Oval Definition:oval:org.opensuse.security:def:59067
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP2) (Important)
Description:

This update for the Linux Kernel 4.4.121-92_109 fixes several issues.

The following security issues were fixed:

- CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424).

This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).
Family:unixClass:patch
Status:Reference(s):1068612
1092420
1093414
1107190
1107832
1108719
1109160
1110233
1118367
1118368
1120114
1120115
1120116
1120117
1120118
1120119
1120120
1120121
1120122
1123872
1126503
1135715
1136446
1137597
1137832
1139073
1140747
1141035
1141968
11483483
1148383
1148931
1150734
1153191
1154043
1154824
1155988
1156353
1156525
1157198
1159046
1160152
1160153
1160192
1160790
1160851
1161088
1161089
1161670
1164322
1167244
1167890
1168593
1168930
1169770
1170657
1171186
1171273
1171560
1171594
1171661
1171740
1171909
1172140
1172166
1172167
1172175
1172176
1172409
1172437
1172466
1175664
1175665
1175671
CVE-2012-3547
CVE-2014-2015
CVE-2015-4680
CVE-2015-8763
CVE-2016-1602
CVE-2017-1000246
CVE-2017-9148
CVE-2018-14633
CVE-2018-15126
CVE-2018-15127
CVE-2018-17182
CVE-2018-20019
CVE-2018-20020
CVE-2018-20021
CVE-2018-20022
CVE-2018-20023
CVE-2018-20024
CVE-2018-5741
CVE-2018-6307
CVE-2019-1010083
CVE-2019-11135
CVE-2019-11139
CVE-2019-11477
CVE-2019-11478
CVE-2019-12749
CVE-2019-15043
CVE-2019-15666
CVE-2019-16785
CVE-2019-16786
CVE-2019-16789
CVE-2019-16792
CVE-2019-16865
CVE-2019-18874
CVE-2019-19911
CVE-2019-3688
CVE-2019-3690
CVE-2019-3828
CVE-2019-3846
CVE-2019-8595
CVE-2019-8607
CVE-2019-8615
CVE-2019-8644
CVE-2019-8649
CVE-2019-8658
CVE-2019-8666
CVE-2019-8669
CVE-2019-8671
CVE-2019-8672
CVE-2019-8673
CVE-2019-8676
CVE-2019-8677
CVE-2019-8678
CVE-2019-8679
CVE-2019-8680
CVE-2019-8681
CVE-2019-8683
CVE-2019-8684
CVE-2019-8686
CVE-2019-8687
CVE-2019-8688
CVE-2019-8689
CVE-2019-8690
CVE-2020-0543
CVE-2020-0548
CVE-2020-0549
CVE-2020-10663
CVE-2020-10743
CVE-2020-10757
CVE-2020-11076
CVE-2020-11077
CVE-2020-12052
CVE-2020-12387
CVE-2020-12388
CVE-2020-12389
CVE-2020-12392
CVE-2020-12393
CVE-2020-12395
CVE-2020-13254
CVE-2020-13379
CVE-2020-13596
CVE-2020-15810
CVE-2020-15811
CVE-2020-24606
CVE-2020-5260
CVE-2020-5312
CVE-2020-5313
CVE-2020-5390
CVE-2020-6831
CVE-2020-8151
CVE-2020-8616
CVE-2020-8617
SUSE-SU-2019:0060-1
SUSE-SU-2019:1591-1
SUSE-SU-2019:2345-2
SUSE-SU-2019:3180-1
SUSE-SU-2020:0992-1
SUSE-SU-2020:1218-1
SUSE-SU-2020:1595-1
SUSE-SU-2020:1901-1
SUSE-SU-2020:1914-1
SUSE-SU-2020:2471-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • apache2-mod_php7-7.2.5-lp150.1 is installed
  • OR php7-7.2.5-lp150.1 is installed
  • OR php7-ctype-7.2.5-lp150.1 is installed
  • OR php7-dom-7.2.5-lp150.1 is installed
  • OR php7-iconv-7.2.5-lp150.1 is installed
  • OR php7-json-7.2.5-lp150.1 is installed
  • OR php7-mysql-7.2.5-lp150.1 is installed
  • OR php7-pdo-7.2.5-lp150.1 is installed
  • OR php7-pgsql-7.2.5-lp150.1 is installed
  • OR php7-sqlite-7.2.5-lp150.1 is installed
  • OR php7-tokenizer-7.2.5-lp150.1 is installed
  • OR php7-xmlreader-7.2.5-lp150.1 is installed
  • OR php7-xmlwriter-7.2.5-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND schismtracker-20190805-lp151.3.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • dbus-1-1.8.22-24.19 is installed
  • OR dbus-1-x11-1.8.22-24.19 is installed
  • OR libdbus-1-3-1.8.22-24.19 is installed
  • OR libdbus-1-3-32bit-1.8.22-24.19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_109-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_29-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • freeradius-server-3.0.14-1 is installed
  • OR freeradius-server-doc-3.0.14-1 is installed
  • OR freeradius-server-krb5-3.0.14-1 is installed
  • OR freeradius-server-ldap-3.0.14-1 is installed
  • OR freeradius-server-libs-3.0.14-1 is installed
  • OR freeradius-server-mysql-3.0.14-1 is installed
  • OR freeradius-server-perl-3.0.14-1 is installed
  • OR freeradius-server-postgresql-3.0.14-1 is installed
  • OR freeradius-server-python-3.0.14-1 is installed
  • OR freeradius-server-sqlite-3.0.14-1 is installed
  • OR freeradius-server-utils-3.0.14-1 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_103-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libcgroup-0.41.rc1-10.9 is installed
  • OR libcgroup-tools-0.41.rc1-10.9 is installed
