Oval Definition:	oval:org.opensuse.security:def:59066
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP2) (Important) Description: This update for the Linux Kernel 4.4.121-92_104 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424). This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747). Family: unix Class: patch Status: Reference(s): 1068612 1082318 1092420 1099658 1106284 1107190 1107832 1108719 1110233 1110279 1110785 1113769 1116998 1120843 1120885 1123872 1126503 1128828 1131543 1131565 1132374 1132472 1134537 1134596 1134848 1135281 1135603 1136424 1136446 1136586 1136935 1137586 1137597 1140747 1141968 1142614 11483483 1148383 1149496 1153191 1156525 1157763 1159046 1159856 1159858 1159860 1160152 1160153 1160192 1160250 1160251 1160790 1160851 1160937 1161088 1161089 1161670 1164322 1167231 1167244 1168593 1168874 1169770 1170603 1170657 1171273 1171560 1171594 1171661 1171909 1172166 1172167 1172175 1172176 1172409 1172437 1173576 1173613 1174157 1175259 CVE-2010-1163 CVE-2010-1646 CVE-2011-0010 CVE-2012-2337 CVE-2013-1775 CVE-2013-1776 CVE-2014-9680 CVE-2016-5384 CVE-2016-7032 CVE-2016-7076 CVE-2017-1000246 CVE-2017-1000367 CVE-2017-1000368 CVE-2018-14633 CVE-2018-17182 CVE-2018-17972 CVE-2018-4191 CVE-2018-4197 CVE-2018-4207 CVE-2018-4208 CVE-2018-4209 CVE-2018-4210 CVE-2018-4212 CVE-2018-4213 CVE-2018-4261 CVE-2018-4262 CVE-2018-4263 CVE-2018-4264 CVE-2018-4265 CVE-2018-4266 CVE-2018-4267 CVE-2018-4270 CVE-2018-4272 CVE-2018-4273 CVE-2018-4278 CVE-2018-4284 CVE-2018-4299 CVE-2018-4306 CVE-2018-4309 CVE-2018-4312 CVE-2018-4314 CVE-2018-4315 CVE-2018-4316 CVE-2018-4317 CVE-2018-4318 CVE-2018-4319 CVE-2018-4323 CVE-2018-4328 CVE-2018-4345 CVE-2018-4358 CVE-2018-4359 CVE-2018-4361 CVE-2018-4372 CVE-2018-4373 CVE-2018-4375 CVE-2018-4376 CVE-2018-4378 CVE-2018-4382 CVE-2018-4386 CVE-2018-4392 CVE-2018-4416 CVE-2018-7191 CVE-2019-1010083 CVE-2019-11190 CVE-2019-11477 CVE-2019-11478 CVE-2019-11479 CVE-2019-11815 CVE-2019-11833 CVE-2019-11884 CVE-2019-12382 CVE-2019-15043 CVE-2019-15691 CVE-2019-15692 CVE-2019-15693 CVE-2019-15694 CVE-2019-15695 CVE-2019-15961 CVE-2019-16785 CVE-2019-16786 CVE-2019-16789 CVE-2019-16792 CVE-2019-16865 CVE-2019-17639 CVE-2019-18874 CVE-2019-19911 CVE-2019-3828 CVE-2019-3846 CVE-2019-5482 CVE-2019-5489 CVE-2019-9893 CVE-2020-10663 CVE-2020-10743 CVE-2020-10757 CVE-2020-11076 CVE-2020-11077 CVE-2020-12052 CVE-2020-12268 CVE-2020-12402 CVE-2020-12415 CVE-2020-12416 CVE-2020-12417 CVE-2020-12418 CVE-2020-12419 CVE-2020-12420 CVE-2020-12421 CVE-2020-12422 CVE-2020-12423 CVE-2020-12424 CVE-2020-12425 CVE-2020-12426 CVE-2020-13254 CVE-2020-13379 CVE-2020-13596 CVE-2020-14556 CVE-2020-14577 CVE-2020-14578 CVE-2020-14579 CVE-2020-14581 CVE-2020-14583 CVE-2020-14593 CVE-2020-14621 CVE-2020-5312 CVE-2020-5313 CVE-2020-5390 CVE-2020-6821 CVE-2020-6822 CVE-2020-6825 CVE-2020-6827 CVE-2020-6828 CVE-2020-8151 SUSE-SU-2019:0059-1 SUSE-SU-2019:1534-1 SUSE-SU-2019:2339-2 SUSE-SU-2019:3177-1 SUSE-SU-2020:0159-1 SUSE-SU-2020:0978-1 SUSE-SU-2020:1212-1 SUSE-SU-2020:1899-1 SUSE-SU-2020:1901-1 SUSE-SU-2020:2461-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information apache2-2.4.33-lp150.1 is installed OR apache2-doc-2.4.33-lp150.1 is installed OR apache2-example-pages-2.4.33-lp150.1 is installed OR apache2-prefork-2.4.33-lp150.1 is installed OR apache2-utils-2.4.33-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information libpython2_7-1_0-2.7.14-lp151.10.7 is installed OR libpython2_7-1_0-32bit-2.7.14-lp151.10.7 is installed OR python-2.7.14-lp151.10.7 is installed OR python-32bit-2.7.14-lp151.10.7 is installed OR python-base-2.7.14-lp151.10.7 is installed OR python-base-32bit-2.7.14-lp151.10.7 is installed OR python-curses-2.7.14-lp151.10.7 is installed OR python-demo-2.7.14-lp151.10.7 is installed OR python-devel-2.7.14-lp151.10.7 is installed OR python-doc-2.7.14-lp151.10.7 is installed OR python-doc-pdf-2.7.14-lp151.10.7 is installed OR python-gdbm-2.7.14-lp151.10.7 is installed OR python-idle-2.7.14-lp151.10.7 is installed OR python-tk-2.7.14-lp151.10.7 is installed OR python-xml-2.7.14-lp151.10.7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND Package Information kernel-default-4.4.121-92.114 is installed OR kernel-default-base-4.4.121-92.114 is installed OR kernel-default-devel-4.4.121-92.114 is installed OR kernel-devel-4.4.121-92.114 is installed OR kernel-macros-4.4.121-92.114 is installed OR kernel-source-4.4.121-92.114 is installed OR kernel-syms-4.4.121-92.114 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_73-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_21-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_121-92_104-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_28-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information fontconfig-2.11.1-7 is installed OR fontconfig-32bit-2.11.1-7 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libgcrypt-1.6.1-16.62 is installed OR libgcrypt20-1.6.1-16.62 is installed OR libgcrypt20-32bit-1.6.1-16.62 is installed OR libgcrypt20-hmac-1.6.1-16.62 is installed OR libgcrypt20-hmac-32bit-1.6.1-16.62 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND dstat-0.7.3-1 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information libXvnc1-1.6.0-18.28 is installed OR tigervnc-1.6.0-18.28 is installed OR xorg-x11-Xvnc-1.6.0-18.28 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information nfs-client-1.3.0-34.22 is installed OR nfs-doc-1.3.0-34.22 is installed OR nfs-kernel-server-1.3.0-34.22 is installed OR nfs-utils-1.3.0-34.22 is installed
BACK