OVAL Reference oval:org.opensuse.security:def:60028

Oval Definition:

oval:org.opensuse.security:def:60028

Revision Date:	2020-12-01	Version:	1
Title:	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP2) (Important)
Description:	This update for the Linux Kernel 4.4.121-92_85 fixes several issues. The following security issues were fixed: - CVE-2019-9213: Expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bsc#1128378). - CVE-2019-7221: Fixed a user-after-free vulnerability in the KVM hypervisor related to the emulation of a preemption timer, allowing an guest user/process to crash the host kernel. (bsc#1124734). - CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled reference counting because of a race condition, leading to a use-after-free (bsc#1124729).
Family:	unix	Class:	patch
Status:		Reference(s):	1101295 1104448 1108631 1108632 1109160 1118367 1118368 1118900 1124729 1124734 1125721 1126455 1128378 1129231 1129622 1130675 1131955 1135170 1157471 1165631 1168630 1171550 1171740 1171924 1173659 1173942 1174247 1177914 CVE-2010-0624 CVE-2013-1987 CVE-2013-6393 CVE-2014-2525 CVE-2014-9112 CVE-2014-9130 CVE-2016-2037 CVE-2016-7949 CVE-2016-7950 CVE-2018-10873 CVE-2018-10893 CVE-2018-17097 CVE-2018-17098 CVE-2018-20815 CVE-2018-5741 CVE-2019-16746 CVE-2019-19191 CVE-2019-3812 CVE-2019-5436 CVE-2019-6974 CVE-2019-7221 CVE-2019-8934 CVE-2019-9213 CVE-2019-9824 CVE-2020-11668 CVE-2020-14331 CVE-2020-15999 CVE-2020-1749 CVE-2020-2752 CVE-2020-2812 CVE-2020-6819 CVE-2020-6820 CVE-2020-8616 CVE-2020-8617 SUSE-SU-2018:2594-1 SUSE-SU-2019:0096-1 SUSE-SU-2019:0736-1 SUSE-SU-2019:1363-1 SUSE-SU-2020:0928-1 SUSE-SU-2020:1625-1 SUSE-SU-2020:2998-1
Platform(s):	openSUSE Leap 15.0 openSUSE Leap 15.1 openSUSE Leap 15.1 NonFree SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9	Product(s):
Definition Synopsis
openSUSE Leap 15.0 is installed AND openvpn-2.4.3-lp150.2 is installed
Definition Synopsis
openSUSE Leap 15.1 is installed AND Package Information MozillaThunderbird-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-buildsymbols-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-common-60.7.2-lp151.2.7 is installed OR MozillaThunderbird-translations-other-60.7.2-lp151.2.7 is installed
Definition Synopsis
openSUSE Leap 15.1 NonFree is installed AND opera-65.0.3467.62-lp151.2.9 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_85-default-7-2 is installed OR kgraft-patch-SLE12-SP2_Update_23-7-2 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information cpio-2.11-35 is installed OR cpio-lang-2.11-35 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information kernel-default-4.4.180-94.113 is installed OR kernel-default-base-4.4.180-94.113 is installed OR kernel-default-devel-4.4.180-94.113 is installed OR kernel-devel-4.4.180-94.113 is installed OR kernel-macros-4.4.180-94.113 is installed OR kernel-source-4.4.180-94.113 is installed OR kernel-syms-4.4.180-94.113 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND Package Information curl-7.37.0-37.47 is installed OR libcurl4-7.37.0-37.47 is installed OR libcurl4-32bit-7.37.0-37.47 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND squid-3.5.21-26.23 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information ceph-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR ceph-common-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR libcephfs2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librados2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR libradosstriper1-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librbd1-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR librgw2-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-cephfs-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rados-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rbd-12.2.7+git.1531910353.c0ef85b854-2.12 is installed OR python-rgw-12.2.7+git.1531910353.c0ef85b854-2.12 is installed
Definition Synopsis
SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed
Definition Synopsis
SUSE OpenStack Cloud 8 is installed AND Package Information freetype2-2.6.3-7.18 is installed OR ft2demos-2.6.3-7.18 is installed OR libfreetype6-2.6.3-7.18 is installed OR libfreetype6-32bit-2.6.3-7.18 is installed
Definition Synopsis
SUSE OpenStack Cloud 9 is installed AND python-Werkzeug-0.14.1-3.3 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information libmysqlclient18-10.0.40.4-29.41 is installed OR mariadb-10.0.40.4-29.41 is installed
Definition Synopsis
