SUSE-SU-2018:3923-1: moderate: Security update for dpdk

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Tue Nov 27 10:08:48 MST 2018 

   SUSE Security Update: Security update for dpdk
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:3923-1
Rating:             moderate
References:         #1069601 #1073363 #1089638 #1102310 
Cross-References:   CVE-2018-1059
Affected Products:
                    SUSE Linux Enterprise Software Development Kit 12-SP3
                    SUSE Linux Enterprise Server 12-SP3
______________________________________________________________________________

   An update that solves one vulnerability and has three fixes
   is now available.

Description:



   This update for dpdk to version 16.11.8 provides the following security
   fix:

   - CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host
     application (ovs-dpdk) memory which could have lead all VM to lose
     connectivity (bsc#1089638)

   and following non-security fixes:

   - Enable the broadcom chipset family Broadcom NetXtreme II BCM57810
     (bsc#1073363)
   - Fix a latency problem by using cond_resched rather than
     schedule_timeout_interruptible (bsc#1069601)
   - Fix a syntax error affecting csh environment configuration (bsc#1102310)
   - Fixes in net/bnxt:
       * Fix HW Tx checksum offload check
       * Fix incorrect IO address handling in Tx
       * Fix Rx ring count limitation
       * Check access denied for HWRM commands
       * Fix RETA size
       * Fix close operation
   - Fixes in eal/linux:
       * Fix an invalid syntax in interrupts
       * Fix return codes on thread naming failure
   - Fixes in kni:
       * Fix crash with null name
       * Fix build with gcc 8.1
   - Fixes in net/thunderx:
       * Fix build with gcc optimization on
       * Avoid sq door bell write on zero packet
   - net/bonding: Fix MAC address reset
   - vhost: Fix missing increment of log cache count


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Software Development Kit 12-SP3:

      zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-2795=1

   - SUSE Linux Enterprise Server 12-SP3:

      zypper in -t patch SUSE-SLE-SERVER-12-SP3-2018-2795=1



Package List:

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le x86_64):

      dpdk-debuginfo-16.11.8-8.10.2
      dpdk-debugsource-16.11.8-8.10.2
      dpdk-devel-16.11.8-8.10.2
      dpdk-devel-debuginfo-16.11.8-8.10.2

   - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64):

      dpdk-thunderx-debuginfo-16.11.8-8.10.2
      dpdk-thunderx-debugsource-16.11.8-8.10.2
      dpdk-thunderx-devel-16.11.8-8.10.2
      dpdk-thunderx-devel-debuginfo-16.11.8-8.10.2

   - SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le x86_64):

      dpdk-16.11.8-8.10.2
      dpdk-debuginfo-16.11.8-8.10.2
      dpdk-debugsource-16.11.8-8.10.2
      dpdk-tools-16.11.8-8.10.2

   - SUSE Linux Enterprise Server 12-SP3 (aarch64):

      dpdk-thunderx-16.11.8-8.10.2
      dpdk-thunderx-debuginfo-16.11.8-8.10.2
      dpdk-thunderx-debugsource-16.11.8-8.10.2
      dpdk-thunderx-kmp-default-16.11.8_k4.4.156_94.64-8.10.2
      dpdk-thunderx-kmp-default-debuginfo-16.11.8_k4.4.156_94.64-8.10.2

   - SUSE Linux Enterprise Server 12-SP3 (x86_64):

      dpdk-kmp-default-16.11.8_k4.4.156_94.64-8.10.2
      dpdk-kmp-default-debuginfo-16.11.8_k4.4.156_94.64-8.10.2


References:

   https://www.suse.com/security/cve/CVE-2018-1059.html
   https://bugzilla.suse.com/1069601
   https://bugzilla.suse.com/1073363
   https://bugzilla.suse.com/1089638
   https://bugzilla.suse.com/1102310

More information about the sle-security-updates mailing list