Oval Definition:	oval:org.opensuse.security:def:59994
Revision Date: 2020-12-01 Version: 1 Title: Security update for the Linux Kernel (Live Patch 27 for SLE 12 SP2) (Important) Description: This update for the Linux Kernel 4.4.121-92_101 fixes several issues. The following security issues were fixed: - CVE-2018-20856: Fixed a use-after-free in __blk_drain_queue() due to an improper error handling (bsc#1156331). - CVE-2019-13272: Fixed a privilege escalation from user to root due to improper handling of credentials by leveraging certain scenarios with a parent-child process relationship (bsc#1156321). - CVE-2019-10220: Fixed an issue where samba servers could inject relative paths in directory entry lists (bsc#1153108). Family: unix Class: patch Status: Reference(s): 1071767 1071777 1099590 1100167 1104662 1112142 1112143 1112144 1112146 1112147 1112148 1112152 1112153 1120813 1123755 1124223 1127153 1127458 1127820 1127821 1127822 1131060 1137832 1138954 1144327 1144379 1144524 1146848 1150584 1152711 1153108 1153471 1155789 1155952 1156317 1156321 1156331 1157770 1157860 1160968 1163019 1166847 1168630 1171252 1171254 1173580 1174543 CVE-2004-0801 CVE-2010-4267 CVE-2011-2697 CVE-2011-2722 CVE-2013-4325 CVE-2013-6402 CVE-2013-6427 CVE-2015-0839 CVE-2016-2399 CVE-2017-17456 CVE-2017-17457 CVE-2017-6967 CVE-2018-12178 CVE-2018-12180 CVE-2018-13139 CVE-2018-13785 CVE-2018-16435 CVE-2018-20856 CVE-2018-20856 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3183 CVE-2018-3214 CVE-2018-3630 CVE-2019-10220 CVE-2019-10220 CVE-2019-12749 CVE-2019-13272 CVE-2019-13272 CVE-2019-13456 CVE-2019-15239 CVE-2019-17185 CVE-2019-3840 CVE-2019-3880 CVE-2020-12653 CVE-2020-12654 CVE-2020-2583 CVE-2020-2590 CVE-2020-2593 CVE-2020-2601 CVE-2020-2604 CVE-2020-2654 CVE-2020-2659 CVE-2020-4044 CVE-2020-6819 CVE-2020-6820 CVE-2020-8608 SUSE-SU-2018:2065-1 SUSE-SU-2019:0057-1 SUSE-SU-2019:0579-1 SUSE-SU-2019:1037-1 SUSE-SU-2019:2820-2 SUSE-SU-2019:3228-1 SUSE-SU-2020:1018-1 SUSE-SU-2020:2171-1 Platform(s): openSUSE Leap 15.0 openSUSE Leap 15.1 SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND libtiff5-4.0.9-lp150.3 is installed Definition Synopsis openSUSE Leap 15.1 is installed AND Package Information evolution-3.26.6-lp151.4.3 is installed OR evolution-devel-3.26.6-lp151.4.3 is installed OR evolution-lang-3.26.6-lp151.4.3 is installed OR evolution-plugin-bogofilter-3.26.6-lp151.4.3 is installed OR evolution-plugin-pst-import-3.26.6-lp151.4.3 is installed OR evolution-plugin-spamassassin-3.26.6-lp151.4.3 is installed OR glade-catalog-evolution-3.26.6-lp151.4.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_101-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_27-7-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information hplip-3.16.11-1 is installed OR hplip-hpijs-3.16.11-1 is installed OR hplip-sane-3.16.11-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information java-1_8_0-ibm-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-alsa-1.8.0_sr5.40-30.54 is installed OR java-1_8_0-ibm-plugin-1.8.0_sr5.40-30.54 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information ghostscript-9.52-23.34 is installed OR ghostscript-x11-9.52-23.34 is installed OR libspectre-0.2.7-12.10 is installed OR libspectre1-0.2.7-12.10 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information kgraft-patch-4_4_180-94_97-default-6-2 is installed OR kgraft-patch-SLE12-SP3_Update_26-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libldap-2_4-2-2.4.41-18.43 is installed OR libldap-2_4-2-32bit-2.4.41-18.43 is installed OR openldap2-2.4.41-18.43 is installed OR openldap2-back-meta-2.4.41-18.43 is installed OR openldap2-client-2.4.41-18.43 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND axis-1.4-290.3 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information xen-4.9.4_10-3.71 is installed OR xen-doc-html-4.9.4_10-3.71 is installed OR xen-libs-4.9.4_10-3.71 is installed OR xen-libs-32bit-4.9.4_10-3.71 is installed OR xen-tools-4.9.4_10-3.71 is installed OR xen-tools-domU-4.9.4_10-3.71 is installed Definition Synopsis SUSE OpenStack Cloud 9 is installed AND Package Information grub2-2.02-12.39 is installed OR grub2-i386-pc-2.02-12.39 is installed OR grub2-snapper-plugin-2.02-12.39 is installed OR grub2-systemd-sleep-plugin-2.02-12.39 is installed OR grub2-x86_64-efi-2.02-12.39 is installed OR grub2-x86_64-xen-2.02-12.39 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information freeradius-server-3.0.15-2.14 is installed OR freeradius-server-doc-3.0.15-2.14 is installed OR freeradius-server-krb5-3.0.15-2.14 is installed OR freeradius-server-ldap-3.0.15-2.14 is installed OR freeradius-server-libs-3.0.15-2.14 is installed OR freeradius-server-mysql-3.0.15-2.14 is installed OR freeradius-server-perl-3.0.15-2.14 is installed OR freeradius-server-postgresql-3.0.15-2.14 is installed OR freeradius-server-python-3.0.15-2.14 is installed OR freeradius-server-sqlite-3.0.15-2.14 is installed OR freeradius-server-utils-3.0.15-2.14 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information apache2-2.4.23-29.63 is installed OR apache2-doc-2.4.23-29.63 is installed OR apache2-example-pages-2.4.23-29.63 is installed OR apache2-prefork-2.4.23-29.63 is installed OR apache2-utils-2.4.23-29.63 is installed OR apache2-worker-2.4.23-29.63 is installed
BACK