Oval Definition:oval:org.opensuse.security:def:59904
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP2) (Important)
Description:

This update for the Linux Kernel 4.4.121-92_109 fixes several issues.

The following security issues were fixed:

- CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136446). - CVE-2019-11477: A sequence of SACKs may have been crafted by a remote attacker such that one can trigger an integer overflow, leading to a kernel panic. (bsc#1137586). - CVE-2019-11478: It was possible to send a crafted sequence of SACKs which would fragment the TCP retransmission queue. A remote attacker may have been able to further exploit the fragmented queue to cause an expensive linked-list walk for subsequent SACKs received for that same TCP connection. (bsc#1137586) - CVE-2019-11487: The Linux kernel allowed page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/linux/pipe_fs_i.h, kernel/trace/trace.c, mm/gup.c, and mm/hugetlb.c. It can occur with FUSE requests (bsc#1133191).
Family:unixClass:patch
Status:Reference(s):1042948
1049373
1051412
1052252
1052771
1053043
1056061
1058082
1066223
1072902
1074122
1074425
1074610
1082318
1084604
1094555
1100973
1108382
1109137
1109663
1109847
1111188
1113231
1116717
1117275
1119086
1119493
1120902
1121263
1123156
1125580
1126961
1127155
1128828
1129770
1131335
1131336
1131645
1132390
1133037
1133140
1133190
1133191
1133738
1134395
1135642
1136446
1136598
1136889
1136922
1136935
1137004
1137194
1137597
1137739
1137749
1137752
1137915
1138291
1138293
1138374
1138459
1138681
1139073
1139751
1140575
1140577
1140738
1141035
1141329
1141332
1141619
1142614
1154043
1155419
1155988
1159856
1159858
1159860
1160250
1160251
1160471
1160937
1170441
1174157
1175259
CVE-2012-2737
CVE-2013-1982
CVE-2017-1000445
CVE-2017-1000476
CVE-2017-11449
CVE-2017-11751
CVE-2017-12430
CVE-2017-12642
CVE-2017-13078
CVE-2017-13079
CVE-2017-13080
CVE-2017-13081
CVE-2017-13087
CVE-2017-13088
CVE-2017-13672
CVE-2017-13673
CVE-2017-14249
CVE-2017-17680
CVE-2017-17882
CVE-2017-9409
CVE-2018-1000802
CVE-2018-14647
CVE-2018-16872
CVE-2018-19364
CVE-2018-19489
CVE-2018-20836
CVE-2018-7858
CVE-2018-8007
CVE-2019-1010006
CVE-2019-10126
CVE-2019-10160
CVE-2019-10638
CVE-2019-10639
CVE-2019-11135
CVE-2019-11139
CVE-2019-11459
CVE-2019-11477
CVE-2019-11478
CVE-2019-11487
CVE-2019-11487
CVE-2019-11599
CVE-2019-12380
CVE-2019-12456
CVE-2019-12525
CVE-2019-12529
CVE-2019-12614
CVE-2019-12818
CVE-2019-12819
CVE-2019-13345
CVE-2019-15681
CVE-2019-15690
CVE-2019-15691
CVE-2019-15692
CVE-2019-15693
CVE-2019-15694
CVE-2019-15695
CVE-2019-17639
CVE-2019-20788
CVE-2019-3846
CVE-2019-6778
CVE-2019-9893
CVE-2020-14556
CVE-2020-14577
CVE-2020-14578
CVE-2020-14579
CVE-2020-14581
CVE-2020-14583
CVE-2020-14593
CVE-2020-14621
SUSE-SU-2017:2745-1
SUSE-SU-2018:0055-1
SUSE-SU-2018:2765-1
SUSE-SU-2019:1852-1
SUSE-SU-2019:2053-2
SUSE-SU-2019:2080-1
SUSE-SU-2019:2941-1
SUSE-SU-2020:0159-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libfreebl3-3.36.1-lp150.1 is installed
  • OR libsoftokn3-3.36.1-lp150.1 is installed
  • OR mozilla-nss-3.36.1-lp150.1 is installed
  • OR mozilla-nss-certs-3.36.1-lp150.1 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • kernel-firmware-20190618-lp151.2.6 is installed
  • OR ucode-amd-20190618-lp151.2.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_109-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_29-3-2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND
  • kernel-default-4.4.180-94.100 is installed
  • OR kernel-default-base-4.4.180-94.100 is installed
  • OR kernel-default-devel-4.4.180-94.100 is installed
  • OR kernel-default-man-4.4.180-94.100 is installed
  • OR kernel-devel-4.4.180-94.100 is installed
  • OR kernel-macros-4.4.180-94.100 is installed
  • OR kernel-source-4.4.180-94.100 is installed
  • OR kernel-syms-4.4.180-94.100 is installed
  • OR kgraft-patch-4_4_180-94_100-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-1-4.3 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND
  • kernel-default-4.4.180-94.100 is installed
  • OR kernel-default-base-4.4.180-94.100 is installed
  • OR kernel-default-devel-4.4.180-94.100 is installed
  • OR kernel-default-man-4.4.180-94.100 is installed
  • OR kernel-devel-4.4.180-94.100 is installed
  • OR kernel-macros-4.4.180-94.100 is installed
  • OR kernel-source-4.4.180-94.100 is installed
  • OR kernel-syms-4.4.180-94.100 is installed
  • OR kgraft-patch-4_4_180-94_100-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_27-1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • accountsservice-0.6.42-14 is installed
  • OR accountsservice-lang-0.6.42-14 is installed
  • OR libaccountsservice0-0.6.42-14 is installed
  • OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • libpython3_4m1_0-3.4.6-25.29 is installed
  • OR python3-3.4.6-25.29 is installed
  • OR python3-base-3.4.6-25.29 is installed
  • OR python3-curses-3.4.6-25.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libgcrypt-1.6.1-16.62 is installed
  • OR libgcrypt20-1.6.1-16.62 is installed
  • OR libgcrypt20-32bit-1.6.1-16.62 is installed
  • OR libgcrypt20-hmac-1.6.1-16.62 is installed
  • OR libgcrypt20-hmac-32bit-1.6.1-16.62 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • fetchmail-6.3.26-12 is installed
  • OR fetchmailconf-6.3.26-12 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • libseccomp-2.4.1-11.3 is installed
  • OR libseccomp2-2.4.1-11.3 is installed
  • OR libseccomp2-32bit-2.4.1-11.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • mariadb-10.2.32-3.28 is installed
  • OR mariadb-galera-10.2.32-3.28 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND couchdb-1.7.2-3.3 is installed
    • BACK