Oval Definition:	oval:org.opensuse.security:def:59063
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 25 for SLE 12 SP2) (Important) Description: This update for the Linux Kernel 4.4.121-92_95 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424). This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747). Family: unix Class: patch Status: Reference(s): 1045640 1076033 1107256 1108308 1123161 1124937 1130972 1134399 1136446 1137443 1137597 1139358 1140012 1140652 1140747 1140903 1140945 1141322 1141401 1141402 1141452 1141453 1141454 1141628 1142023 1142098 1142857 1143045 1143048 1143189 1143191 1144257 1144273 1144288 1144902 1144920 1145920 1145922 1146163 1154212 1154328 1158442 1158527 1159819 1160398 1166844 1168669 1169511 1169746 1170715 1170908 1171978 1172402 1172698 1172704 1173022 CVE-2009-2625 CVE-2009-3560 CVE-2009-3700 CVE-2009-3720 CVE-2009-3826 CVE-2012-0876 CVE-2012-1147 CVE-2012-1148 CVE-2012-6702 CVE-2015-1283 CVE-2015-8936 CVE-2016-0718 CVE-2016-5300 CVE-2017-18551 CVE-2018-20855 CVE-2018-20856 CVE-2019-10207 CVE-2019-10218 CVE-2019-1125 CVE-2019-11477 CVE-2019-11478 CVE-2019-11745 CVE-2019-11810 CVE-2019-12735 CVE-2019-13631 CVE-2019-14283 CVE-2019-14284 CVE-2019-15117 CVE-2019-15118 CVE-2019-17006 CVE-2019-17006 CVE-2019-17631 CVE-2019-2933 CVE-2019-2945 CVE-2019-2958 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2996 CVE-2019-2999 CVE-2019-3693 CVE-2019-3819 CVE-2019-3846 CVE-2019-6212 CVE-2019-6215 CVE-2019-6216 CVE-2019-6217 CVE-2019-6226 CVE-2019-6227 CVE-2019-6229 CVE-2019-6233 CVE-2019-6234 CVE-2020-10531 CVE-2020-12399 CVE-2020-12402 CVE-2020-12405 CVE-2020-12406 CVE-2020-12410 CVE-2020-2754 CVE-2020-2755 CVE-2020-2756 CVE-2020-2757 CVE-2020-2773 CVE-2020-2781 CVE-2020-2800 CVE-2020-2803 CVE-2020-2805 CVE-2020-2830 CVE-2020-8023 SUSE-SU-2019:0511-1 SUSE-SU-2019:1456-1 SUSE-SU-2019:2299-1 SUSE-SU-2019:3076-1 SUSE-SU-2020:0024-1 SUSE-SU-2020:0088-1 SUSE-SU-2020:1180-1 SUSE-SU-2020:1563-1 SUSE-SU-2020:1839-1 SUSE-SU-2020:1859-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information aaa_base-84.87+git20180409.04c9dae-lp150.1 is installed OR aaa_base-extras-84.87+git20180409.04c9dae-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libcryptopp-5.6.5-lp151.3.3 is installed OR libcryptopp-devel-5.6.5-lp151.3.3 is installed OR libcryptopp5_6_5-5.6.5-lp151.3.3 is installed OR libcryptopp5_6_5-32bit-5.6.5-lp151.3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information gvim-7.4.326-17.3 is installed OR vim-7.4.326-17.3 is installed OR vim-data-7.4.326-17.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information libecpg6-10.5-1.3 is installed OR libpq5-10.5-1.3 is installed OR libpq5-32bit-10.5-1.3 is installed OR postgresql-init-10-17.20 is installed OR postgresql10-10.5-1.3 is installed OR postgresql10-contrib-10.5-1.3 is installed OR postgresql10-docs-10.5-1.3 is installed OR postgresql10-libs-10.5-1.3 is installed OR postgresql10-server-10.5-1.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_95-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_25-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information expat-2.1.0-20 is installed OR libexpat1-2.1.0-20 is installed OR libexpat1-32bit-2.1.0-20 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND sudo-1.8.20p2-3.14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information libseccomp-2.4.1-11.3 is installed OR libseccomp2-2.4.1-11.3 is installed OR libseccomp2-32bit-2.4.1-11.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_178-94_91-default-5-2 is installed OR kgraft-patch-SLE12-SP3_Update_25-5-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information gdk-pixbuf-2.34.0-19.17 is installed OR gdk-pixbuf-lang-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-2.34.0-19.17 is installed OR gdk-pixbuf-query-loaders-32bit-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-2.34.0-19.17 is installed OR libgdk_pixbuf-2_0-0-32bit-2.34.0-19.17 is installed OR typelib-1_0-GdkPixbuf-2_0-2.34.0-19.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information dovecot22-2.2.31-19.11 is installed OR dovecot22-backend-mysql-2.2.31-19.11 is installed OR dovecot22-backend-pgsql-2.2.31-19.11 is installed OR dovecot22-backend-sqlite-2.2.31-19.11 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information MozillaFirefox-68.9.0-109.123 is installed OR MozillaFirefox-translations-common-68.9.0-109.123 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND sudo-1.8.20p2-3.14 is installed
BACK