Oval Definition:	oval:org.opensuse.security:def:6665
Revision Date: 2021-04-28 Version: 1 Title: Security update for the Linux Kernel (Live Patch 21 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-150_63 fixes several issues. The following security issues were fixed: - CVE-2021-3444: Fixed an issue with the bpf verifier which did not properly handle mod32 destination register truncation when the source register was known to be 0 leading to out of bounds read (bsc#1184171). - CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc##1182294, bsc#1183646). - CVE-2021-26930: Fixed an improper error handling in blkback's grant mapping (XSA-365 bsc#1182294). - CVE-2021-26931: Fixed an issue where Linux kernel was treating grant mapping errors as bugs (XSA-362 bsc#1183022). Family: unix Class: patch Status: Reference(s): 1182294 1184171 CVE-2009-4029 CVE-2010-0405 CVE-2010-1172 CVE-2011-2721 CVE-2011-3627 CVE-2012-1457 CVE-2012-1458 CVE-2012-1459 CVE-2012-6706 CVE-2013-0292 CVE-2013-1985 CVE-2013-2186 CVE-2013-6497 CVE-2014-0050 CVE-2014-3467 CVE-2014-3468 CVE-2014-3469 CVE-2014-6272 CVE-2014-7204 CVE-2014-7300 CVE-2014-8104 CVE-2014-9050 CVE-2014-9328 CVE-2015-1191 CVE-2015-1461 CVE-2015-1462 CVE-2015-1463 CVE-2015-2170 CVE-2015-2221 CVE-2015-2222 CVE-2015-2305 CVE-2015-2668 CVE-2015-2806 CVE-2015-3223 CVE-2015-3622 CVE-2015-5330 CVE-2015-8803 CVE-2015-8804 CVE-2015-8805 CVE-2016-0772 CVE-2016-1000031 CVE-2016-1544 CVE-2016-4008 CVE-2016-5636 CVE-2016-5699 CVE-2016-6329 CVE-2016-6489 CVE-2017-1000158 CVE-2017-11423 CVE-2017-12166 CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380 CVE-2017-18207 CVE-2017-6418 CVE-2017-6419 CVE-2017-6420 CVE-2017-6891 CVE-2017-7478 CVE-2017-7479 CVE-2017-7508 CVE-2017-7520 CVE-2017-7521 CVE-2018-0202 CVE-2018-0360 CVE-2018-0361 CVE-2018-1000030 CVE-2018-1000085 CVE-2018-1000654 CVE-2018-1000802 CVE-2018-1140 CVE-2018-14680 CVE-2018-14681 CVE-2018-14682 CVE-2018-15378 CVE-2018-6003 CVE-2019-1787 CVE-2019-1788 CVE-2019-1789 CVE-2019-3824 CVE-2021-26930 CVE-2021-26931 CVE-2021-28688 CVE-2021-3444 Platform(s): openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree openSUSE Leap 42.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise for SAP 11 SP3 SUSE Linux Enterprise for SAP 11 SP4 SUSE Linux Enterprise High Availability Extension 11 SP4 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Point of Sale 12 SP2 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Real Time Extension 11 SP3 SUSE Linux Enterprise Real Time Extension 11 SP4 SUSE Linux Enterprise Real Time Extension 12 SP2 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-17.0.9esr-0.3.1 is installed OR MozillaFirefox-translations-17.0.9esr-0.3.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information glibc-2.11.3-17.87.3 is installed OR glibc-32bit-2.11.3-17.87.3 is installed OR glibc-devel-2.11.3-17.87.3 is installed OR glibc-devel-32bit-2.11.3-17.87.3 is installed OR glibc-i18ndata-2.11.3-17.87.3 is installed OR glibc-locale-2.11.3-17.87.3 is installed OR glibc-locale-32bit-2.11.3-17.87.3 is installed OR nscd-2.11.3-17.87.3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND Package Information xen-4.4.4_02-22.19 is installed OR xen-kmp-default-4.4.4_02_k3.12.55_52.42-22.19 is installed OR xen-libs-4.4.4_02-22.19 is installed OR xen-libs-32bit-4.4.4_02-22.19 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information gpg2-2.0.24-3 is installed OR gpg2-lang-2.0.24-3 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information java-1_8_0-openjdk-1.8.0.111-17 is installed OR java-1_8_0-openjdk-headless-1.8.0.111-17 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libXinerama1-1.1.3-3 is installed OR libXinerama1-32bit-1.1.3-3 is installed Definition Synopsis SUSE Linux Enterprise for SAP 11 SP3 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.36.1 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.36.1 is installed Definition Synopsis SUSE Linux Enterprise for SAP 11 SP4 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.36.1 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.36.