Oval Definition:	oval:org.opensuse.security:def:59052
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2) (Important) Description: This update for the Linux Kernel 4.4.121-92_101 fixes several issues. The following security issues were fixed: - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). Family: unix Class: patch Status: Reference(s): 1047002 1105437 1105459 1105460 1109663 1109847 1115034 1119687 1119947 1121571 1121816 1121818 1121821 1131576 1132665 1133191 1136446 1136935 1137597 1138459 1142772 1145692 1150733 1160968 1166238 1168404 1168407 1169066 1169511 1171352 1172277 1172402 1173274 CVE-2013-2131 CVE-2015-3294 CVE-2015-8899 CVE-2017-10790 CVE-2018-1000802 CVE-2018-10844 CVE-2018-10845 CVE-2018-10846 CVE-2018-14647 CVE-2018-16884 CVE-2018-20346 CVE-2018-20506 CVE-2018-20685 CVE-2019-1010180 CVE-2019-10160 CVE-2019-11477 CVE-2019-11478 CVE-2019-11487 CVE-2019-20503 CVE-2019-2949 CVE-2019-3689 CVE-2019-3846 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-14422 CVE-2020-1927 CVE-2020-1934 CVE-2020-1938 CVE-2020-2654 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-6805 CVE-2020-6806 CVE-2020-6807 CVE-2020-6811 CVE-2020-6812 CVE-2020-6814 SUSE-SU-2019:0132-1 SUSE-SU-2019:0913-1 SUSE-SU-2019:2053-1 SUSE-SU-2019:2914-1 SUSE-SU-2020:0717-1 SUSE-SU-2020:1272-1 SUSE-SU-2020:1683-1 SUSE-SU-2020:1685-1 SUSE-SU-2020:2157-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND ansible-2.7.8-9 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libpolkit0-0.114-lp151.5.3 is installed OR libpolkit0-32bit-0.114-lp151.5.3 is installed OR polkit-0.114-lp151.5.3 is installed OR polkit-devel-0.114-lp151.5.3 is installed OR polkit-doc-0.114-lp151.5.3 is installed OR typelib-1_0-Polkit-1_0-0.114-lp151.5.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information openssh-7.2p2-74.35 is installed OR openssh-askpass-gnome-7.2p2-74.35 is installed OR openssh-fips-7.2p2-74.35 is installed OR openssh-helpers-7.2p2-74.35 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information gnutls-3.2.15-18.6 is installed OR libgnutls-openssl27-3.2.15-18.6 is installed OR libgnutls28-3.2.15-18.6 is installed OR libgnutls28-32bit-3.2.15-18.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_101-default-3-2 is installed OR kgraft-patch-SLE12-SP2_Update_27-3-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND dnsmasq-2.76-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information curl-7.37.0-37.43 is installed OR libcurl4-7.37.0-37.43 is installed OR libcurl4-32bit-7.37.0-37.43 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_162-94_72-default-7-2 is installed OR kgraft-patch-SLE12-SP3_Update_22-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information MozillaFirefox-68.1.0-109.89 is installed OR MozillaFirefox-branding-SLE-68-32.8 is installed OR MozillaFirefox-translations-common-68.1.0-109.89 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsndfile-1.0.25-36.16 is installed OR libsndfile1-1.0.25-36.16 is installed OR libsndfile1-32bit-1.0.25-36.16 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cups-filters-1.0.58-19.2 is installed OR cups-filters-cups-browsed-1.0.58-19.2 is installed OR cups-filters-foomatic-rip-1.0.58-19.2 is installed OR cups-filters-ghostscript-1.0.58-19.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information MozillaFirefox-78.1.0-112.8 is installed OR MozillaFirefox-devel-78.1.0-112.8 is installed OR MozillaFirefox-translations-common-78.1.0-112.8 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information apache2-2.4.23-29.54 is installed OR apache2-doc-2.4.23-29.54 is installed OR apache2-example-pages-2.4.23-29.54 is installed OR apache2-prefork-2.4.23-29.54 is installed OR apache2-utils-2.4.23-29.54 is installed OR apache2-worker-2.4.23-29.54 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed
BACK