Oval Definition:oval:org.opensuse.security:def:59919
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP2) (Important)
Description:

This update for the Linux Kernel 4.4.121-92_109 fixes several issues.

The following security issues were fixed:

- CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424).

This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747).
Family:unixClass:patch
Status:Reference(s):1032647
1052009
1064069
1064070
1064071
1064072
1064073
1064075
1064077
1064078
1064079
1064080
1064081
1064082
1064083
1064084
1064085
1064086
1083247
1111331
1122706
1124729
1124734
1128378
1136446
1137597
1140747
1150003
1150011
1150250
1153108
1154980
1156321
1156331
1167976
1171252
1171254
1172405
1173986
1174420
1176756
CVE-2009-4029
CVE-2013-2001
CVE-2016-10165
CVE-2016-9840
CVE-2016-9841
CVE-2016-9842
CVE-2016-9843
CVE-2017-10274
CVE-2017-10281
CVE-2017-10285
CVE-2017-10295
CVE-2017-10345
CVE-2017-10346
CVE-2017-10347
CVE-2017-10348
CVE-2017-10349
CVE-2017-10350
CVE-2017-10355
CVE-2017-10356
CVE-2017-10357
CVE-2017-10388
CVE-2018-0486
CVE-2018-0489
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-20856
CVE-2019-10220
CVE-2019-11091
CVE-2019-11477
CVE-2019-11478
CVE-2019-13272
CVE-2019-14822
CVE-2019-1547
CVE-2019-1563
CVE-2019-18277
CVE-2019-3813
CVE-2019-3846
CVE-2019-6974
CVE-2019-7221
CVE-2019-9213
CVE-2020-12653
CVE-2020-12654
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-8022
SUSE-SU-2017:2989-1
SUSE-SU-2018:0720-1
SUSE-SU-2019:0241-1
SUSE-SU-2019:1954-1
SUSE-SU-2019:2413-1
SUSE-SU-2019:3288-1
SUSE-SU-2020:1791-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libidn11-1.34-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND ucode-intel-20190618-lp151.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_109-default-4-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_29-4-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • automake-1.13.4-6 is installed
  • OR m4-1.4.16-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed
  • OR openssl-1.0.2j-60.55 is installed
  • OR openssl-doc-1.0.2j-60.55 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.103 is installed
  • OR kernel-default-base-4.4.180-94.103 is installed
  • OR kernel-default-devel-4.4.180-94.103 is installed
  • OR kernel-devel-4.4.180-94.103 is installed
  • OR kernel-macros-4.4.180-94.103 is installed
  • OR kernel-source-4.4.180-94.103 is installed
  • OR kernel-syms-4.4.180-94.103 is installed
  • OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND ucode-intel-20190618-13.47 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libXcursor-1.1.14-4.6 is installed
  • OR libXcursor1-1.1.14-4.6 is installed
  • OR libXcursor1-32bit-1.1.14-4.6 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • glibc-2.22-15 is installed
  • OR glibc-32bit-2.22-15 is installed
  • OR glibc-devel-2.22-15 is installed
  • OR glibc-devel-32bit-2.22-15 is installed
  • OR glibc-html-2.22-15 is installed
  • OR glibc-i18ndata-2.22-15 is installed
  • OR glibc-info-2.22-15 is installed
  • OR glibc-locale-2.22-15 is installed
  • OR glibc-locale-32bit-2.22-15 is installed
  • OR glibc-profile-2.22-15 is installed
  • OR glibc-profile-32bit-2.22-15 is installed
  • OR nscd-2.22-15 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND haproxy-1.6.11-11.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • MozillaFirefox-78.1.0-112.8 is installed
  • OR MozillaFirefox-devel-78.1.0-112.8 is installed
  • OR MozillaFirefox-translations-common-78.1.0-112.8 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ucode-intel-20190618-13.47 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND nodejs6-6.17.0-11.27 is installed
  • BACK