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability Extension 11 SP4 is installed AND conntrack-tools-1.0.0-0.9.1 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND Package Information automake-1.13.4-6 is installed OR m4-1.4.16-15 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND kernel-livepatch-4_12_14-150_63-default-6-2.2 is installed Definition Synopsis SUSE Linux Enterprise Module for Public Cloud 12 is installed AND Package Information kernel-ec2-3.12.61-52.146 is installed OR kernel-ec2-devel-3.12.61-52.146 is installed OR kernel-ec2-extra-3.12.61-52.146 is installed Definition Synopsis SUSE Linux Enterprise Module for Toolchain 12 is installed AND Package Information cpp5-5.3.1+r233831-9 is installed OR gcc5-5.3.1+r233831-9 is installed OR gcc5-32bit-5.3.1+r233831-9 is installed OR gcc5-ada-5.3.1+r233831-9 is installed OR gcc5-ada-32bit-5.3.1+r233831-9 is installed OR gcc5-c++-5.3.1+r233831-9 is installed OR gcc5-c++-32bit-5.3.1+r233831-9 is installed OR gcc5-fortran-5.3.1+r233831-9 is installed OR gcc5-fortran-32bit-5.3.1+r233831-9 is installed OR gcc5-info-5.3.1+r233831-9 is installed OR gcc5-locale-5.3.1+r233831-9 is installed OR libada5-5.3.1+r233831-9 is installed OR libada5-32bit-5.3.1+r233831-9 is installed OR libffi-devel-gcc5-5.3.1+r233831-9 is installed OR libffi-devel-gcc5-32bit-5.3.1+r233831-9 is installed OR libffi-gcc5-5.3.1+r233831-9 is installed OR libstdc++6-devel-gcc5-5.3.1+r233831-9 is installed OR libstdc++6-devel-gcc5-32bit-5.3.1+r233831-9 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information apache2-mod_php5-5.5.14-30 is installed OR php5-5.5.14-30 is installed OR php5-bcmath-5.5.14-30 is installed OR php5-bz2-5.5.14-30 is installed OR php5-calendar-5.5.14-30 is installed OR php5-ctype-5.5.14-30 is installed OR php5-curl-5.5.14-30 is installed OR php5-dba-5.5.14-30 is installed OR php5-dom-5.5.14-30 is installed OR php5-enchant-5.5.14-30 is installed OR php5-exif-5.5.14-30 is installed OR php5-fastcgi-5.5.14-30 is installed OR php5-fileinfo-5.5.14-30 is installed OR php5-fpm-5.5.14-30 is installed OR php5-ftp-5.5.14-30 is installed OR php5-gd-5.5.14-30 is installed OR php5-gettext-5.5.14-30 is installed OR php5-gmp-5.5.14-30 is installed OR php5-iconv-5.5.14-30 is installed OR php5-intl-5.5.14-30 is installed OR php5-json-5.5.14-30 is installed OR php5-ldap-5.5.14-30 is installed OR php5-mbstring-5.5.14-30 is installed OR php5-mcrypt-5.5.14-30 is installed OR php5-mysql-5.5.14-30 is installed OR php5-odbc-5.5.14-30 is installed OR php5-openssl-5.5.14-30 is installed OR php5-pcntl-5.5.14-30 is installed OR php5-pdo-5.5.14-30 is installed OR php5-pear-5.5.14-30 is installed OR php5-pgsql-5.5.14-30 is installed OR php5-pspell-5.5.14-30 is installed OR php5-shmop-5.5.14-30 is installed OR php5-snmp-5.5.14-30 is installed OR php5-soap-5.5.14-30 is installed OR php5-sockets-5.5.14-30 is installed OR php5-sqlite-5.5.14-30 is installed OR php5-suhosin-5.5.14-30 is installed OR php5-sysvmsg-5.5.14-30 is installed OR php5-sysvsem-5.5.14-30 is installed OR php5-sysvshm-5.5.14-30 is installed OR php5-tokenizer-5.5.14-30 is installed OR php5-wddx-5.5.14-30 is installed OR php5-xmlreader-5.5.14-30 is installed OR php5-xmlrpc-5.5.14-30 is installed OR php5-xmlwriter-5.5.14-30 is installed OR php5-xsl-5.5.14-30 is installed OR php5-zip-5.5.14-30 is installed OR php5-zlib-5.5.14-30 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND