Oval Definition:	oval:org.opensuse.security:def:6694
Revision Date: 2021-07-27 Version: 1 Title: Security update for the Linux Kernel (Live Patch 20 for SLE 15) (Important) Description: This update for the Linux Kernel 4.12.14-150_58 fixes several issues. The following security issues were fixed: - CVE-2021-33909: Fixed an out-of-bounds write in the filesystem layer that allows to andobtain full root privileges. (bsc#1188062) - CVE-2021-22555: Fixed an heap out-of-bounds write in net/netfilter/x_tables.c that could allow local provilege escalation. (bsc#1188116) - CVE-2020-36385: Fixed a use-after-free vulnerability reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called. (bnc#1187050) Family: unix Class: patch Status: Reference(s): 1187052 1188117 1188257 CVE-2006-4197 CVE-2009-0946 CVE-2009-3700 CVE-2009-3826 CVE-2010-2497 CVE-2010-2805 CVE-2010-3053 CVE-2010-3054 CVE-2010-3311 CVE-2010-3814 CVE-2011-0226 CVE-2011-0421 CVE-2011-2186 CVE-2011-2895 CVE-2011-4405 CVE-2012-0035 CVE-2012-0037 CVE-2012-1162 CVE-2012-1163 CVE-2012-5668 CVE-2012-5669 CVE-2012-5670 CVE-2013-4242 CVE-2013-6462 CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2014-2240 CVE-2014-3065 CVE-2014-3421 CVE-2014-3422 CVE-2014-3423 CVE-2014-3424 CVE-2014-3566 CVE-2014-3591 CVE-2014-4288 CVE-2014-4362 CVE-2014-5461 CVE-2014-6456 CVE-2014-6457 CVE-2014-6458 CVE-2014-6466 CVE-2014-6476 CVE-2014-6492 CVE-2014-6493 CVE-2014-6502 CVE-2014-6503 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6515 CVE-2014-6527 CVE-2014-6531 CVE-2014-6532 CVE-2014-6558 CVE-2014-8891 CVE-2014-8892 CVE-2014-9390 CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675 CVE-2015-0138 CVE-2015-0192 CVE-2015-0204 CVE-2015-0458 CVE-2015-0459 CVE-2015-0469 CVE-2015-0477 CVE-2015-0478 CVE-2015-0480 CVE-2015-0488 CVE-2015-0491 CVE-2015-0837 CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 CVE-2015-1914 CVE-2015-1931 CVE-2015-2331 CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2619 CVE-2015-2621 CVE-2015-2625 CVE-2015-2632 CVE-2015-2637 CVE-2015-2638 CVE-2015-2664 CVE-2015-2808 CVE-2015-4000 CVE-2015-4729 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4734 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4810 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4871 CVE-2015-4872 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4902 CVE-2015-4903 CVE-2015-4911 CVE-2015-5006 CVE-2015-5041 CVE-2015-5185 CVE-2015-7511 CVE-2015-7575 CVE-2015-7981 CVE-2015-8126 CVE-2015-8472 CVE-2015-8540 CVE-2015-8936 CVE-2016-0264 CVE-2016-0363 CVE-2016-0376 CVE-2016-0402 CVE-2016-0448 CVE-2016-0466 CVE-2016-0483 CVE-2016-0494 CVE-2016-0686 CVE-2016-0687 CVE-2016-10165 CVE-2016-2183 CVE-2016-2315 CVE-2016-2324 CVE-2016-3422 CVE-2016-3426 CVE-2016-3427 CVE-2016-3443 CVE-2016-3449 CVE-2016-3485 CVE-2016-3511 CVE-2016-3598 CVE-2016-5542 CVE-2016-5554 CVE-2016-5556 CVE-2016-5568 CVE-2016-5573 CVE-2016-5597 CVE-2016-6313 CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 CVE-2017-1000117 CVE-2017-10053 CVE-2017-10067 CVE-2017-10074 CVE-2017-10081 CVE-2017-10087 CVE-2017-10089 CVE-2017-10090 CVE-2017-10096 CVE-2017-10101 CVE-2017-10102 CVE-2017-10105 CVE-2017-10107 CVE-2017-10108 CVE-2017-10109 CVE-2017-10110 CVE-2017-10111 CVE-2017-10115 CVE-2017-10116 CVE-2017-10125 CVE-2017-10243 CVE-2017-10281 CVE-2017-10285 CVE-2017-10293 CVE-2017-10295 CVE-2017-10345 CVE-2017-10346 CVE-2017-10347 CVE-2017-10348 CVE-2017-10349 CVE-2017-10350 CVE-2017-10355 CVE-2017-10356 CVE-2017-10357 CVE-2017-10388 CVE-2017-1289 CVE-2017-13720 CVE-2017-13722 CVE-2017-14107 