SUSE-SU-2018:0509-1: moderate: Security update for drm

sle-updates at lists.suse.com sle-updates at lists.suse.com
Wed Feb 21 10:15:08 MST 2018


   SUSE Security Update: Security update for drm
______________________________________________________________________________

Announcement ID:    SUSE-SU-2018:0509-1
Rating:             moderate
References:         #1041744 #1046821 #1047277 #1047729 #1048155 
                    #1050256 #1055493 #1066175 #1077885 
Cross-References:   CVE-2017-10810
Affected Products:
                    SUSE Linux Enterprise Workstation Extension 12-SP3
                    SUSE Linux Enterprise Desktop 12-SP3
______________________________________________________________________________

   An update that solves one vulnerability and has 8 fixes is
   now available.

Description:

   This update for drm provides the following fixes:

   This security issue was fixed:

   - CVE-2017-10810: Memory leak in the virtio_gpu_object_create function in
     drivers/gpu/drm/virtio/virtgpu_object.c allowed attackers to cause a
     denial of service (memory consumption) by triggering
     object-initialization failures (bnc#1047277)

   These non-security issues were fixed:

   - Backport upstream 4.9.x stable fixes up to 4.9.81 (bsc#1041744).
   - Fixed crash at suspend/resume on old Intel chipsets (bsc#1047729,
     bsc#1050256)
   - Fixed large topology support for vmwgfx (bsc#1048155)
   - Workaround for BXT aperture vs GTT chip bug (bsc#1046821)
   - Limit the supplements for the default hardware support to only Intel
     Skylake / Kabylake and AMDGPU (bsc#1077885) 4.9.x i915 seems more buggy
     than expected for old chipsets.
   - Conditionally build aarch64 as well (bsc#1066175)
   - Build host1x module (taken from the kernel-source) as well for avoiding
     the unneeded dependency on kernel-default-extra on ARM64 (bsc#1066175)
   - Enable AMDGPU CIK and SI (bsc#1066175):
   - Add missing hisilicon hibmc driver (bsc#1066175):
   - Add si_support and cik_support options to radeon and amdgpu
     (bsc#1066175):
   - Update Module.supported and apply it properly; following SLE12-SP3
     kernel status
   - Backport the upstream DP-MST fixes, addressing a hang at S3 resume
     (bsc#1055493):


Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Workstation Extension 12-SP3:

      zypper in -t patch SUSE-SLE-WE-12-SP3-2018-337=1

   - SUSE Linux Enterprise Desktop 12-SP3:

      zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2018-337=1

   To bring your system up-to-date, use "zypper patch".


Package List:

   - SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):

      drm-kmp-default-4.9.33_k4.4.114_94.11-4.11.1
      drm-kmp-default-debuginfo-4.9.33_k4.4.114_94.11-4.11.1

   - SUSE Linux Enterprise Desktop 12-SP3 (x86_64):

      drm-kmp-default-4.9.33_k4.4.114_94.11-4.11.1
      drm-kmp-default-debuginfo-4.9.33_k4.4.114_94.11-4.11.1


References:

   https://www.suse.com/security/cve/CVE-2017-10810.html
   https://bugzilla.suse.com/1041744
   https://bugzilla.suse.com/1046821
   https://bugzilla.suse.com/1047277
   https://bugzilla.suse.com/1047729
   https://bugzilla.suse.com/1048155
   https://bugzilla.suse.com/1050256
   https://bugzilla.suse.com/1055493
   https://bugzilla.suse.com/1066175
   https://bugzilla.suse.com/1077885



More information about the sle-updates mailing list