Oval Definition:	oval:org.opensuse.security:def:7200
Revision Date: 2021-02-10 Version: 1 Title: Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP2) (Important) Description: This update for the Linux Kernel 5.3.18-24_29 fixes several issues. The following security issues were fixed: - CVE-2020-29373: Fixed an issue where kernel unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintended filesystem locations (bsc#1179779). - CVE-2020-36158: Fixed a potential remote code execution in the Marvell mwifiex driver (bsc#1180562). - CVE-2020-0466: Fixed a use-after-free due to a logic error in do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180032. - CVE-2020-29569: Fixed a use after free due to a logic error (bsc#1180008). - CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that may have allowed a read-after-free attack against TIOCGSID (bsc#1179877). - CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed a use-after-free attack against TIOCSPGRP (bsc#1179877). - CVE-2020-29368: Fixed an issue in copy-on-write implementation which could grant unintended write access because of a race condition in a THP mapcount check (bsc#1179664). Family: unix Class: patch Status: Reference(s): 1179664 1179779 1179877 1180008 1180032 1180562 CVE-2006-4484 CVE-2009-0793 CVE-2009-2285 CVE-2009-2347 CVE-2009-3939 CVE-2009-4026 CVE-2009-4027 CVE-2009-4131 CVE-2009-4138 CVE-2009-4536 CVE-2009-4538 CVE-2010-1146 CVE-2010-1163 CVE-2010-1205 CVE-2010-1436 CVE-2010-1641 CVE-2010-1646 CVE-2010-2065 CVE-2010-2066 CVE-2010-2067 CVE-2010-2233 CVE-2010-2242 CVE-2010-2761 CVE-2010-2942 CVE-2010-2954 CVE-2010-2955 CVE-2010-3081 CVE-2010-3296 CVE-2010-3297 CVE-2010-3298 CVE-2010-3301 CVE-2010-3310 CVE-2010-4410 CVE-2010-4411 CVE-2010-4665 CVE-2010-4777 CVE-2011-0010 CVE-2011-0192 CVE-2011-0712 CVE-2011-1020 CVE-2011-1146 CVE-2011-1167 CVE-2011-1577 CVE-2011-2203 CVE-2011-2489 CVE-2011-2490 CVE-2011-2501 CVE-2011-2511 CVE-2011-3026 CVE-2011-3045 CVE-2011-3048 CVE-2011-4182 CVE-2011-4600 CVE-2012-0037 CVE-2012-0056 CVE-2012-1173 CVE-2012-1571 CVE-2012-2113 CVE-2012-2337 CVE-2012-2372 CVE-2012-3386 CVE-2012-3386 CVE-2012-3401 CVE-2012-3445 CVE-2012-4564 CVE-2013-0160 CVE-2013-0170 CVE-2013-0231 CVE-2013-0913 CVE-2013-1775 CVE-2013-1776 CVE-2013-1960 CVE-2013-1961 CVE-2013-1962 CVE-2013-2218 CVE-2013-2230 CVE-2013-2850 CVE-2013-4153 CVE-2013-4154 CVE-2013-4231 CVE-2013-4232 CVE-2013-4239 CVE-2013-4243 CVE-2013-4244 CVE-2013-4276 CVE-2013-4296 CVE-2013-4297 CVE-2013-4311 CVE-2013-4399 CVE-2013-4400 CVE-2013-4401 CVE-2013-4587 CVE-2013-6367 CVE-2013-6368 CVE-2013-6376 CVE-2013-6405 CVE-2013-6436 CVE-2013-6457 CVE-2013-6458 CVE-2013-7353 CVE-2013-7354 CVE-2014-0028 CVE-2014-00691 CVE-2014-0102 CVE-2014-0131 CVE-2014-0179 CVE-2014-0196 CVE-2014-1447 CVE-2014-2523 CVE-2014-2568 CVE-2014-3185 CVE-2014-3534 CVE-2014-3610 CVE-2014-3611 CVE-2014-3633 CVE-2014-3647 CVE-2014-3657 CVE-2014-3673 CVE-2014-3687 CVE-2014-3690 CVE-2014-3710 CVE-2014-3917 CVE-2014-3940 CVE-2014-4171 CVE-2014-4608 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4699 CVE-2014-4943 CVE-2014-5045 CVE-2014-5077 CVE-2014-5206 CVE-2014-5207 CVE-2014-5471 CVE-2014-5472 CVE-2014-7822 CVE-2014-7823 CVE-2014-7826 CVE-2014-7841 CVE-2014-8086 CVE-2014-8116 CVE-2014-8117 CVE-2014-8133 CVE-2014-8136 CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158 CVE-2014-8159 CVE-2014-8160 CVE-2014-8559 CVE-2014-8709 CVE-2014-9029 CVE-2014-9090 CVE-2014-9419 CVE-2014-9420 CVE-2014-9584 CVE-2014-9585 CVE-2014-9728 CVE-2014-9729 CVE-2014-9730 CVE-2014-9731 CVE-2015-0236 CVE-2015-0272 CVE-2015-0777 CVE-2015-1465 CVE-2015-1805 CVE-2015-2041 CVE-2015-2042 CVE-2015-2150 CVE-2015-2666 CVE-2015-2830 CVE-2015-2922 CVE-2015-3212 CVE-2015-3331 CVE-2015-3332 CVE-2015-3339 CVE-2015-3636 CVE-2015-4036 CVE-2015-4167 CVE-2015-4692 CVE-2015-5156 CVE-2015-5157 CVE-2015-5247 CVE-2015-5283 CVE-2015-5307 CVE-2015-5364 CVE-2015-5366 CVE-2015-6252 CVE-2015-6937 CVE-2015-7613 CVE-2015-8104 CVE-2018-0739 CVE-2020-0466 CVE-2020-29368 CVE-2020-29373 CVE-2020-29569 CVE-2020-29660 CVE-2020-29661 