SUSE-SU-2018:1220-1

Source
https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1220-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:1220-1
Related
Published
2018-05-11T15:30:04Z
Modified
2018-05-11T15:30:04Z
Summary
Security update for the Linux Kernel
Details

The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes.

The following security bugs were fixed:

  • CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)
  • CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)
  • CVE-2018-8781: The udlfbmmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bnc#1090643).
  • CVE-2018-10124: The killsomethinginfo function in kernel/signal.c might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752).
  • CVE-2018-10087: The kernelwait4 function in kernel/exit.c in might allow local users to cause a denial of service by triggering an attempted use of the -INTMIN value (bnc#1089608).
  • CVE-2018-7757: Memory leak in the sassmpgetphyevents function in drivers/scsi/libsas/sasexpander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sasphy directory, as demonstrated by the /sys/class/sasphy/phy-1:0:12/invaliddword_count file (bnc#1084536).
  • CVE-2017-13220: An elevation of privilege vulnerability in the Upstream kernel bluez was fixed. (bnc#1076537).
  • CVE-2017-11089: A buffer overread is observed in nl80211setstation when user space application sends attribute NL80211ATTRLOCALMESHPOWER_MODE with data of size less than 4 bytes (bnc#1088261).
  • CVE-2017-0861: Use-after-free vulnerability in the sndpcminfo function in the ALSA subsystem allowed attackers to gain privileges via unspecified vectors (bnc#1088260).
  • CVE-2018-8822: Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).
  • CVE-2017-18203: The dmgetfromkobject function in drivers/md/dm.c allowed local users to cause a denial of service (BUG) by leveraging a race condition with _dm_destroy during creation and removal of DM devices (bnc#1083242).

The following non-security bugs were fixed:

  • Integrate fixes resulting from bsc#1088147 More info in the respective commit messages.
  • kabi: x86/kaiser: properly align trampoline stack (bsc#1087260).
  • dcache: Add condresched in shrinkdentry_list (bsc#1086194).
  • kGraft: fix small race in reversion code (bsc#1083125).
  • kabi/severities: Ignore kgrshadow* kABI changes
  • kvm/x86: fix icebp instruction handling (bsc#1087088).
  • livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).
  • livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).
  • usbnet: Fix a race between usbnet_stop() and the BH (bsc#1083275).
  • x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
  • x86/espfix: Fix return stack in dodoublefault() (bsc#1085279).
  • x86/kaiser: properly align trampoline stack (bsc#1087260).
  • x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).
References

Affected packages

SUSE:OpenStack Cloud 6 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%206

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:OpenStack Cloud 6 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%206

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:OpenStack Cloud 6 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%206

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:OpenStack Cloud 6 / kernel-xen

Package

Name
kernel-xen
Purl
purl:rpm/suse/kernel-xen&distro=SUSE%20OpenStack%20Cloud%206

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:OpenStack Cloud 6 / kgraft-patch-SLE12-SP1_Update_27

Package

Name
kgraft-patch-SLE12-SP1_Update_27
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP1_Update_27&distro=SUSE%20OpenStack%20Cloud%206

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-2.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Public Cloud 12 / kernel-ec2

Package

Name
kernel-ec2
Purl
purl:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-ec2-extra": "3.12.74-60.64.88.1",
            "kernel-ec2": "3.12.74-60.64.88.1",
            "kernel-ec2-devel": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-xen

Package

Name
kernel-xen
Purl
purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kgraft-patch-SLE12-SP1_Update_27

Package

Name
kgraft-patch-SLE12-SP1_Update_27
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP1_Update_27&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-2.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-default

Package

Name
kernel-default
Purl
purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-default-man": "3.12.74-60.64.88.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-source

Package

Name
kernel-source
Purl
purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-default-man": "3.12.74-60.64.88.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-syms

Package

Name
kernel-syms
Purl
purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-default-man": "3.12.74-60.64.88.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-xen

Package

Name
kernel-xen
Purl
purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.12.74-60.64.88.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-default-man": "3.12.74-60.64.88.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}

SUSE:Linux Enterprise Server 12 SP1-LTSS / kgraft-patch-SLE12-SP1_Update_27

Package

Name
kgraft-patch-SLE12-SP1_Update_27
Purl
purl:rpm/suse/kgraft-patch-SLE12-SP1_Update_27&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1-2.3.1

Ecosystem specific

{
    "binaries": [
        {
            "kernel-macros": "3.12.74-60.64.88.1",
            "kernel-devel": "3.12.74-60.64.88.1",
            "kernel-default-base": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
            "kernel-default-man": "3.12.74-60.64.88.1",
            "kernel-xen-devel": "3.12.74-60.64.88.1",
            "kernel-xen-base": "3.12.74-60.64.88.1",
            "kernel-default": "3.12.74-60.64.88.1",
            "kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
            "kernel-source": "3.12.74-60.64.88.1",
            "kernel-syms": "3.12.74-60.64.88.1",
            "kernel-default-devel": "3.12.74-60.64.88.1",
            "kernel-xen": "3.12.74-60.64.88.1"
        }
    ]
}