Package Information MozillaFirefox-45.6.0esr-62.1 is installed OR MozillaFirefox-translations-45.6.0esr-62.1 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2 is installed AND Package Information salt-2016.11.4-45 is installed OR salt-minion-2016.11.4-45 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information java-1_7_0-openjdk-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 11 SP3 is installed AND Package Information cluster-network-kmp-rt-1.4_3.0.101_rt130_0.28-2.27.99 is installed OR cluster-network-kmp-rt_trace-1.4_3.0.101_rt130_0.28-2.27.99 is installed OR drbd-kmp-rt-8.4.4_3.0.101_rt130_0.28-0.22.65 is installed OR drbd-kmp-rt_trace-8.4.4_3.0.101_rt130_0.28-0.22.65 is installed OR iscsitarget-kmp-rt-1.4.20_3.0.101_rt130_0.28-0.38.84 is installed OR iscsitarget-kmp-rt_trace-1.4.20_3.0.101_rt130_0.28-0.38.84 is installed OR kernel-rt-3.0.101.rt130-0.28.1 is installed OR kernel-rt-base-3.0.101.rt130-0.28.1 is installed OR kernel-rt-devel-3.0.101.rt130-0.28.1 is installed OR kernel-rt_trace-3.0.101.rt130-0.28.1 is installed OR kernel-rt_trace-base-3.0.101.rt130-0.28.1 is installed OR kernel-rt_trace-devel-3.0.101.rt130-0.28.1 is installed OR kernel-source-rt-3.0.101.rt130-0.28.1 is installed OR kernel-syms-rt-3.0.101.rt130-0.28.1 is installed OR lttng-modules-kmp-rt-2.1.1_3.0.101_rt130_0.28-0.11.75 is installed OR lttng-modules-kmp-rt_trace-2.1.1_3.0.101_rt130_0.28-0.11.75 is installed OR ocfs2-kmp-rt-1.6_3.0.101_rt130_0.28-0.20.99 is installed OR ocfs2-kmp-rt_trace-1.6_3.0.101_rt130_0.28-0.20.99 is installed OR ofed-kmp-rt-1.5.4.1_3.0.101_rt130_0.28-0.13.90 is installed OR ofed-kmp-rt_trace-1.5.4.1_3.0.101_rt130_0.28-0.13.90 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 11 SP4 is installed AND Package Information kernel-rt-3.0.101.rt130-65.1 is installed OR kernel-rt-base-3.0.101.rt130-65.1 is installed OR kernel-rt-devel-3.0.101.rt130-65.1 is installed OR kernel-rt_trace-3.0.101.rt130-65.1 is installed OR kernel-rt_trace-base-3.0.101.rt130-65.1 is installed OR kernel-rt_trace-devel-3.0.101.rt130-65.1 is installed OR kernel-source-rt-3.0.101.rt130-65.1 is installed OR kernel-syms-rt-3.0.101.rt130-65.1 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 12 SP2 is installed AND Package Information cluster-md-kmp-rt-4.4.74-7.10 is installed OR cluster-network-kmp-rt-4.4.74-7.10 is installed OR dlm-kmp-rt-4.4.74-7.10 is installed OR gfs2-kmp-rt-4.4.74-7.10 is installed OR kernel-devel-rt-4.4.74-7.10 is installed OR kernel-rt-4.4.74-7.10 is installed OR kernel-rt-base-4.4.74-7.10 is installed OR kernel-rt-devel-4.4.74-7.10 is installed OR kernel-rt_debug-4.4.74-7.10 is installed OR kernel-rt_debug-devel-4.4.74-7.10 is installed OR kernel-source-rt-4.4.74-7.10 is installed OR kernel-syms-rt-4.4.74-7.10 is installed OR ocfs2-kmp-rt-4.4.74-7.10 is installed Definition Synopsis SUSE Linux Enterprise Server 11 is installed AND Package Information libMagickCore1-6.4.3.6-7.19.1 is installed OR libMagickCore1-32bit-6.4.3.6-7.19.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1 is installed AND Package Information libpython2_6-1_0-2.6.0-8.9.20 is installed OR libpython2_6-1_0-32bit-2.6.0-8.9.20 is installed OR libpython2_6-1_0-x86-2.6.0-8.9.20 is installed OR python-base-2.6.0-8.9.20 is installed OR python-base-32bit-2.6.0-8.9.20 is installed OR python-base-x86-2.6.0-8.9.20 is installed OR python-xml-2.6.0-8.9.20 is installed OR pyxml-0.8.4-194.23.38 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1-CLIENT-TOOLS is installed AND spacewalk-backend-libs-1.2.74-0.22.2 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information curl-7.19.7-1.18.1 is installed OR libcurl4-7.19.7-1.18.1 is installed OR libcurl4-32bit-7.19.7-1.18.1 is installed OR libcurl4-x86-7.19.7-1.18.