7.3 is installed OR sssd-tools-1.16.1-lp151.7.3 is installed OR sssd-wbclient-1.16.1-lp151.7.3 is installed OR sssd-wbclient-devel-1.16.1-lp151.7.3 is installed OR sssd-winbind-idmap-1.16.1-lp151.7.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information libmysqlclient18-10.0.28-17 is installed OR libmysqlclient18-32bit-10.0.28-17 is installed OR mariadb-10.0.28-17 is installed OR mariadb-client-10.0.28-17 is installed OR mariadb-errormessages-10.0.28-17 is installed OR mariadb-tools-10.0.28-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND atftp-0.7.0-160.8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libvirt-2.0.0-27.54 is installed OR libvirt-client-2.0.0-27.54 is installed OR libvirt-daemon-2.0.0-27.54 is installed OR libvirt-daemon-config-network-2.0.0-27.54 is installed OR libvirt-daemon-config-nwfilter-2.0.0-27.54 is installed OR libvirt-daemon-driver-interface-2.0.0-27.54 is installed OR libvirt-daemon-driver-libxl-2.0.0-27.54 is installed OR libvirt-daemon-driver-lxc-2.0.0-27.54 is installed OR libvirt-daemon-driver-network-2.0.0-27.54 is installed OR libvirt-daemon-driver-nodedev-2.0.0-27.54 is installed OR libvirt-daemon-driver-nwfilter-2.0.0-27.54 is installed OR libvirt-daemon-driver-qemu-2.0.0-27.54 is installed OR libvirt-daemon-driver-secret-2.0.0-27.54 is installed OR libvirt-daemon-driver-storage-2.0.0-27.54 is installed OR libvirt-daemon-hooks-2.0.0-27.54 is installed OR libvirt-daemon-lxc-2.0.0-27.54 is installed OR libvirt-daemon-qemu-2.0.0-27.54 is installed OR libvirt-daemon-xen-2.0.0-27.54 is installed OR libvirt-doc-2.0.0-27.54 is installed OR libvirt-lock-sanlock-2.0.0-27.54 is installed OR libvirt-nss-2.0.0-27.54 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_59-92_17-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_7-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information colord-gtk-lang-0.1.26-6 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-12 is installed OR libcolord2-32bit-1.3.3-12 is installed OR libcolorhug2-1.3.3-12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.113 is installed OR kernel-default-base-4.4.180-94.113 is installed OR kernel-default-devel-4.4.180-94.113 is installed OR kernel-devel-4.4.180-94.113 is installed OR kernel-macros-4.4.180-94.113 is installed OR kernel-source-4.4.180-94.113 is installed OR kernel-syms-4.4.180-94.113 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information ntp-4.2.8p15-88 is installed OR ntp-doc-4.2.8p15-88 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_143-94_47-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_16-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information apache2-2.4.23-29.21 is installed OR apache2-doc-2.4.23-29.21 is installed OR apache2-example-pages-2.4.23-29.21 is installed OR apache2-prefork-2.4.23-29.21 is installed OR apache2-utils-2.4.23-29.21 is installed OR apache2-worker-2.4.23-29.21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information libgoa-1_0-0-3.20.5-9 is installed OR libgoa-backend-1_0-1-3.20.5-9 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information kernel-default-4.4.121-92.135 is installed OR kernel-default-base-4.4.121-92.135 is installed OR kernel-default-devel-4.4.121-92.135 is installed OR kernel-default-man-4.4.121-92.135 is installed OR kernel-devel-4.4.121-92.135 is installed OR kernel-macros-4.4.121-92.135 is installed OR kernel-source-4.4.121-92.135 is installed OR kernel-syms-4.4.121-92.135 is installed OR kgraft-patch-4_4_121-92_135-default-1-3.5 is installed OR kgraft-patch-SLE12-SP2_Update_35-1-3.5 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libsqlite3-0-3.8.10.2-9.15 is installed OR libsqlite3-0-32bit-3.8.10.2-9.15 is installed OR sqlite3-3.8.10.2-9.15 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-rack-1.6.11-3.3 is installed OR rubygem-rack-1.6.11-3.3 is installed
BACK