Oval Definition:oval:org.opensuse.security:def:59918
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 28 for SLE 12 SP2) (Important)
Description:

This update for the Linux Kernel 4.4.121-92_104 fixes several issues.

The following security issues were fixed:

- CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424).

This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).
Family:unixClass:patch
Status:Reference(s):1009254
1023895
1052261
1071853
1083721
1085207
1093536
1094462
1105559
1107874
1109845
1118003
1120932
1122292
1122299
1122706
1122875
1124170
1124729
1124734
1126230
1126391
1128378
1128753
1130593
1131712
1131791
1132542
1132852
1132860
1136082
1136446
1137597
1140747
1141780
1141782
1141783
1141785
1141787
1141789
1147021
1150011
1153108
1156321
1156331
1157607
1161096
1162553
1171252
1171254
1171670
1171921
1171960
1171961
1171963
1176579
124991
980486
CVE-2013-1991
CVE-2013-2000
CVE-2014-8169
CVE-2017-12424
CVE-2017-5715
CVE-2018-10811
CVE-2018-11212
CVE-2018-14574
CVE-2018-16151
CVE-2018-16152
CVE-2018-17540
CVE-2018-20856
CVE-2018-5388
CVE-2019-10220
CVE-2019-10876
CVE-2019-11068
CVE-2019-11477
CVE-2019-11478
CVE-2019-11478
CVE-2019-11771
CVE-2019-11772
CVE-2019-11775
CVE-2019-13272
CVE-2019-14822
CVE-2019-2449
CVE-2019-2762
CVE-2019-2766
CVE-2019-2769
CVE-2019-2786
CVE-2019-2816
CVE-2019-3498
CVE-2019-3813
CVE-2019-3846
CVE-2019-4473
CVE-2019-6974
CVE-2019-6975
CVE-2019-7221
CVE-2019-7317
CVE-2019-9213
CVE-2020-10753
CVE-2020-12653
CVE-2020-12654
CVE-2020-1472
SUSE-SU-2017:2947-1
SUSE-SU-2018:0708-1
SUSE-SU-2019:0241-1
SUSE-SU-2019:1862-1
SUSE-SU-2019:1935-1
SUSE-SU-2019:2389-1
SUSE-SU-2019:3266-1
SUSE-SU-2020:1748-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libid3tag0-0.15.1b-lp150.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • libBasicUsageEnvironment1-2019.06.28-lp151.2.3 is installed
  • OR libUsageEnvironment3-2019.06.28-lp151.2.3 is installed
  • OR libgroupsock8-2019.06.28-lp151.2.3 is installed
  • OR libliveMedia66-2019.06.28-lp151.2.3 is installed
  • OR live555-2019.06.28-lp151.2.3 is installed
  • OR live555-devel-2019.06.28-lp151.2.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_104-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_28-4-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND autofs-5.0.9-27 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • ibus-1.5.13-15.11 is installed
  • OR ibus-gtk-1.5.13-15.11 is installed
  • OR ibus-gtk3-1.5.13-15.11 is installed
  • OR ibus-lang-1.5.13-15.11 is installed
  • OR libibus-1_0-5-1.5.13-15.11 is installed
  • OR typelib-1_0-IBus-1_0-1.5.13-15.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libvirt-3.3.0-5.40 is installed
  • OR libvirt-admin-3.3.0-5.40 is installed
  • OR libvirt-client-3.3.0-5.40 is installed
  • OR libvirt-daemon-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-config-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-interface-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-libxl-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-network-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nodedev-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-nwfilter-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-secret-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-core-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-disk-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-iscsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-logical-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-mpath-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-rbd-3.3.0-5.40 is installed
  • OR libvirt-daemon-driver-storage-scsi-3.3.0-5.40 is installed
  • OR libvirt-daemon-hooks-3.3.0-5.40 is installed
  • OR libvirt-daemon-lxc-3.3.0-5.40 is installed
  • OR libvirt-daemon-qemu-3.3.0-5.40 is installed
  • OR libvirt-daemon-xen-3.3.0-5.40 is installed
  • OR libvirt-doc-3.3.0-5.40 is installed
  • OR libvirt-libs-3.3.0-5.40 is installed
  • OR libvirt-lock-sanlock-3.3.0-5.40 is installed
  • OR libvirt-nss-3.3.0-5.40 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_180-94_97-default-3-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_26-3-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • apache2-2.4.23-29.24 is installed
  • OR apache2-doc-2.4.23-29.24 is installed
  • OR apache2-example-pages-2.4.23-29.24 is installed
  • OR apache2-prefork-2.4.23-29.24 is installed
  • OR apache2-utils-2.4.23-29.24 is installed
  • OR apache2-worker-2.4.23-29.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • glib2-lang-2.48.2-10 is installed
  • OR glib2-tools-2.48.2-10 is installed
  • OR libgio-2_0-0-2.48.2-10 is installed
  • OR libgio-2_0-0-32bit-2.48.2-10 is installed
  • OR libglib-2_0-0-2.48.2-10 is installed
  • OR libglib-2_0-0-32bit-2.48.2-10 is installed
  • OR libgmodule-2_0-0-2.48.2-10 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-10 is installed
  • OR libgobject-2_0-0-2.48.2-10 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-10 is installed
  • OR libgthread-2_0-0-2.48.2-10 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • strongswan-5.1.3-26.13 is installed