SUSE OpenStack Cloud Crowbar 9 is installed AND Package Information crowbar-core-6.0+git.1587558898.313bb9fd3-3.22 is installed OR crowbar-core-branding-upstream-6.0+git.1587558898.313bb9fd3-3.22 is installed OR crowbar-ha-6.0+git.1586256059.e6f67e1-3.16 is installed OR crowbar-openstack-6.0+git.1587753188.da39e44a7-3.22 is installed OR memcached-1.5.17-3.3 is installed OR openstack-ceilometer-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-agent-central-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-agent-compute-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-agent-ipmi-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-agent-notification-11.1.1~dev5-3.13 is installed OR openstack-ceilometer-polling-11.1.1~dev5-3.13 is installed OR openstack-cinder-13.0.10~dev9-3.19 is installed OR openstack-cinder-api-13.0.10~dev9-3.19 is installed OR openstack-cinder-backup-13.0.10~dev9-3.19 is installed OR openstack-cinder-scheduler-13.0.10~dev9-3.19 is installed OR openstack-cinder-volume-13.0.10~dev9-3.19 is installed OR openstack-designate-7.0.1~dev25-3.16 is installed OR openstack-designate-agent-7.0.1~dev25-3.16 is installed OR openstack-designate-api-7.0.1~dev25-3.16 is installed OR openstack-designate-central-7.0.1~dev25-3.16 is installed OR openstack-designate-producer-7.0.1~dev25-3.16 is installed OR openstack-designate-sink-7.0.1~dev25-3.16 is installed OR openstack-designate-worker-7.0.1~dev25-3.16 is installed OR openstack-heat-11.0.3~dev35-3.16 is installed OR openstack-heat-api-11.0.3~dev35-3.16 is installed OR openstack-heat-api-cfn-11.0.3~dev35-3.16 is installed OR openstack-heat-engine-11.0.3~dev35-3.16 is installed OR openstack-heat-plugin-heat_docker-11.0.3~dev35-3.16 is installed OR openstack-ironic-11.1.5~dev3-3.16 is installed OR openstack-ironic-api-11.1.5~dev3-3.16 is installed OR openstack-ironic-conductor-11.1.5~dev3-3.16 is installed OR openstack-ironic-image-9.0.0-3.6 is installed OR openstack-ironic-image-x86_64-9.0.0-3.6 is installed OR openstack-manila-7.4.2~dev4-4.21 is installed OR openstack-manila-api-7.4.2~dev4-4.21 is installed OR openstack-manila-data-7.4.2~dev4-4.21 is installed OR openstack-manila-scheduler-7.4.2~dev4-4.21 is installed OR openstack-manila-share-7.4.2~dev4-4.21 is installed OR openstack-neutron-13.0.8~dev28-3.22 is installed OR openstack-neutron-dhcp-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-ha-tool-13.0.8~dev28-3.22 is installed OR openstack-neutron-l3-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-linuxbridge-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-macvtap-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-metadata-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-metering-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-openvswitch-agent-13.0.8~dev28-3.22 is installed OR openstack-neutron-server-13.0.8~dev28-3.22 is installed OR openstack-nova-18.3.1~dev17-3.22 is installed OR openstack-nova-api-18.3.1~dev17-3.22 is installed OR openstack-nova-cells-18.3.1~dev17-3.22 is installed OR openstack-nova-compute-18.3.1~dev17-3.22 is installed OR openstack-nova-conductor-18.3.1~dev17-3.22 is installed OR openstack-nova-console-18.3.1~dev17-3.22 is installed OR openstack-nova-novncproxy-18.3.1~dev17-3.22 is installed OR openstack-nova-placement-api-18.3.1~dev17-3.22 is installed OR openstack-nova-scheduler-18.3.1~dev17-3.22 is installed OR openstack-nova-serialproxy-18.3.1~dev17-3.22 is installed OR openstack-nova-vncproxy-18.3.1~dev17-3.22 is installed OR openstack-octavia-3.2.3~dev2-3.22 is installed OR openstack-octavia-amphora-agent-3.2.3~dev2-3.22 is installed OR openstack-octavia-amphora-image-0.1.3-7.9 is installed OR openstack-octavia-amphora-image-x86_64-0.1.3-7.9 is installed OR openstack-octavia-api-3.2.3~dev2-3.22 is installed OR openstack-octavia-health-manager-3.2.3~dev2-3.22 is installed OR openstack-octavia-housekeeping-3.2.3~dev2-3.22 is installed OR openstack-octavia-worker-3.2.3~dev2-3.22 is installed OR python-ceilometer-11.1.1~dev5-3.13 is installed OR python-cinder-13.0.10~dev9-3.19 is installed OR python-cinderclient-4.0.3-3.6 is installed OR python-cinderclient-doc-4.0.3-3.6 is installed OR python-designate-7.0.1~dev25-3.16 is installed OR python-glanceclient-2.13.2-3.3 is installed OR python-glanceclient-doc-2.13.2-3.3 is installed OR python-heat-11.0.3~dev35-3.16 is installed OR python-ironic-11.1.5~dev3-3.16 is installed OR python-ironic-lib-2.14.3-3.6 is installed OR python-ironicclient-2.5.4-4.10 is installed OR python-ironicclient-doc-2.5.4-4.10 is installed OR python-keystonemiddleware-5.2.2-17 is installed OR python-manila-7.4.2~dev4-4.21 is installed OR python-manila-tempest-plugin-0.1.0-3.6 is installed OR python-neutron-13.0.8~dev28-3.22 is installed OR python-nova-18.3.1~dev17-3.22 is installed OR python-novaclient-11.0.1-3.3 is installed OR python-novaclient-doc-11.0.1-3.3 is installed OR python-octavia-3.2.3~dev2-3.22 is installed OR python-octaviaclient-1.6.2-3.6 is installed OR python-openstackclient-3.16.3-11 is installed OR python-os-brick-2.5.10-3.9 is installed OR python-os-brick-common-2.5.10-3.9 is installed OR python-oslo.config-6.4.2-3.3 is installed OR python-oslo.config-doc-6.4.2-3.3 is installed OR python-oslo.rootwrap-5.14.2-3.3 is installed OR python-oslo.utils-3.36.5-3.3 is installed OR python-swiftclient-3.6.1-3.3 is installed OR python-swiftclient-doc-3.6.1-3.3 is installed OR python-watcherclient-2.1.1-3.3 is installed OR release-notes-suse-openstack-cloud-9.20200319-3.18 is installed OR ruby2.1-rubygem-crowbar-client-3.9.2-3.6 is installed OR ruby2.1-rubygem-puma-2.16.0-4.6 is installed OR rubygem-crowbar-client-3.9.2-3.6 is installed OR rubygem-puma-2.16.0-4.6 is installed OR zookeeper-3.4.13-3.3 is installed OR zookeeper-server-3.4.13-3.3 is installed

BACK