  • OR libcgroup1-0.41.rc1-10.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • e2fsprogs-1.43.8-1 is installed
  • OR libcom_err2-1.43.8-1 is installed
  • OR libcom_err2-32bit-1.43.8-1 is installed
  • OR libext2fs2-1.43.8-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ucode-intel-20200602-13.68 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • crowbar-core-5.0+git.1569597589.1f025c557-3.32 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1569597589.1f025c557-3.32 is installed
  • OR crowbar-ha-5.0+git.1567673535.607aada-3.26 is installed
  • OR crowbar-openstack-5.0+git.1570141351.058c8bd44-4.31 is installed
  • OR crowbar-ui-1.2.0+git.1568396400.0344a727-3.12 is installed
  • OR galera-3-25.3.25-4.6 is installed
  • OR galera-3-wsrep-provider-25.3.25-4.6 is installed
  • OR grafana-4.6.5-4.6 is installed
  • OR libmariadb3-3.1.2-3.12 is installed
  • OR mariadb-10.2.25-4.14 is installed
  • OR mariadb-client-10.2.25-4.14 is installed
  • OR mariadb-connector-c-3.1.2-3.12 is installed
  • OR mariadb-errormessages-10.2.25-4.14 is installed
  • OR mariadb-galera-10.2.25-4.14 is installed
  • OR mariadb-tools-10.2.25-4.14 is installed
  • OR novnc-1.0.0-3.6 is installed
  • OR openstack-cinder-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-api-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-backup-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-doc-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev16-3.21 is installed
  • OR openstack-cinder-volume-11.2.3~dev16-3.21 is installed
  • OR openstack-glance-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-api-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-doc-15.0.3~dev3-3.12 is installed
  • OR openstack-glance-registry-15.0.3~dev3-3.12 is installed
  • OR openstack-heat-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-cfn-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-api-cloudwatch-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-doc-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-engine-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-plugin-heat_docker-9.0.8~dev13-3.24 is installed
  • OR openstack-heat-test-9.0.8~dev13-3.24 is installed
  • OR openstack-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed
  • OR openstack-keystone-12.0.4~dev4-5.27 is installed
  • OR openstack-keystone-doc-12.0.4~dev4-5.27 is installed
  • OR openstack-monasca-installer-20190923_16.32-3.9 is installed
  • OR openstack-neutron-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-doc-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-gbp-7.3.1~dev56-3.9 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-lbaas-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.15 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev51-3.24 is installed
  • OR openstack-neutron-server-11.0.9~dev51-3.24 is installed
  • OR openstack-nova-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-api-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-cells-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-compute-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-conductor-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-console-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-doc-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-placement-api-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-scheduler-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev7-3.29 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev7-3.29 is installed
  • OR python-amqp-2.2.2-3.6 is installed
  • OR python-cinder-11.2.3~dev16-3.21 is installed
  • OR python-glance-15.0.3~dev3-3.12 is installed
  • OR python-heat-9.0.8~dev13-3.24 is installed
  • OR python-horizon-plugin-neutron-vpnaas-ui-1.0.1~dev3-3.6 is installed
  • OR python-keystone-12.0.4~dev4-5.27 is installed
  • OR python-neutron-11.0.9~dev51-3.24 is installed
  • OR python-neutron-gbp-7.3.1~dev56-3.9 is installed
  • OR python-neutron-lbaas-11.0.4~dev6-3.15 is installed
  • OR python-nova-16.1.9~dev7-3.29 is installed
  • OR python-ovs-2.7.2-3.6 is installed
  • OR python-pysaml2-4.0.2-5.3 is installed
  • OR python-urllib3-1.22-5.9 is installed
  • OR release-notes-suse-openstack-cloud-8.20190911-3.20 is installed
  • OR ruby2.1-rubygem-easy_diff-1.0.0-3.4 is installed
  • OR rubygem-easy_diff-1.0.0-3.4 is installed
    • BACK