CVE-2020-36158 Platform(s): openSUSE 13.2 openSUSE 13.2 NonFree openSUSE Leap 42.1 SUSE Linux Enterprise Build System Kit 12 SUSE Linux Enterprise Build System Kit 12 SP1 SUSE Linux Enterprise Build System Kit 12 SP2 SUSE Linux Enterprise Build System Kit 12 SP3 SUSE Linux Enterprise Build System Kit 12 SP4 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 11 SP4 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise for SAP 11 SP4 SUSE Linux Enterprise High Availability 12 SUSE Linux Enterprise High Performance Computing 15 SP2 SUSE Linux Enterprise Module for Live Patching 15 SP2 SUSE Linux Enterprise Point of Sale 11 SP3 SUSE Linux Enterprise Real Time Extension 11 SP4 SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Server 11 SP2 SUSE Linux Enterprise Server 11 SP3 SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server 11-SECURITY SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server 15 SP2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SUSE Linux Enterprise Server for SAP Applications 12 SP1 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for VMWare 11 SP2 SUSE Linux Enterprise Server for VMWare 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP2 SUSE Linux Enterprise Software Development Kit 11 SP3 SUSE Linux Enterprise Software Development Kit 11 SP4 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP3 SUSE Linux Enterprise Software Development Kit 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SUSE Linux Enterprise Workstation Extension 12 SP1 SUSE Linux Enterprise Workstation Extension 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP3 SUSE Linux Enterprise Workstation Extension 12 SP4 Product(s): Definition Synopsis SUSE Linux Enterprise Build System Kit 12 is installed AND Package Information libreoffice-4.3.5.2-10 is installed OR libreoffice-sdk-4.3.5.2-10 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP1 is installed AND kernel-zfcpdump-3.12.74-60.64.40 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP2 is installed AND kernel-zfcpdump-4.4.74-92.38 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP3 is installed AND Package Information libudev-mini-devel-228-150.9 is installed OR libudev-mini1-228-150.9 is installed OR systemd-mini-228-150.9 is installed OR systemd-mini-devel-228-150.9 is installed OR udev-mini-228-150.9 is installed Definition Synopsis SUSE Linux Enterprise Build System Kit 12 SP4 is installed AND kernel-zfcpdump-4.12.14-95.6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information MozillaFirefox-10.0.11-0.3.1 is installed OR MozillaFirefox-translations-10.0.11-0.3.1 is installed OR libfreebl3-3.14-0.3.1 is installed OR libfreebl3-32bit-3.14-0.3.1 is installed OR mozilla-nss-3.14-0.3.1 is installed OR mozilla-nss-32bit-3.14-0.3.1 is installed OR mozilla-nss-tools-3.14-0.3.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information MozillaFirefox-31.6.0esr-0.8.1 is installed OR MozillaFirefox-translations-31.6.0esr-0.8.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP4 is installed AND Package Information augeas-0.9.0-3.17.2 is installed OR libaugeas0-0.9.0-3.17.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND mailx-12.5-22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information bind-9.9.9P1-56 is installed OR bind-libs-9.9.9P1-56 is installed OR bind-libs-32bit-9.9.9P1-56 is installed OR bind-utils-9.9.9P1-56 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information libpoppler-glib8-0.43.0-16.5 is installed OR libpoppler-qt4-4-0.43.0-16.5 is installed OR libpoppler60-0.43.0-16.5 is installed OR poppler-0.43.0-16.5 is installed OR poppler-qt-0.43.0-16.5 is installed OR poppler-tools-0.43.0-16.5 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-2 is installed Definition Synopsis SUSE Linux Enterprise for SAP 11 SP4 is installed AND Package Information compat-openssl097g-0.9.7g-146.22.41.1 is installed OR compat-openssl097g-32bit-0.9.7g-146.22.41.1 is installed Definition Synopsis SUSE Linux Enterprise High Availability 12 is installed AND Package Information conntrack-tools-1.4.2-5 