Oval Definition:	oval:org.opensuse.security:def:58440
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Important) Description: The SUSE Linux Enterprise 12 SP2 kernel was updated to receive critical security fixes. The following security bugs were fixed: - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). Family: unix Class: patch Status: Reference(s): 1008831 1011685 1012754 1031247 1031249 1031250 1031254 1031255 1031262 1031263 1034560 1042146 1043983 1047178 1048072 1052829 1055265 1056286 1056782 1057721 1057724 1058754 1058755 1058757 1062452 1065237 1069607 1069632 1073002 1078782 1082007 1082008 1082009 1082010 1082011 1082014 1082058 1087433 1087434 1087436 1087437 1087440 1087441 1090338 1090671 1096740 1106923 1108835 1109252 1110445 1111278 1112024 1112530 1112532 1113083 1113632 1113665 1116574 1119183 1121816 1121821 1130611 1130617 1130620 1130622 1130623 1130627 1130721 1131709 1152990 1152992 1152994 1152995 1158328 1165631 1167068 1170558 1171252 1171254 1171363 1171517 1172275 1173942 1176012 1176382 1176896 1176931 682920 979907 997857 999735 CVE-2015-8871 CVE-2015-9096 CVE-2016-10266 CVE-2016-10267 CVE-2016-10268 CVE-2016-10269 CVE-2016-10270 CVE-2016-10271 CVE-2016-10272 CVE-2016-2339 CVE-2016-7163 CVE-2016-7798 CVE-2016-8632 CVE-2016-8655 CVE-2016-9555 CVE-2017-0898 CVE-2017-0899 CVE-2017-0900 CVE-2017-0901 CVE-2017-0902 CVE-2017-0903 CVE-2017-1000368 CVE-2017-10784 CVE-2017-12837 CVE-2017-12883 CVE-2017-14033 CVE-2017-14064 CVE-2017-17405 CVE-2017-17742 CVE-2017-17790 CVE-2017-6512 CVE-2017-7753 CVE-2017-7779 CVE-2017-7782 CVE-2017-7784 CVE-2017-7785 CVE-2017-7786 CVE-2017-7787 CVE-2017-7791 CVE-2017-7792 CVE-2017-7798 CVE-2017-7800 CVE-2017-7801 CVE-2017-7802 CVE-2017-7803 CVE-2017-7804 CVE-2017-7807 CVE-2017-9228 CVE-2017-9229 CVE-2018-1000073 CVE-2018-1000074 CVE-2018-1000075 CVE-2018-1000076 CVE-2018-1000077 CVE-2018-1000078 CVE-2018-1000079 CVE-2018-13785 CVE-2018-15686 CVE-2018-15688 CVE-2018-16395 CVE-2018-16396 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 CVE-2018-3665 CVE-2018-6914 CVE-2018-8777 CVE-2018-8778 CVE-2018-8779 CVE-2018-8780 CVE-2019-11745 CVE-2019-13722 CVE-2019-15845 CVE-2019-16201 CVE-2019-16254 CVE-2019-16255 CVE-2019-17005 CVE-2019-17008 CVE-2019-17009 CVE-2019-17010 CVE-2019-17011 CVE-2019-17012 CVE-2019-1787 CVE-2019-1788 CVE-2019-1789 CVE-2019-6109 CVE-2019-6111 CVE-2019-8320 CVE-2019-8321 CVE-2019-8322 CVE-2019-8323 CVE-2019-8324 CVE-2019-8325 CVE-2020-0429 CVE-2020-0431 CVE-2020-10663 CVE-2020-11668 CVE-2020-12108 CVE-2020-12137 CVE-2020-12653 CVE-2020-12654 CVE-2020-14381 CVE-2020-1749 CVE-2020-25212 SUSE-SU-2016:3049-1 SUSE-SU-2017:1044-1 SUSE-SU-2017:1626-1 SUSE-SU-2017:2144-1 SUSE-SU-2017:2589-1 SUSE-SU-2017:3092-1 SUSE-SU-2018:1940-1 SUSE-SU-2018:3767-1 SUSE-SU-2018:4064-1 SUSE-SU-2019:3347-1 SUSE-SU-2020:1570-1 SUSE-SU-2020:3219-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information freerdp-2.0.0~rc2-lp150.1 is installed OR libfreerdp2-2.0.0~rc2-lp150.1 is installed OR libwinpr2-2.0.0~rc2-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libpolkit0-0.114-lp151.5.3 is installed OR libpolkit0-32bit-0.114-lp151.5.3 is installed OR polkit-0.114-lp151.5.3 is installed OR polkit-devel-0.114-lp151.5.3 is installed OR polkit-doc-0.114-lp151.5.3 is installed OR typelib-1_0-Polkit-1_0-0.114-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information kernel-default-4.4.21-84 is installed OR kernel-default-base-4.4.21-84 is installed OR kernel-default-devel-4.4.21-84 is installed OR kernel-default-man-4.4.21-84 is installed OR kernel-devel-4.4.21-84 is installed OR kernel-macros-4.4.21-84 is installed OR kernel-source-4.4.21-84 is installed OR kernel-syms-4.4.21-84 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-devel-1.8.0_sr5.25-30.39 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.25-30.39 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information openssh-7.2p2-74.42 is installed OR openssh-askpass-gnome-7.2p2-74.42 is installed OR openssh-fips-7.2p2-74.42 is installed OR openssh-helpers-7.2p2-74.42 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_103-92_53-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND binutils-2.26.1-9.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information glibc-2.22-62.22 is installed OR glibc-32bit-2.22-62.22 is installed OR glibc-devel-2.22-62.22 is installed OR glibc-devel-32bit-2.22-62.22 is installed OR glibc-html-2.22-62.22 is installed OR glibc-i18ndata-2.22-62.22 is installed OR glibc-info-2.22-62.22 is installed OR glibc-locale-2.22-62.22 is installed OR glibc-locale-32bit-2.22-62.22 is installed OR glibc-profile-2.22-62.22 is installed OR glibc-profile-32bit-2.22-62.22 is installed OR nscd-2.22-62.22 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.8.0-109.119 is installed OR MozillaFirefox-translations-common-68.8.0-109.119 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ImageMagick-6.8.8.1-71.85 is installed OR libMagickCore-6_Q16-1-6.8.8.1-71.85 is installed OR libMagickWand-6_Q16-1-6.8.8.1-71.85 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information coreutils-8.25-13.7 is installed OR coreutils-lang-8.25-13.7 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information ruby2.1-rubygem-sprockets-2_12-2.12.5-1.4 is installed OR rubygem-sprockets-2_12-2.12.5-1.4 is installed
BACK