Oval Definition:	oval:org.opensuse.security:def:59919
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 29 for SLE 12 SP2) (Important) Description: This update for the Linux Kernel 4.4.121-92_109 fixes several issues. The following security issues were fixed: - CVE-2019-11477: Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-11478: Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denial of service. (bsc#1137586) - CVE-2019-3846: A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network (bsc#1136424). This update contains a regression fix for CVE-2019-11477 and CVE-2019-11478 (bsc#1140747). Family: unix Class: patch Status: Reference(s): 1032647 1052009 1064069 1064070 1064071 1064072 1064073 1064075 1064077 1064078 1064079 1064080 1064081 1064082 1064083 1064084 1064085 1064086 1083247 1111331 1122706 1124729 1124734 1128378 1136446 1137597 1140747 1150003 1150011 1150250 1153108 1154980 1156321 1156331 1167976 1171252 1171254 1172405 1173986 1174420 1176756 CVE-2009-4029 CVE-2013-2001 CVE-2016-10165 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-10274 CVE-2017-10281 CVE-2017-10285 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2018-0486 CVE-2018-0489 CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2018-20856 CVE-2019-10220 CVE-2019-11091 CVE-2019-11477 CVE-2019-11478 CVE-2019-13272 CVE-2019-14822 CVE-2019-1547 CVE-2019-1563 CVE-2019-18277 CVE-2019-3813 CVE-2019-3846 CVE-2019-6974 CVE-2019-7221 CVE-2019-9213 CVE-2020-12653 CVE-2020-12654 CVE-2020-15673 CVE-2020-15676 CVE-2020-15677 CVE-2020-15678 CVE-2020-8022 SUSE-SU-2017:2989-1 SUSE-SU-2018:0720-1 SUSE-SU-2019:0241-1 SUSE-SU-2019:1954-1 SUSE-SU-2019:2413-1 SUSE-SU-2019:3288-1 SUSE-SU-2020:1791-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libidn11-1.34-lp150.1 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND ucode-intel-20190618-lp151.2.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_109-default-4-2 is installed OR kgraft-patch-SLE12-SP2_Update_29-4-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information libopenssl-devel-1.0.2j-60.55 is installed OR libopenssl1_0_0-1.0.2j-60.55 is installed OR libopenssl1_0_0-32bit-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-1.0.2j-60.55 is installed OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.55 is installed OR openssl-1.0.2j-60.55 is installed OR openssl-doc-1.0.2j-60.55 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information kernel-default-4.4.180-94.103 is installed OR kernel-default-base-4.4.180-94.103 is installed OR kernel-default-devel-4.4.180-94.103 is installed OR kernel-devel-4.4.180-94.103 is installed OR kernel-macros-4.4.180-94.103 is installed OR kernel-source-4.4.180-94.103 is installed OR kernel-syms-4.4.180-94.103 is installed OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libXcursor-1.1.14-4.6 is installed OR libXcursor1-1.1.14-4.6 is installed OR libXcursor1-32bit-1.1.14-4.6 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information glibc-2.22-15 is installed OR glibc-32bit-2.22-15 is installed OR glibc-devel-2.22-15 is installed OR glibc-devel-32bit-2.22-15 is installed OR glibc-html-2.22-15 is installed OR glibc-i18ndata-2.22-15 is installed OR glibc-info-2.22-15 is installed OR glibc-locale-2.22-15 is installed OR glibc-locale-32bit-2.22-15 is installed OR glibc-profile-2.22-15 is installed OR glibc-profile-32bit-2.22-15 is installed OR nscd-2.22-15 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND haproxy-1.6.11-11.3 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information MozillaFirefox-78.1.0-112.8 is installed OR MozillaFirefox-devel-78.1.0-112.8 is installed OR MozillaFirefox-translations-common-78.1.0-112.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND ucode-intel-20190618-13.47 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND nodejs6-6.17.0-11.27 is installed
BACK