is installed OR libnetfilter_cthelper-1.0.0-7 is installed OR libnetfilter_cthelper0-1.0.0-7 is installed OR libnetfilter_cttimeout-1.0.0-9 is installed OR libnetfilter_cttimeout1-1.0.0-9 is installed Definition Synopsis SUSE Linux Enterprise Module for Live Patching 15 SP2 is installed AND kernel-livepatch-5_3_18-24_29-default-3-2.1 is installed Definition Synopsis SUSE Linux Enterprise Point of Sale 11 SP3 is installed AND Package Information MozillaFirefox-45.7.0esr-65.2 is installed OR MozillaFirefox-translations-45.7.0esr-65.2 is installed Definition Synopsis SUSE Linux Enterprise Real Time Extension 11 SP4 is installed AND Package Information kernel-rt-3.0.101.rt130-51.1 is installed OR kernel-rt-base-3.0.101.rt130-51.1 is installed OR kernel-rt-devel-3.0.101.rt130-51.1 is installed OR kernel-rt_trace-3.0.101.rt130-51.1 is installed OR kernel-rt_trace-base-3.0.101.rt130-51.1 is installed OR kernel-rt_trace-devel-3.0.101.rt130-51.1 is installed OR kernel-source-rt-3.0.101.rt130-51.1 is installed OR kernel-syms-rt-3.0.101.rt130-51.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 is installed AND Package Information NetworkManager-0.7.0.r4359-15.9.2 is installed OR NetworkManager-glib-0.7.0.r4359-15.9.2 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP2 is installed AND stunnel-4.36-0.12.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP2 is installed AND stunnel-4.36-0.12.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 11 SP3 is installed AND Mesa-9.0.3-0.19.1 is installed OR Mesa-32bit-9.0.3-0.19.1 is installed OR Mesa-x86-9.0.3-0.19.1 is installed OR Package Information SUSE Linux Enterprise Server for VMWare 11 SP3 is installed AND Mesa-9.0.3-0.19.1 is installed OR Mesa-32bit-9.0.3-0.19.1 is installed OR Mesa-x86-9.0.3-0.19.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP3-LTSS is installed AND Package Information MozillaFirefox-38.7.0esr-37.3 is installed OR MozillaFirefox-translations-38.7.0esr-37.3 is installed OR libfreebl3-3.20.2-28.1 is installed OR libfreebl3-32bit-3.20.2-28.1 is installed OR libsoftokn3-3.20.2-28.1 is installed OR libsoftokn3-32bit-3.20.2-28.1 is installed OR mozilla-nspr-4.12-24.1 is installed OR mozilla-nspr-32bit-4.12-24.1 is installed OR mozilla-nss-3.20.2-28.1 is installed OR mozilla-nss-32bit-3.20.2-28.1 is installed OR mozilla-nss-tools-3.20.2-28.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11 SP4 is installed AND Package Information glibc-2.11.3-17.84.1 is installed OR glibc-32bit-2.11.3-17.84.1 is installed OR glibc-devel-2.11.3-17.84.1 is installed OR glibc-devel-32bit-2.11.3-17.84.1 is installed OR glibc-html-2.11.3-17.84.1 is installed OR glibc-i18ndata-2.11.3-17.84.1 is installed OR glibc-info-2.11.3-17.84.1 is installed OR glibc-locale-2.11.3-17.84.1 is installed OR glibc-locale-32bit-2.11.3-17.84.1 is installed OR glibc-locale-x86-2.11.3-17.84.1 is installed OR glibc-profile-2.11.3-17.84.1 is installed OR glibc-profile-32bit-2.11.3-17.84.1 is installed OR glibc-profile-x86-2.11.3-17.84.1 is installed OR glibc-x86-2.11.3-17.84.1 is installed OR nscd-2.11.3-17.84.1 is installed Definition Synopsis SUSE Linux Enterprise Server 11-SECURITY is installed AND Package Information libopenssl1-devel-1.0.1g-0.22.1 is installed OR libopenssl1_0_0-1.0.1g-0.22.1 is installed OR libopenssl1_0_0-32bit-1.0.1g-0.22.1 is installed OR libopenssl1_0_0-x86-1.0.1g-0.22.1 is installed OR openssl1-1.0.1g-0.22.1 is installed OR openssl1-doc-1.0.1g-0.22.