Oval Definition:oval:org.opensuse.security:def:68109
Revision Date:2021-03-17Version:1
Title:Security update for the Linux Kernel (Live Patch 17 for SLE 15 SP1) (Important)
Description:

This update for the Linux Kernel 4.12.14-197_64 fixes several issues.

The following security issues were fixed:

- CVE-2020-29368: Fixed an issue in copy-on-write implementation which could have granted unintended write access because of a race condition in a THP mapcount check (bsc#1179664). - Fixed an issue where NFS client filesystems got unmounted on fail-over (bsc#1182468). - CVE-2021-3347: Fixed a use-after-free in the PI futexes during fault handling, allowing local users to execute code in the kernel (bsc#1181553). - CVE-2020-27786: Fixed a potential user after free which could have led to memory corruption or privilege escalation (bsc#1179616). - CVE-2020-28374: Fixed insufficient identifier checking in the LIO SCSI target code which could have been used by remote attackers to read or write files via directory traversal in an XCOPY request (bsc#1178684). - CVE-2021-0342: Fixed a potential memory corruption due to a use after free which could have led to local escalation of privilege with System execution privileges required (bsc#1180859).
Family:unixClass:patch
Status:Reference(s):1141853
1178684
1179616
1179664
1180859
1181553
1182468
CVE-2013-2882
CVE-2013-6639
CVE-2013-6640
CVE-2013-6668
CVE-2014-0224
CVE-2015-3193
CVE-2015-3194
CVE-2015-5380
CVE-2015-7384
CVE-2016-2086
CVE-2016-2178
CVE-2016-2183
CVE-2016-2216
CVE-2016-5172
CVE-2016-5325
CVE-2016-6304
CVE-2016-6306
CVE-2016-7052
CVE-2016-7099
CVE-2017-1000381
CVE-2017-11499
CVE-2017-14849
CVE-2017-14919
CVE-2017-15896
CVE-2017-15897
CVE-2017-3735
CVE-2017-3736
CVE-2017-3738
CVE-2018-0732
CVE-2018-1000168
CVE-2018-12115
CVE-2018-12116
CVE-2018-12121
CVE-2018-12122
CVE-2018-12123
CVE-2018-20852
CVE-2018-7158
CVE-2018-7159
CVE-2018-7160
CVE-2018-7161
CVE-2018-7167
CVE-2019-5737
CVE-2020-27786
CVE-2020-28374
CVE-2020-29368
CVE-2021-0342
CVE-2021-3347
SUSE-SU-2019:2114-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Web Scripting 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND kernel-livepatch-4_12_14-197_64-default-4-2.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libpython2_7-1_0-2.7.14-7.17 is installed
  • OR python-2.7.14-7.17 is installed
  • OR python-base-2.7.14-7.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP1 is installed
  • AND Package Information
  • nodejs8-8.15.1-3.14 is installed
  • OR nodejs8-devel-8.15.1-3.14 is installed
  • OR nodejs8-docs-8.15.1-3.14 is installed
  • OR npm8-8.15.1-3.14 is installed
  • BACK