OVAL Reference oval:org.opensuse.security:def:59048

Oval Definition:

oval:org.opensuse.security:def:59048

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2) (Important)
Description:	This update for the Linux Kernel 4.4.121-92_95 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191).
Family:	unix	Class:	patch
Status:		Reference(s):	1080919 1087200 1104668 1109465 1117473 1119947 1121563 1123156 1123482 1124525 1125330 1125352 1126056 1127557 1127987 1128657 1129821 1130230 1130262 1132348 1132400 1132721 1133191 1133810 1136446 1136935 1137597 1139083 1140868 1144903 1145665 1146873 1149323 1149811 1153108 1153158 1153161 1160968 1161066 1163018 1166240 1170643 1170940 1171550 1172265 1174415 955942 CVE-2011-3602 CVE-2014-4362 CVE-2017-9103 CVE-2017-9104 CVE-2017-9105 CVE-2017-9106 CVE-2017-9107 CVE-2017-9108 CVE-2017-9109 CVE-2018-12539 CVE-2018-1517 CVE-2018-1656 CVE-2018-16884 CVE-2018-18335 CVE-2018-18356 CVE-2018-18506 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-6954 CVE-2019-10220 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-11709 CVE-2019-11710 CVE-2019-11711 CVE-2019-11712 CVE-2019-11713 CVE-2019-11714 CVE-2019-11715 CVE-2019-11716 CVE-2019-11717 CVE-2019-11718 CVE-2019-11719 CVE-2019-11720 CVE-2019-11721 CVE-2019-11723 CVE-2019-11724 CVE-2019-11725 CVE-2019-11727 CVE-2019-11728 CVE-2019-11729 CVE-2019-11730 CVE-2019-11733 CVE-2019-11735 CVE-2019-11736 CVE-2019-11738 CVE-2019-11740 CVE-2019-11742 CVE-2019-11743 CVE-2019-11744 CVE-2019-11746 CVE-2019-11747 CVE-2019-11748 CVE-2019-11749 CVE-2019-11750 CVE-2019-11751 CVE-2019-11752 CVE-2019-11753 CVE-2019-12068 CVE-2019-12900 CVE-2019-15890 CVE-2019-17133 CVE-2019-3842 CVE-2019-3846 CVE-2019-5785 CVE-2019-6454 CVE-2019-6778 CVE-2019-9788 CVE-2019-9790 CVE-2019-9791 CVE-2019-9792 CVE-2019-9793 CVE-2019-9794 CVE-2019-9795 CVE-2019-9796 CVE-2019-9801 CVE-2019-9810 CVE-2019-9811 CVE-2019-9812 CVE-2019-9813 CVE-2020-15900 CVE-2020-1711 CVE-2020-1983 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-2752 CVE-2020-2812 CVE-2020-3899 CVE-2020-7039 CVE-2020-8608 SUSE-SU-2019:0852-1 SUSE-SU-2019:1265-1 SUSE-SU-2019:2013-1 SUSE-SU-2020:0628-1 SUSE-SU-2020:1211-1 SUSE-SU-2020:1612-1 SUSE-SU-2020:1625-1 SUSE-SU-2020:2097-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND Package Information unzip-6.00-lp150.8 is installed OR unzip-doc-6.00-lp150.8 is installed OR unzip-rcc-6.00-lp150.8 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information evince-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-devel-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-lang-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-comicsdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-djvudocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-dvidocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-pdfdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-psdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-tiffdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR evince-plugin-xpsdocument-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR libevdocument3-4-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR libevview3-3-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR nautilus-evince-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR typelib-1_0-EvinceDocument-3_0-3.26.0+20180128.1bd86963-lp151.4.6 is installed OR typelib-1_0-EvinceView-3_0-3.26.0+20180128.1bd86963-lp151.4.6 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information libsystemd0-228-150.66 is installed OR libsystemd0-32bit-228-150.66 is installed OR libudev1-228-150.66 is installed OR libudev1-32bit-228-150.66 is installed OR systemd-228-150.66 is installed OR systemd-32bit-228-150.66 is installed OR systemd-bash-completion-228-150.66 is installed OR systemd-sysvinit-228-150.66 is installed OR udev-228-150.66 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-devel-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.30-38.26 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.30-38.26 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_95-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_25-6-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND davfs2-1.5.2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information xen-4.9.4_04-3.56 is installed OR xen-doc-html-4.9.4_04-3.56 is installed OR xen-libs-4.9.4_04-3.56 is installed OR xen-libs-32bit-4.9.4_04-3.56 is installed OR xen-tools-4.9.4_04-3.56 is installed OR xen-tools-domU-4.9.4_04-3.56 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_103-default-2-2 is installed OR kgraft-patch-SLE12-SP3_Update_28-2-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information cups-1.7.5-20.17 is installed OR cups-client-1.7.5-20.17 is installed OR cups-libs-1.7.5-20.17 is installed OR cups-libs-32bit-1.7.5-20.17 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information crash-7.2.1-2 is installed OR crash-kmp-default-7.2.1_k4.12.14_94.41-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information libdcerpc-binding0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc-binding0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libdcerpc0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-krb5pac0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-nbt0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr-standard0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libndr0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libnetapi0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-credentials0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-errors0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-hostconfig0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-passdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamba-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsamdb0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbconf0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libsmbldap0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libtevent-util0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR libwbclient0-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-client-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-doc-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-libs-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-4.6.16+git.186.c6d77b0d5a6-3.52 is installed OR samba-winbind-32bit-4.6.16+git.186.c6d77b0d5a6-3.52 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information libjavascriptcoregtk-4_0-18-2.28.2-2.53 is installed OR libwebkit2gtk-4_0-37-2.28.2-2.53 is installed OR libwebkit2gtk3-lang-2.28.2-2.53 is installed OR typelib-1_0-JavaScriptCore-4_0-2.28.2-2.53 is installed OR typelib-1_0-WebKit2-4_0-2.28.2-2.53 is installed OR webkit2gtk-4_0-injected-bundles-2.28.2-2.53 is installed OR webkit2gtk3-2.28.2-2.53 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed

BACK