  • OR strongswan-doc-5.1.3-26.13 is installed
  • OR strongswan-hmac-5.1.3-26.13 is installed
  • OR strongswan-ipsec-5.1.3-26.13 is installed
  • OR strongswan-libs0-5.1.3-26.13 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • ghostscript-9.52-23.39 is installed
  • OR ghostscript-x11-9.52-23.39 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • crowbar-core-5.0+git.1558533551.8d8ed2058-3.23 is installed
  • OR crowbar-core-branding-SOC-5.0-10.6 is installed
  • OR crowbar-core-branding-upstream-5.0+git.1558533551.8d8ed2058-3.23 is installed
  • OR crowbar-ha-5.0+git.1559282566.6b06ca3-3.17 is installed
  • OR crowbar-openstack-5.0+git.1559335140.62bb4c014-4.25 is installed
  • OR documentation-suse-openstack-cloud-deployment-8.20190521-1.17 is installed
  • OR documentation-suse-openstack-cloud-supplement-8.20190521-1.17 is installed
  • OR documentation-suse-openstack-cloud-upstream-admin-8.20190521-1.17 is installed
  • OR documentation-suse-openstack-cloud-upstream-user-8.20190521-1.17 is installed
  • OR openstack-aodh-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-api-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-doc-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-evaluator-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-expirer-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-listener-5.1.1~dev7-3.11 is installed
  • OR openstack-aodh-notifier-5.1.1~dev7-3.11 is installed
  • OR openstack-barbican-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-api-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-doc-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-keystone-listener-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-retry-5.0.2~dev3-3.14 is installed
  • OR openstack-barbican-worker-5.0.2~dev3-3.14 is installed
  • OR openstack-ceilometer-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-agent-central-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-agent-compute-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-agent-ipmi-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-agent-notification-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-api-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-collector-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-doc-9.0.8~dev7-3.12 is installed
  • OR openstack-ceilometer-polling-9.0.8~dev7-3.12 is installed
  • OR openstack-cinder-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-api-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-backup-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-doc-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-scheduler-11.2.3~dev5-3.15 is installed
  • OR openstack-cinder-volume-11.2.3~dev5-3.15 is installed
  • OR openstack-dashboard-12.0.4~dev6-3.20 is installed
  • OR openstack-dashboard-theme-SUSE-2017.2+git.1554906711.9dbe79b-7.11 is installed
  • OR openstack-designate-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-agent-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-api-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-central-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-doc-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-producer-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-sink-5.0.3~dev7-3.11 is installed
  • OR openstack-designate-worker-5.0.3~dev7-3.11 is installed
  • OR openstack-heat-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-api-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-api-cfn-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-api-cloudwatch-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-doc-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-engine-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-gbp-7.0.1~dev1-3.3 is installed
  • OR openstack-heat-plugin-heat_docker-9.0.8~dev3-3.18 is installed
  • OR openstack-heat-test-9.0.8~dev3-3.18 is installed
  • OR openstack-horizon-plugin-trove-ui-9.0.1~dev10-3.9 is installed
  • OR openstack-ironic-9.1.8~dev5-3.18 is installed
  • OR openstack-ironic-api-9.1.8~dev5-3.18 is installed
  • OR openstack-ironic-conductor-9.1.8~dev5-3.18 is installed
  • OR openstack-ironic-doc-9.1.8~dev5-3.18 is installed
  • OR openstack-keystone-12.0.4~dev2-5.19 is installed
  • OR openstack-keystone-doc-12.0.4~dev2-5.19 is installed
  • OR openstack-monasca-agent-2.2.5~dev2-3.9 is installed
  • OR openstack-monasca-api-2.2.1~dev26-3.12 is installed
  • OR openstack-monasca-log-api-2.3.1~dev12-3.6 is installed
  • OR openstack-neutron-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-dhcp-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-doc-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-fwaas-11.0.3~dev1-3.14 is installed
  • OR openstack-neutron-fwaas-doc-11.0.3~dev1-3.14 is installed
  • OR openstack-neutron-gbp-7.3.1~dev28-3.3 is installed
  • OR openstack-neutron-ha-tool-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-l3-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-lbaas-11.0.4~dev6-3.9 is installed
  • OR openstack-neutron-lbaas-agent-11.0.4~dev6-3.9 is installed
  • OR openstack-neutron-lbaas-doc-11.0.4~dev6-3.9 is installed
