Oval Definition:oval:org.opensuse.security:def:60169
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 37 for SLE 12 SP2) (Important)
Description:

This update for the Linux Kernel 4.4.121-92_141 fixes several issues.

The following security issues were fixed:

- CVE-2020-0429: In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation. (bsc#1176724) - CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-0431: In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. (bsc#1176722) - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381). - CVE-2020-11668: Fixed an out of bounds write to the heap in drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) caused by mishandling invalid descriptors (bsc#1168952). - CVE-2020-1749: A flaw was found in the implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link, rather sending the data unencrypted. This would have allowed anyone in between the two endpoints to read the traffic unencrypted. (bsc#1165629)
Family:unixClass:patch
Status:Reference(s):1049086
1068664
1082877
1099310
1104301
1145092
1157763
1159208
1159623
1162610
1165631
1167976
1173942
1173986
1174420
1176012
1176382
1176756
1176896
1176931
1178682
CVE-2009-0316
CVE-2010-4530
CVE-2012-0876
CVE-2013-1667
CVE-2015-0247
CVE-2015-1572
CVE-2016-0718
CVE-2016-1248
CVE-2016-4472
CVE-2016-6252
CVE-2016-6354
CVE-2016-9063
CVE-2017-1000158
CVE-2017-10978
CVE-2017-10983
CVE-2017-10984
CVE-2017-10985
CVE-2017-10986
CVE-2017-10987
CVE-2017-10988
CVE-2017-18201
CVE-2017-5953
CVE-2017-6349
CVE-2017-6350
CVE-2017-8422
CVE-2017-9233
CVE-2018-5383
CVE-2019-10208
CVE-2019-15961
CVE-2020-0429
CVE-2020-0431
CVE-2020-11668
CVE-2020-14381
CVE-2020-15673
CVE-2020-15676
CVE-2020-15677
CVE-2020-15678
CVE-2020-1749
CVE-2020-25212
CVE-2020-25708
CVE-2020-8597
SUSE-SU-2017:2202-1
SUSE-SU-2018:0673-1
SUSE-SU-2018:1997-1
SUSE-SU-2019:0466-1
SUSE-SU-2019:2159-1
SUSE-SU-2019:3177-1
SUSE-SU-2020:0490-1
SUSE-SU-2020:0497-1
SUSE-SU-2020:2759-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • dovecot23-2.3.3-lp150.8 is installed
  • OR dovecot23-backend-mysql-2.3.3-lp150.8 is installed
  • OR dovecot23-backend-pgsql-2.3.3-lp150.8 is installed
  • OR dovecot23-backend-sqlite-2.3.3-lp150.8 is installed
  • OR dovecot23-devel-2.3.3-lp150.8 is installed
  • OR dovecot23-fts-2.3.3-lp150.8 is installed
  • OR dovecot23-fts-lucene-2.3.3-lp150.8 is installed
  • OR dovecot23-fts-solr-2.3.3-lp150.8 is installed
  • OR dovecot23-fts-squat-2.3.3-lp150.8 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • dbus-1-1.12.2-lp151.4.3 is installed
  • OR dbus-1-devel-1.12.2-lp151.4.3 is installed
  • OR dbus-1-devel-32bit-1.12.2-lp151.4.3 is installed
  • OR dbus-1-devel-doc-1.12.2-lp151.4.3 is installed
  • OR dbus-1-x11-1.12.2-lp151.4.3 is installed
  • OR libdbus-1-3-1.12.2-lp151.4.3 is installed
  • OR libdbus-1-3-32bit-1.12.2-lp151.4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_121-92_141-default-2-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_37-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND apache2-mod_perl-2.0.8-11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.242-27.41 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.242-27.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.222-27.35 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.222-27.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • MozillaFirefox-78.3.0-112.22 is installed
  • OR MozillaFirefox-devel-78.3.0-112.22 is installed
  • OR MozillaFirefox-translations-common-78.3.0-112.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libprocps3-3.3.9-11.14 is installed
  • OR procps-3.3.9-11.14 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND apache2-mod_jk-1.2.40-5 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • postgresql96-9.6.15-3.29 is installed
  • OR postgresql96-contrib-9.6.15-3.29 is installed
  • OR postgresql96-docs-9.6.15-3.29 is installed
  • OR postgresql96-libs-9.6.15-3.29 is installed
  • OR postgresql96-plperl-9.6.15-3.29 is installed
  • OR postgresql96-plpython-9.6.15-3.29 is installed
  • OR postgresql96-pltcl-9.6.15-3.29 is installed
  • OR postgresql96-server-9.6.15-3.29 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND Package Information
  • mariadb-10.2.29-3.22 is installed
  • OR mariadb-galera-10.2.29-3.22 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND clamav-0.100.3-33.29 is installed
    • BACK