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 is installed AND Package Information liblcms1-1.19-17 is installed OR liblcms1-32bit-1.19-17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information file-5.19-9 is installed OR file-magic-5.19-9 is installed OR libmagic1-5.19-9 is installed OR libmagic1-32bit-5.19-9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_67-60_64_24-default-7-2.1 is installed OR kgraft-patch-3_12_67-60_64_24-xen-7-2.1 is installed OR kgraft-patch-SLE12-SP1_Update_11-7-2.1 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information accountsservice-0.6.42-14 is installed OR accountsservice-lang-0.6.42-14 is installed OR libaccountsservice0-0.6.42-14 is installed OR typelib-1_0-AccountsService-1_0-0.6.42-14 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND apache-commons-httpclient-3.1-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information apache2-mod_apparmor-2.8.2-49 is installed OR apparmor-docs-2.8.2-49 is installed OR apparmor-parser-2.8.2-49 is installed OR apparmor-profiles-2.8.2-49 is installed OR apparmor-utils-2.8.2-49 is installed OR libapparmor1-2.8.2-49 is installed OR libapparmor1-32bit-2.8.2-49 is installed OR pam_apparmor-2.8.2-49 is installed OR pam_apparmor-32bit-2.8.2-49 is installed OR perl-apparmor-2.8.2-49 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP5 is installed AND Package Information aaa_base-13.2+git20140911.61c1681-38.13 is installed OR aaa_base-extras-13.2+git20140911.61c1681-38.13 is installed Definition Synopsis SUSE Linux Enterprise Server 12-LTSS is installed AND Package Information kgraft-patch-3_12_60-52_54-default-2-2.2 is installed OR kgraft-patch-3_12_60-52_54-xen-2-2.2 is installed OR kgraft-patch-SLE12_Update_15-2-2.2 is installed Definition Synopsis SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 is installed AND Package Information augeas-1.2.0-10 is installed OR augeas-lenses-1.2.0-10 is installed OR libaugeas0-1.2.0-10 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 is installed AND Package Information kgraft-patch-3_12_55-52_45-default-2-2 is installed OR kgraft-patch-3_12_55-52_45-xen-2-2 is installed OR kgraft-patch-SLE12_Update_13-2-2 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP1 is installed AND Package Information compat-openssl098-0.9.8j-97 is installed OR libopenssl0_9_8-0.9.8j-97 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP2 is installed AND Package Information kgraft-patch-4_4_103-92_53-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_16-6-2 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP2 is installed AND Package Information bind-devel-9.9.4P2-0.6.1 is installed OR bind-devel-32bit-9.9.4P2-0.6.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP3 is installed AND Package Information php53-devel-5.3.17-0.31.1 is installed OR php53-imap-5.3.17-0.31.1 is installed OR php53-posix-5.3.17-0.31.1 is installed OR php53-readline-5.3.17-0.31.1 is installed OR php53-sockets-5.3.17-0.31.1 is installed OR php53-sqlite-5.3.17-0.31.1 is installed OR php53-tidy-5.3.17-0.31.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 11 SP4 is installed AND trousers-devel-0.3.10-0.11.1 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 is installed AND Package Information dbus-1-1.8.12-6 is installed OR dbus-1-devel-1.8.12-6 is installed OR dbus-1-devel-doc-1.8.12-6 is installed OR dbus-1-x11-1.8.12-6 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP2 is installed AND Package Information xen-4.7.2_04-39 is installed OR xen-devel-4.7.2_04-39 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP3 is installed AND Package Information apache2-2.4.23-29.3 is installed OR apache2-devel-2.4.23-29.3 is installed Definition Synopsis SUSE Linux Enterprise Software Development Kit 12 SP4 is installed AND libICE-devel-1.0.8-12 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 is installed AND Package Information freerdp-1.0.2-7 is installed OR libfreerdp-1_0-1.0.2-7 is installed OR libfreerdp-1_0-plugins-1.0.2-7 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP1 is installed AND bash-lang-4.2-75 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP2 is installed AND Package Information NetworkManager-1.0.12-8 is installed OR NetworkManager-lang-1.0.12-8 is installed OR typelib-1_0-NM-1_0-1.0.12-8 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP3 is installed AND cyrus-sasl-digestmd5-32bit-2.1.26-7 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 12 SP4 is installed AND Package Information NetworkManager-1.0.12-13.6 is installed OR NetworkManager-lang-1.0.12-13.6 is installed OR typelib-1_0-NM-1_0-1.0.12-13.6 is installed
BACK