SUSE-SU-2018:1220-1: important: Security update for the Linux Kernel
sle-security-updates at lists.suse.com
sle-security-updates at lists.suse.com
Fri May 11 13:07:54 MDT 2018
SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:1220-1
Rating: important
References: #1076537 #1082299 #1083125 #1083242 #1083275
#1084536 #1085279 #1085331 #1086162 #1086194
#1087088 #1087260 #1088147 #1088260 #1088261
#1089608 #1089752 #1090643
Cross-References: CVE-2017-0861 CVE-2017-11089 CVE-2017-13220
CVE-2017-18203 CVE-2018-10087 CVE-2018-10124
CVE-2018-1087 CVE-2018-7757 CVE-2018-8781
CVE-2018-8822 CVE-2018-8897
Affected Products:
SUSE OpenStack Cloud 6
SUSE Linux Enterprise Server for SAP 12-SP1
SUSE Linux Enterprise Server 12-SP1-LTSS
SUSE Linux Enterprise Module for Public Cloud 12
______________________________________________________________________________
An update that solves 11 vulnerabilities and has 7 fixes is
now available.
Description:
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to
potentially escalate their privileges inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use incorrect set up
interrupt stacks to crash the Linux kernel resulting in DoS issue.
(bsc#1087088)
- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c
had an integer-overflow vulnerability allowing local users with access
to the udldrmfb driver to obtain full read and write permissions on
kernel physical pages, resulting in a code execution in kernel space
(bnc#1090643).
- CVE-2018-10124: The kill_something_info function in kernel/signal.c
might allow local users to cause a denial of service via an INT_MIN
argument (bnc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c in might
allow local users to cause a denial of service by triggering an
attempted use of the -INT_MIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial
of service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536).
- CVE-2017-13220: An elevation of privilege vulnerability in the Upstream
kernel bluez was fixed. (bnc#1076537).
- CVE-2017-11089: A buffer overread is observed in nl80211_set_station
when user space application sends attribute
NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes
(bnc#1088261).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function
in the ALSA subsystem allowed attackers to gain privileges via
unspecified vectors (bnc#1088260).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel
function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious
NCPFS servers to crash the kernel or execute code (bnc#1086162).
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c
allowed local users to cause a denial of service (BUG) by leveraging a
race condition with __dm_destroy during creation and removal of DM
devices (bnc#1083242).
The following non-security bugs were fixed:
- Integrate fixes resulting from bsc#1088147 More info in the respective
commit messages.
- kabi: x86/kaiser: properly align trampoline stack (bsc#1087260).
- dcache: Add cond_resched in shrink_dentry_list (bsc#1086194).
- kGraft: fix small race in reversion code (bsc#1083125).
- kabi/severities: Ignore kgr_shadow_* kABI changes
- kvm/x86: fix icebp instruction handling (bsc#1087088).
- livepatch: Allow to call a custom callback when freeing shadow variables
(bsc#1082299 fate#313296).
- livepatch: Initialize shadow variables safely by a custom callback
(bsc#1082299 fate#313296).
- usbnet: Fix a race between usbnet_stop() and the BH (bsc#1083275).
- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).
- x86/kaiser: properly align trampoline stack (bsc#1087260).