CVE-2017-14867 CVE-2017-15298 CVE-2017-3509 CVE-2017-3511 CVE-2017-3512 CVE-2017-3514 CVE-2017-3533 CVE-2017-3539 CVE-2017-3544 CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 CVE-2017-6435 CVE-2017-6436 CVE-2017-6437 CVE-2017-6438 CVE-2017-6439 CVE-2017-6440 CVE-2017-7982 CVE-2017-8386 CVE-2018-11212 CVE-2018-11233 CVE-2018-11235 CVE-2018-12539 CVE-2018-12547 CVE-2018-13785 CVE-2018-1417 CVE-2018-1517 CVE-2018-1656 CVE-2018-17456 CVE-2018-2579 CVE-2018-2582 CVE-2018-2588 CVE-2018-2599 CVE-2018-2602 CVE-2018-2603 CVE-2018-2618 CVE-2018-2633 CVE-2018-2634 CVE-2018-2637 CVE-2018-2641 CVE-2018-2657 CVE-2018-2663 CVE-2018-2677 CVE-2018-2678 CVE-2018-2783 CVE-2018-2790 CVE-2018-2794 CVE-2018-2795 CVE-2018-2796 CVE-2018-2797 CVE-2018-2798 CVE-2018-2799 CVE-2018-2800 CVE-2018-2814 CVE-2018-2940 CVE-2018-2952 CVE-2018-2973 CVE-2018-3136 CVE-2018-3139 CVE-2018-3149 CVE-2018-3169 CVE-2018-3180 CVE-2018-3214 CVE-2019-10245 CVE-2019-11771 CVE-2019-11775 CVE-2019-2422 CVE-2019-2426 CVE-2019-2602 CVE-2019-2684 CVE-2019-2697 CVE-2019-2698 CVE-2019-2762 CVE-2019-2766 CVE-2019-2769 CVE-2019-2816 CVE-2019-4473 CVE-2019-7317 CVE-2020-36385 CVE-2021-22555 CVE-2021-33909 Platform(s): openSUSE 13.1 openSUSE 13.1 NonFree openSUSE 13.2 openSUSE 13.2 NonFree openSUSE Leap 42.1 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise for SAP 11 SP3 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Availability Extension 11 SP2 SUSE Linux Enterprise High Availability Extension 11 SP3 SUSE Linux Enterprise High Performance Computing 12 SP5 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Module for Advanced Systems Management 12 SUSE Linux Enterprise Module for Live Patching 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Point of Sale 11 SP2 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT SUSE Linux Enterprise Real Time Extension 11 SP1 SUSE Linux Enterprise Real Time Extension 11 SP3 SUSE Linux Enterprise Real Time Extension 12 SP2 SUSE Linux Enterprise Real Time Extension 12 SP3 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP1 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for Rasperry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP1 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE OpenStack Cloud 5 Product(s): Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND bogofilter-1.1.1-174.27.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information Mesa-9.0.3-0.19.1 is installed OR Mesa-32bit-9.0.3-0.19.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information libpng12-0-1.2.31-5.38.1 is installed OR libpng12-0-32bit-1.2.31-5.38.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND Package Information flash-player-11.2.202.559-117 is installed OR flash-player-gnome-11.2.202.559-117 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information java-1_7_0-openjdk-1.7.0.121-36 is installed OR java-1_7_0-openjdk-headless-1.7.0.121-36 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libgcrypt20-1.6.1-16.39 is installed OR libgcrypt20-32bit-1.6.1-16.39 is installed Definition Synopsis SUSE Linux Enterprise for SAP 11 SP3 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.44.1 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.44.1 is installed Definition Synopsis SUSE Linux Enterprise for SAP 12 is installed AND Package Information compat-libldap-2_3-0-2.3.37-16 is installed OR openldap2-2.4.39-16 is installed Definition Synopsis SUSE Linux Enterprise High Availability Extension 11 SP2 is installed AND Package Information cluster-network-kmp-default-1.4_3.0.101_0.7.17-2.18.81 