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND Package Information rsyslog-5.10.1-0.7.49 is installed OR rsyslog-diag-tools-5.10.1-0.7.49 is installed OR rsyslog-doc-5.10.1-0.7.49 is installed OR rsyslog-module-gssapi-5.10.1-0.7.49 is installed OR rsyslog-module-gtls-5.10.1-0.7.49 is installed OR rsyslog-module-mysql-5.10.1-0.7.49 is installed OR rsyslog-module-pgsql-5.10.1-0.7.49 is installed OR rsyslog-module-relp-5.10.1-0.7.49 is installed OR rsyslog-module-snmp-5.10.1-0.7.49 is installed OR rsyslog-module-udpspoof-5.10.1-0.7.49 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND acpid-1.0.6-91.25.20 is installed Definition Synopsis SUSE Linux Enterprise Server 11-SECURITY is installed AND Package Information libldap-openssl1-2_4-2-2.4.26-0.30.2 is installed OR libldap-openssl1-2_4-2-32bit-2.4.26-0.30.2 is installed OR libldap-openssl1-2_4-2-x86-2.4.26-0.30.2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information augeas-1.2.0-1 is installed OR augeas-lenses-1.2.0-1 is installed OR libaugeas0-1.2.0-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information DirectFB-1.7.1-4 is installed OR lib++dfb-1_7-1-1.7.1-4 is installed OR libdirectfb-1_7-1-1.7.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information gdm-3.10.0.1-52 is installed OR gdm-lang-3.10.0.1-52 is installed OR gdmflexiserver-3.10.0.1-52 is installed OR libgdm1-3.10.0.1-52 is installed OR typelib-1_0-Gdm-1_0-3.10.0.1-52 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND cifs-utils-6.5-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND apache2-mod_nss-1.0.14-19.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP5 is installed AND ant-1.9.4-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_55-52_42-default-2-2.2 is installed OR kgraft-patch-3_12_55-52_42-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_12-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information bind-9.9.9P1-49 is installed OR bind-chrootenv-9.9.9P1-49 is installed OR bind-doc-9.9.9P1-49 is installed OR bind-libs-9.9.9P1-49 is installed OR bind-utils-9.9.9P1-49 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information java-1_6_0-ibm-1.6.0_sr15.0-0.5.1 is installed OR java-1_6_0-ibm-devel-1.6.0_sr15.0-0.5.1 is installed OR java-1_6_0-ibm-fonts-1.6.0_sr15.0-0.5.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information MozillaFirefox-devel-24.5.0esr-0.8.1 is installed OR mozilla-nspr-devel-4.10.4-0.3.1 is installed OR mozilla-nss-devel-3.16-0.8.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libcap-devel-2.11-2.17.1 is installed OR libcap-progs-2.11-2.17.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr3.40-25 is installed OR java-1_7_1-ibm-devel-1.7.1_sr3.40-25 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information kernel-docs-3.12.62-60.62 is installed OR kernel-obs-build-3.12.62-60.62 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information dbus-1-devel-1.8.16-19 is installed OR dbus-1-devel-doc-1.8.16-19 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND accountsservice-devel-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND Package Information FastCGI-2.4.0-168 is installed OR FastCGI-devel-2.4.0-168 is installed OR perl-FastCGI-2.4.0-168 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information empathy-3.10.3-1 is installed OR empathy-lang-3.10.3-1 is installed OR telepathy-mission-control-plugin-goa-3.10.3-1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND Package Information empathy-3.10.3-1 is installed OR empathy-lang-3.10.3-1 is installed OR telepathy-mission-control-plugin-goa-3.10.3-1 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND gd-32bit-2.1.0-12 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND argyllcms-1.6.3-3 is installed
BACK