Oval Definition:	oval:org.opensuse.security:def:59055
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 30 for SLE 12 SP2) (Important) Description: This update for the Linux Kernel 4.4.121-92_114 fixes several issues. The following security issues were fixed: - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191). - CVE-2018-5390: Linux kernel could be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service (bsc#1102682). Family: unix Class: patch Status: Reference(s): 1006984 1006989 1037811 1083630 1097560 1097824 1102682 1103809 1103810 1104076 1111498 1117025 1117382 1118987 1120658 1122000 1122344 1123333 1123892 1125352 1131493 1133191 1135170 1138459 1139073 1141035 1141853 1144903 1149792 1153108 1153158 1153161 1154043 1155988 1159856 1159858 1159860 1160250 1160251 1160937 1162197 1162200 1168930 1169605 1169786 1169936 1170302 1170741 1170939 1172049 1172781 1172782 1172783 1173027 977043 CVE-2012-4453 CVE-2013-4326 CVE-2016-8637 CVE-2017-12627 CVE-2018-11805 CVE-2018-12470 CVE-2018-12471 CVE-2018-12472 CVE-2018-20852 CVE-2018-5390 CVE-2019-10160 CVE-2019-10220 CVE-2019-11135 CVE-2019-11139 CVE-2019-11487 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2019-17133 CVE-2019-5436 CVE-2019-5953 CVE-2019-6454 CVE-2020-10766 CVE-2020-10767 CVE-2020-10768 CVE-2020-11008 CVE-2020-1930 CVE-2020-1931 CVE-2020-5260 CVE-2020-8177 SUSE-SU-2019:0428-1 SUSE-SU-2019:0956-1 SUSE-SU-2019:1363-1 SUSE-SU-2019:1767-1 SUSE-SU-2019:2091-1 SUSE-SU-2019:2959-1 SUSE-SU-2020:0810-1 SUSE-SU-2020:1295-1 SUSE-SU-2020:1713-1 SUSE-SU-2020:1732-1 SUSE-SU-2020:2225-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP4-LTSS SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information ntp-4.2.8p13-lp150.8 is installed OR ntp-doc-4.2.8p13-lp150.8 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information bzip2-1.0.6-lp151.5.9 is installed OR bzip2-doc-1.0.6-lp151.5.9 is installed OR libbz2-1-1.0.6-lp151.5.9 is installed OR libbz2-1-32bit-1.0.6-lp151.5.9 is installed OR libbz2-devel-1.0.6-lp151.5.9 is installed OR libbz2-devel-32bit-1.0.6-lp151.5.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information curl-7.37.0-37.40 is installed OR libcurl4-7.37.0-37.40 is installed OR libcurl4-32bit-7.37.0-37.40 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information res-signingkeys-3.0.37-52.23 is installed OR smt-3.0.37-52.23 is installed OR smt-support-3.0.37-52.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_114-default-2-2 is installed OR kgraft-patch-SLE12-SP2_Update_30-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information dracut-044-113 is installed OR dracut-fips-044-113 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information ibus-1.5.13-15.11 is installed OR ibus-gtk-1.5.13-15.11 is installed OR ibus-gtk3-1.5.13-15.11 is installed OR ibus-lang-1.5.13-15.11 is installed OR libibus-1_0-5-1.5.13-15.11 is installed OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information libpcap-1.8.1-10.3 is installed OR libpcap1-1.8.1-10.3 is installed OR tcpdump-4.9.2-14.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information openssh-7.2p2-74.23 is installed OR openssh-askpass-gnome-7.2p2-74.23 is installed OR openssh-fips-7.2p2-74.23 is installed OR openssh-helpers-7.2p2-74.23 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information cvs-1.12.12-182.3 is installed OR cvs-doc-1.12.12-182.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4-LTSS is installed AND Package Information xen-4.11.4_06-2.33 is installed OR xen-doc-html-4.11.4_06-2.33 is installed OR xen-libs-4.11.4_06-2.33 is installed OR xen-libs-32bit-4.11.4_06-2.33 is installed OR xen-tools-4.11.4_06-2.33 is installed OR xen-tools-domU-4.11.4_06-2.33 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information git-2.26.2-27.36 is installed OR git-core-2.26.2-27.36 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
BACK