is installed OR cluster-network-kmp-pae-1.4_3.0.101_0.7.17-2.18.81 is installed OR cluster-network-kmp-ppc64-1.4_3.0.101_0.7.17-2.18.81 is installed OR cluster-network-kmp-trace-1.4_3.0.101_0.7.17-2.18.81 is installed OR cluster-network-kmp-xen-1.4_3.0.101_0.7.17-2.18.81 is installed OR gfs2-kmp-default-2_3.0.101_0.7.17-0.7.109 is installed OR gfs2-kmp-pae-2_3.0.101_0.7.17-0.7.109 is installed OR gfs2-kmp-ppc64-2_3.0.101_0.7.17-0.7.109 is installed OR gfs2-kmp-trace-2_3.0.101_0.7.17-0.7.109 is installed OR gfs2-kmp-xen-2_3.0.101_0.7.17-0.7.109 is installed OR ocfs2-kmp-default-1.6_3.0.101_0.7.17-0.11.80 is installed OR ocfs2-kmp-pae-1.6_3.0.101_0.7.17-0.11.80 is installed OR ocfs2-kmp-ppc64-1.6_3.0.101_0.7.17-0.11.80 is installed OR ocfs2-kmp-trace-1.6_3.0.101_0.7.17-0.11.80 is installed OR ocfs2-kmp-xen-1.6_3.0.101_0.7.17-0.11.80 is installed Definition Synopsis SUSE Linux Enterprise High Availability Extension 11 SP3 is installed AND conntrack-tools-1.0.0-0.9.1 is installed Definition Synopsis SUSE Linux Enterprise High Performance Computing 12 SP5 is installed AND davfs2-1.5.2-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 is installed AND kernel-livepatch-4_12_14-150_58-default-12-2.2 is installed Definition Synopsis SUSE Linux Enterprise Module for Advanced Systems Management 12 is installed AND Package Information puppet-3.6.2-3 is installed OR puppet-server-3.6.2-3 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 12 is installed AND Package Information libpython3_4m1_0-3.4.1-2 is installed OR python3-base-3.4.1-2 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 11 SP2 is installed AND qemu-0.10.1-0.5.7.1 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND Package Information bsdtar-2.5.5-9.1 is installed OR libarchive2-2.5.5-9.1 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT is installed AND Package Information java-1_8_0-openjdk-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-demo-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-devel-1.8.0.171-27.19 is installed OR java-1_8_0-openjdk-headless-1.8.0.171-27.19 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 11 SP1 is installed AND ofed-kmp-rt-1.5.2_2.6.33.18_rt31_0.3-0.9.13.1 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 11 SP3 is installed AND Package Information kernel-rt-3.0.101.rt130-0.33.44.2 is installed OR kernel-rt-base-3.0.101.rt130-0.33.44.2 is installed OR kernel-rt-devel-3.0.101.rt130-0.33.44.2 is installed OR kernel-rt_trace-3.0.101.rt130-0.33.44.2 is installed OR kernel-rt_trace-base-3.0.101.rt130-0.33.44.2 is installed OR kernel-rt_trace-devel-3.0.101.rt130-0.33.44.2 is installed OR kernel-source-rt-3.0.101.rt130-0.33.44.2 is installed OR kernel-syms-rt-3.0.101.rt130-0.33.44.1 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 12 SP2 is installed AND Package Information cluster-md-kmp-rt-4.4.88-18 is installed OR cluster-network-kmp-rt-4.4.88-18 is installed OR dlm-kmp-rt-4.4.88-18 is installed OR gfs2-kmp-rt-4.4.88-18 is installed OR kernel-devel-rt-4.4.88-18 is installed OR kernel-rt-4.4.88-18 is installed OR kernel-rt-base-4.4.88-18 is installed OR kernel-rt-devel-4.4.88-18 is installed OR kernel-rt_debug-4.4.88-18 is installed OR kernel-rt_debug-devel-4.4.88-18 is installed OR kernel-source-rt-4.4.88-18 is installed OR kernel-syms-rt-4.4.88-18 is installed OR ocfs2-kmp-rt-4.4.88-18 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 12 SP3 is installed AND Package Information cluster-md-kmp-rt-4.4.120-3.8 is installed OR dlm-kmp-rt-4.4.120-3.8 