  • OR openstack-neutron-linuxbridge-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-macvtap-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-metadata-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-metering-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-openvswitch-agent-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-server-11.0.9~dev28-3.18 is installed
  • OR openstack-neutron-vpn-agent-11.0.1~dev5-3.12 is installed
  • OR openstack-neutron-vpnaas-11.0.1~dev5-3.12 is installed
  • OR openstack-neutron-vpnaas-doc-11.0.1~dev5-3.12 is installed
  • OR openstack-neutron-vyatta-agent-11.0.1~dev5-3.12 is installed
  • OR openstack-nova-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-api-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-cells-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-compute-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-conductor-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-console-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-consoleauth-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-doc-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-novncproxy-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-placement-api-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-scheduler-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-serialproxy-16.1.9~dev3-3.23 is installed
  • OR openstack-nova-vncproxy-16.1.9~dev3-3.23 is installed
  • OR openstack-trove-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-api-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-conductor-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-doc-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-guestagent-8.0.1~dev13-3.9 is installed
  • OR openstack-trove-taskmanager-8.0.1~dev13-3.9 is installed
  • OR python-Django-1.11.20-3.7 is installed
  • OR python-aodh-5.1.1~dev7-3.11 is installed
  • OR python-barbican-5.0.2~dev3-3.14 is installed
  • OR python-ceilometer-9.0.8~dev7-3.12 is installed
  • OR python-cinder-11.2.3~dev5-3.15 is installed
  • OR python-cliff-2.8.3-3.6 is installed
  • OR python-designate-5.0.3~dev7-3.11 is installed
  • OR python-freezerclient-1.5.1-3.3 is installed
  • OR python-freezerclient-doc-1.5.1-3.3 is installed
  • OR python-heat-9.0.8~dev3-3.18 is installed
  • OR python-heat-gbp-7.0.1~dev1-3.3 is installed
  • OR python-horizon-12.0.4~dev6-3.20 is installed
  • OR python-horizon-plugin-trove-ui-9.0.1~dev10-3.9 is installed
  • OR python-ironic-9.1.8~dev5-3.18 is installed
  • OR python-ironicclient-1.17.2-3.3 is installed
  • OR python-ironicclient-doc-1.17.2-3.3 is installed
  • OR python-keystone-12.0.4~dev2-5.19 is installed
  • OR python-magnumclient-2.7.1-3.3 is installed
  • OR python-magnumclient-doc-2.7.1-3.3 is installed
  • OR python-manilaclient-1.17.4-3.6 is installed
  • OR python-manilaclient-doc-1.17.4-3.6 is installed
  • OR python-monasca-agent-2.2.5~dev2-3.9 is installed
  • OR python-monasca-api-2.2.1~dev26-3.12 is installed
  • OR python-monasca-log-api-2.3.1~dev12-3.6 is installed
  • OR python-muranoclient-0.14.1-3.3 is installed
  • OR python-muranoclient-doc-0.14.1-3.3 is installed
  • OR python-neutron-11.0.9~dev28-3.18 is installed
  • OR python-neutron-fwaas-11.0.3~dev1-3.14 is installed
  • OR python-neutron-gbp-7.3.1~dev28-3.3 is installed
  • OR python-neutron-lbaas-11.0.4~dev6-3.9 is installed
  • OR python-neutron-vpnaas-11.0.1~dev5-3.12 is installed
  • OR python-nova-16.1.9~dev3-3.23 is installed
  • OR python-novaclient-9.1.3-3.6 is installed
  • OR python-novaclient-doc-9.1.3-3.6 is installed
  • OR python-openstackclient-3.12.2-3.3 is installed
  • OR python-os-brick-1.15.9-3.6 is installed
  • OR python-os-client-config-1.28.1-3.3 is installed
  • OR python-os-vif-1.7.2-3.3 is installed
  • OR python-os-win-2.2.1-3.3 is installed
  • OR python-oslo.cache-1.25.2-3.3 is installed
  • OR python-oslo.concurrency-3.21.2-3.3 is installed
  • OR python-oslo.config-4.11.2-3.3 is installed
  • OR python-oslo.config-doc-4.11.2-3.3 is installed
  • OR python-oslo.i18n-3.17.2-3.3 is installed
  • OR python-oslo.log-3.30.3-3.3 is installed
  • OR python-oslo.messaging-5.30.8-3.8 is installed
  • OR python-oslo.middleware-3.30.2-3.3 is installed
  • OR python-oslo.policy-1.25.4-3.6 is installed
  • OR python-oslo.privsep-1.22.2-3.3 is installed
  • OR python-oslo.reports-1.22.2-3.3 is installed
  • OR python-oslo.utils-3.28.4-3.6 is installed
  • OR python-oslo.versionedobjects-1.26.3-3.6 is installed
  • OR python-oslo.vmware-2.23.2-3.3 is installed
  • OR python-oslotest-2.17.2-3.3 is installed
  • OR python-python-subunit-1.2.0-4.3 is installed
  • OR python-saharaclient-1.3.1-3.3 is installed
  • OR python-saharaclient-doc-1.3.1-3.3 is installed
  • OR python-swiftclient-3.4.1-3.3 is installed
  • OR python-swiftclient-doc-3.4.1-3.3 is installed
  • OR python-trove-8.0.1~dev13-3.9 is installed
  • OR python-zaqarclient-1.7.1-3.3 is installed
  • OR supportutils-plugin-suse-openstack-cloud-8.0.1551262227.7a7deb6-3.3 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Twisted-15.2.1-9.5 is installed
    • BACK