Oval Definition:oval:org.opensuse.security:def:65946
Revision Date:2020-12-01Version:1
Title:Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP1) (Important)
Description:

This update for the Linux Kernel 4.12.14-197_56 fixes several issues.

The following security issues were fixed:

- CVE-2020-14381: Fixed a use-after-free in the fast user mutex (futex) wait operation, which could have lead to memory corruption and possibly privilege escalation (bsc#1176011). - CVE-2020-25212: A TOCTOU mismatch in the NFS client code could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c (bsc#1176381).
Family:unixClass:patch
Status:Reference(s):1111622
1176012
1176382
CVE-2018-18074
CVE-2020-14381
CVE-2020-25212
SUSE-SU-2019:1487-1
SUSE-SU-2020:3188-1
Platform(s):SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Python2 packages 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_56-default-2-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_15-2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • python-requests-2.20.1-6.3 is installed
  • OR python2-requests-2.20.1-6.3 is installed
    • BACK