is installed OR gfs2-kmp-rt-4.4.120-3.8 is installed OR kernel-devel-rt-4.4.120-3.8 is installed OR kernel-rt-4.4.120-3.8 is installed OR kernel-rt-base-4.4.120-3.8 is installed OR kernel-rt-devel-4.4.120-3.8 is installed OR kernel-rt_debug-4.4.120-3.8 is installed OR kernel-rt_debug-devel-4.4.120-3.8 is installed OR kernel-source-rt-4.4.120-3.8 is installed OR kernel-syms-rt-4.4.120-3.8 is installed OR ocfs2-kmp-rt-4.4.120-3.8 is installed Definition Synopsis SUSE Linux Enterprise Server 11 is installed AND procps-3.2.7-151.3 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP1 is installed AND perl-HTML-Parser-3.56-1.18.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP2 is installed AND Package Information OpenEXR-1.6.1-83.17.1 is installed OR OpenEXR-32bit-1.6.1-83.17.1 is installed OR OpenEXR-x86-1.6.1-83.17.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3 is installed AND x3270-3.3.12-517.12.34 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information MozillaFirefox-31.7.0esr-0.8.1 is installed OR MozillaFirefox-translations-31.7.0esr-0.8.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information apache-commons-beanutils-1.9.2-1 is installed OR apache-commons-beanutils-javadoc-1.9.2-1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND autofs-5.0.9-8 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND autofs-5.0.9-21 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information emacs-24.3-19 is installed OR emacs-el-24.3-19 is installed OR emacs-info-24.3-19 is installed OR emacs-nox-24.3-19 is installed OR emacs-x11-24.3-19 is installed OR etags-24.3-19 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND SuSEfirewall2-3.6.312.333-3.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP5 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information openssh-6.6p1-52.1 is installed OR openssh-askpass-gnome-6.6p1-52.1 is installed OR openssh-fips-6.6p1-52.1 is installed OR openssh-helpers-6.6p1-52.1 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information ghostscript-9.15-17 is installed OR ghostscript-x11-9.15-17 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information php53-devel-5.3.8-0.43.1 is installed OR php53-imap-5.3.8-0.43.1 is installed OR php53-posix-5.3.8-0.43.1 is installed OR php53-readline-5.3.8-0.43.1 is installed OR php53-sockets-5.3.8-0.43.1 is installed OR php53-sqlite-5.3.8-0.43.1 is installed OR php53-tidy-5.3.8-0.43.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND ctdb-devel-1.0.114.6-0.11.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND Package Information libnetpbm-devel-10.26.44-101.9.1 is installed OR libnetpbm-devel-32bit-10.26.44-101.9.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information kernel-docs-3.12.60-52.54 is installed OR kernel-obs-build-3.12.60-52.54 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP1 is installed AND Package Information gdk-pixbuf-2.30.6-7 is installed OR gdk-pixbuf-devel-2.30.6-7 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND gnome-settings-daemon-devel-3.20.1-40 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND apache2-devel-2.4.23-28 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND LibVNCServer-devel-0.9.9-17.5 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND bash-lang-4.2-75 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND bash-lang-4.2-75 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND libgio-fam-2.48.2-10 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND libfbembed2_5-2.5.2.26539-15 is installed
BACK