- x86/retpoline: do not perform thunk calls in ring3 vsyscall code
(bsc#1085331).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud 6:
zypper in -t patch SUSE-OpenStack-Cloud-6-2018-845=1
- SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-845=1
- SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-845=1
- SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2018-845=1
Package List:
- SUSE OpenStack Cloud 6 (x86_64):
kernel-default-3.12.74-60.64.88.1
kernel-default-base-3.12.74-60.64.88.1
kernel-default-base-debuginfo-3.12.74-60.64.88.1
kernel-default-debuginfo-3.12.74-60.64.88.1
kernel-default-debugsource-3.12.74-60.64.88.1
kernel-default-devel-3.12.74-60.64.88.1
kernel-syms-3.12.74-60.64.88.1
kernel-xen-3.12.74-60.64.88.1
kernel-xen-base-3.12.74-60.64.88.1
kernel-xen-base-debuginfo-3.12.74-60.64.88.1
kernel-xen-debuginfo-3.12.74-60.64.88.1
kernel-xen-debugsource-3.12.74-60.64.88.1
kernel-xen-devel-3.12.74-60.64.88.1
kgraft-patch-3_12_74-60_64_88-default-1-2.3.1
kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1
- SUSE OpenStack Cloud 6 (noarch):
kernel-devel-3.12.74-60.64.88.1
kernel-macros-3.12.74-60.64.88.1
kernel-source-3.12.74-60.64.88.1
- SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):
kernel-default-3.12.74-60.64.88.1
kernel-default-base-3.12.74-60.64.88.1
kernel-default-base-debuginfo-3.12.74-60.64.88.1
kernel-default-debuginfo-3.12.74-60.64.88.1
kernel-default-debugsource-3.12.74-60.64.88.1
kernel-default-devel-3.12.74-60.64.88.1
kernel-syms-3.12.74-60.64.88.1
- SUSE Linux Enterprise Server for SAP 12-SP1 (noarch):
kernel-devel-3.12.74-60.64.88.1
kernel-macros-3.12.74-60.64.88.1
kernel-source-3.12.74-60.64.88.1
- SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
kernel-xen-3.12.74-60.64.88.1
kernel-xen-base-3.12.74-60.64.88.1
kernel-xen-base-debuginfo-3.12.74-60.64.88.1
kernel-xen-debuginfo-3.12.74-60.64.88.1
kernel-xen-debugsource-3.12.74-60.64.88.1
kernel-xen-devel-3.12.74-60.64.88.1
kgraft-patch-3_12_74-60_64_88-default-1-2.3.1
kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):
kernel-default-3.12.74-60.64.88.1
kernel-default-base-3.12.74-60.64.88.1
kernel-default-base-debuginfo-3.12.74-60.64.88.1
kernel-default-debuginfo-3.12.74-60.64.88.1
kernel-default-debugsource-3.12.74-60.64.88.1
kernel-default-devel-3.12.74-60.64.88.1
kernel-syms-3.12.74-60.64.88.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
kernel-xen-3.12.74-60.64.88.1
kernel-xen-base-3.12.74-60.64.88.1
kernel-xen-base-debuginfo-3.12.74-60.64.88.1
kernel-xen-debuginfo-3.12.74-60.64.88.1
kernel-xen-debugsource-3.12.74-60.64.88.1
kernel-xen-devel-3.12.74-60.64.88.1
kgraft-patch-3_12_74-60_64_88-default-1-2.3.1
kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (noarch):
kernel-devel-3.12.74-60.64.88.1
kernel-macros-3.12.74-60.64.88.1
kernel-source-3.12.74-60.64.88.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (s390x):
kernel-default-man-3.12.74-60.64.88.1
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
kernel-ec2-3.12.74-60.64.88.1
kernel-ec2-debuginfo-3.12.74-60.64.88.1
kernel-ec2-debugsource-3.12.74-60.64.88.1
kernel-ec2-devel-3.12.74-60.64.88.1
kernel-ec2-extra-3.12.74-60.64.88.1
kernel-ec2-extra-debuginfo-3.12.74-60.64.88.1
References:
https://www.suse.com/security/cve/CVE-2017-0861.html
https://www.suse.com/security/cve/CVE-2017-11089.html
https://www.suse.com/security/cve/CVE-2017-13220.html
https://www.suse.com/security/cve/CVE-2017-18203.html
https://www.suse.com/security/cve/CVE-2018-10087.html
https://www.suse.com/security/cve/CVE-2018-10124.html
https://www.suse.com/security/cve/CVE-2018-1087.html
https://www.suse.com/security/cve/CVE-2018-7757.html
https://www.suse.com/security/cve/CVE-2018-8781.html
https://www.suse.com/security/cve/CVE-2018-8822.html
https://www.suse.com/security/cve/CVE-2018-8897.html
https://bugzilla.suse.com/1076537
https://bugzilla.suse.com/1082299
https://bugzilla.suse.com/1083125
https://bugzilla.suse.com/1083242
https://bugzilla.suse.com/1083275
https://bugzilla.suse.com/1084536
https://bugzilla.suse.com/1085279
https://bugzilla.suse.com/1085331
https://bugzilla.suse.com/1086162
https://bugzilla.suse.com/1086194
https://bugzilla.suse.com/1087088
https://bugzilla.suse.com/1087260
https://bugzilla.suse.com/1088147
https://bugzilla.suse.com/1088260
https://bugzilla.suse.com/1088261
https://bugzilla.suse.com/1089608
https://bugzilla.suse.com/1089752
https://bugzilla.suse.com/1090643
More information about the sle-security-updates
mailing list