Oval Definition:	oval:org.opensuse.security:def:68047
Revision Date: 2021-08-17 Version: 1 Title: Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP1) (Important) Description: This update for the Linux Kernel 4.12.14-197_51 fixes several issues. The following security issues were fixed: - CVE-2021-22543: Fixed an issue with KVM, related to the handling of VM_IO|VM_PFNMAP vmas, which allowed users with the ability to start and control a VM to read/write random pages of memory and could result in local privilege escalation (bsc#1186482). - CVE-2021-37576: On the powerpc platform KVM guest OS users could cause host OS memory corruption via rtas_args.nargs (bsc#1188838). - CVE-2021-3609: Fixed a local privilege escalation via a race condition in net/can/bcm.c (bsc#1187215). Family: unix Class: patch Status: Reference(s): 1186483 1188323 1188842 CVE-2009-0023 CVE-2009-1191 CVE-2009-1195 CVE-2009-1890 CVE-2009-1891 CVE-2009-1955 CVE-2009-1956 CVE-2009-2412 CVE-2009-2699 CVE-2009-3094 CVE-2009-3095 CVE-2009-3555 CVE-2009-3560 CVE-2009-3720 CVE-2010-0408 CVE-2010-0425 CVE-2010-0434 CVE-2010-1452 CVE-2010-1623 CVE-2010-2068 CVE-2011-1176 CVE-2011-3192 CVE-2011-3368 CVE-2011-3607 CVE-2011-4317 CVE-2012-0021 CVE-2012-0031 CVE-2012-0053 CVE-2012-2687 CVE-2012-3291 CVE-2012-3499 CVE-2012-3502 CVE-2012-6128 CVE-2013-1896 CVE-2013-2249 CVE-2013-5704 CVE-2013-6438 CVE-2013-7098 CVE-2014-0098 CVE-2014-0117 CVE-2014-0118 CVE-2014-0226 CVE-2014-0231 CVE-2014-3523 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228 CVE-2015-0253 CVE-2015-4000 CVE-2016-0736 CVE-2016-2161 CVE-2016-4979 CVE-2016-5387 CVE-2016-8740 CVE-2016-8743 CVE-2017-9798 CVE-2018-11763 CVE-2018-1333 CVE-2018-17189 CVE-2018-17199 CVE-2018-8011 CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 CVE-2021-22543 CVE-2021-3609 CVE-2021-37576 Platform(s): SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Module for Live Patching 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Workstation Extension 15 SP1 Product(s): Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 SP1 is installed AND Package Information openconnect-7.08-4 is installed OR openconnect-devel-7.08-4 is installed OR openconnect-lang-7.08-4 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information apache2-2.4.33-3.15 is installed OR apache2-devel-2.4.33-3.15 is installed OR apache2-doc-2.4.33-3.15 is installed OR apache2-prefork-2.4.33-3.15 is installed OR apache2-utils-2.4.33-3.15 is installed OR apache2-worker-2.4.33-3.15 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed AND kernel-livepatch-4_12_14-197_51-default-14-2.2 is installed
BACK