SUSE-SU-2018:1220-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:1220-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2018:1220-1
- Related
- Published
- 2018-05-11T15:30:04Z
- Modified
- 2018-05-11T15:30:04Z
- Summary
- Security update for the Linux Kernel
- Details
-
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)
- CVE-2018-8781: The udlfbmmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bnc#1090643).
- CVE-2018-10124: The killsomethinginfo function in kernel/signal.c might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752).
- CVE-2018-10087: The kernelwait4 function in kernel/exit.c in might allow local users to cause a denial of service by triggering an attempted use of the -INTMIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sassmpgetphyevents function in drivers/scsi/libsas/sasexpander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sasphy directory, as demonstrated by the /sys/class/sasphy/phy-1:0:12/invaliddword_count file (bnc#1084536).
- CVE-2017-13220: An elevation of privilege vulnerability in the Upstream kernel bluez was fixed. (bnc#1076537).
- CVE-2017-11089: A buffer overread is observed in nl80211setstation when user space application sends attribute NL80211ATTRLOCALMESHPOWER_MODE with data of size less than 4 bytes (bnc#1088261).
- CVE-2017-0861: Use-after-free vulnerability in the sndpcminfo function in the ALSA subsystem allowed attackers to gain privileges via unspecified vectors (bnc#1088260).
- CVE-2018-8822: Incorrect buffer length handling in the ncpreadkernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).
- CVE-2017-18203: The dmgetfromkobject function in drivers/md/dm.c allowed local users to cause a denial of service (BUG) by leveraging a race condition with _dm_destroy during creation and removal of DM devices (bnc#1083242).
The following non-security bugs were fixed:
- Integrate fixes resulting from bsc#1088147 More info in the respective commit messages.
- kabi: x86/kaiser: properly align trampoline stack (bsc#1087260).
- dcache: Add condresched in shrinkdentry_list (bsc#1086194).
- kGraft: fix small race in reversion code (bsc#1083125).
- kabi/severities: Ignore kgrshadow* kABI changes
- kvm/x86: fix icebp instruction handling (bsc#1087088).
- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).
- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).
- usbnet: Fix a race between usbnet_stop() and the BH (bsc#1083275).
- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- x86/espfix: Fix return stack in dodoublefault() (bsc#1085279).
- x86/kaiser: properly align trampoline stack (bsc#1087260).
- x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).
- References
-
- https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1/
- https://bugzilla.suse.com/1076537
- https://bugzilla.suse.com/1082299
- https://bugzilla.suse.com/1083125
- https://bugzilla.suse.com/1083242
- https://bugzilla.suse.com/1083275
- https://bugzilla.suse.com/1084536
- https://bugzilla.suse.com/1085279
- https://bugzilla.suse.com/1085331
- https://bugzilla.suse.com/1086162
- https://bugzilla.suse.com/1086194
- https://bugzilla.suse.com/1087088
- https://bugzilla.suse.com/1087260
- https://bugzilla.suse.com/1088147
- https://bugzilla.suse.com/1088260
- https://bugzilla.suse.com/1088261
- https://bugzilla.suse.com/1089608
- https://bugzilla.suse.com/1089752
- https://bugzilla.suse.com/1090643
- https://www.suse.com/security/cve/CVE-2017-0861
- https://www.suse.com/security/cve/CVE-2017-11089
- https://www.suse.com/security/cve/CVE-2017-13220
- https://www.suse.com/security/cve/CVE-2017-18203
- https://www.suse.com/security/cve/CVE-2018-10087
- https://www.suse.com/security/cve/CVE-2018-10124
- https://www.suse.com/security/cve/CVE-2018-1087
- https://www.suse.com/security/cve/CVE-2018-7757
- https://www.suse.com/security/cve/CVE-2018-8781
- https://www.suse.com/security/cve/CVE-2018-8822
- https://www.suse.com/security/cve/CVE-2018-8897
Affected packages
SUSE:OpenStack Cloud 6 / kernel-default
Package
- Name
- kernel-default
- Purl
- purl:rpm/suse/kernel-default&distro=SUSE%20OpenStack%20Cloud%206
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:OpenStack Cloud 6 / kernel-source
Package
- Name
- kernel-source
- Purl
- purl:rpm/suse/kernel-source&distro=SUSE%20OpenStack%20Cloud%206
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:OpenStack Cloud 6 / kernel-syms
Package
- Name
- kernel-syms
- Purl
- purl:rpm/suse/kernel-syms&distro=SUSE%20OpenStack%20Cloud%206
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:OpenStack Cloud 6 / kernel-xen
Package
- Name
- kernel-xen
- Purl
- purl:rpm/suse/kernel-xen&distro=SUSE%20OpenStack%20Cloud%206
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:OpenStack Cloud 6 / kgraft-patch-SLE12-SP1_Update_27
Package
- Name
- kgraft-patch-SLE12-SP1_Update_27
- Purl
- purl:rpm/suse/kgraft-patch-SLE12-SP1_Update_27&distro=SUSE%20OpenStack%20Cloud%206
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1-2.3.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Module for Public Cloud 12 / kernel-ec2
Package
- Name
- kernel-ec2
- Purl
- purl:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2012
SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-default
Package
- Name
- kernel-default
- Purl
- purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-source
Package
- Name
- kernel-source
- Purl
- purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-syms
Package
- Name
- kernel-syms
- Purl
- purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kernel-xen
Package
- Name
- kernel-xen
- Purl
- purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server for SAP Applications 12 SP1 / kgraft-patch-SLE12-SP1_Update_27
Package
- Name
- kgraft-patch-SLE12-SP1_Update_27
- Purl
- purl:rpm/suse/kgraft-patch-SLE12-SP1_Update_27&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1-2.3.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-default
Package
- Name
- kernel-default
- Purl
- purl:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-default-man": "3.12.74-60.64.88.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-source
Package
- Name
- kernel-source
- Purl
- purl:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-default-man": "3.12.74-60.64.88.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-syms
Package
- Name
- kernel-syms
- Purl
- purl:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-default-man": "3.12.74-60.64.88.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP1-LTSS / kernel-xen
Package
- Name
- kernel-xen
- Purl
- purl:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.12.74-60.64.88.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-default-man": "3.12.74-60.64.88.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}
SUSE:Linux Enterprise Server 12 SP1-LTSS / kgraft-patch-SLE12-SP1_Update_27
Package
- Name
- kgraft-patch-SLE12-SP1_Update_27
- Purl
- purl:rpm/suse/kgraft-patch-SLE12-SP1_Update_27&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed1-2.3.1
Ecosystem specific
{
"binaries": [
{
"kernel-macros": "3.12.74-60.64.88.1",
"kernel-devel": "3.12.74-60.64.88.1",
"kernel-default-base": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-default": "1-2.3.1",
"kernel-default-man": "3.12.74-60.64.88.1",
"kernel-xen-devel": "3.12.74-60.64.88.1",
"kernel-xen-base": "3.12.74-60.64.88.1",
"kernel-default": "3.12.74-60.64.88.1",
"kgraft-patch-3_12_74-60_64_88-xen": "1-2.3.1",
"kernel-source": "3.12.74-60.64.88.1",
"kernel-syms": "3.12.74-60.64.88.1",
"kernel-default-devel": "3.12.74-60.64.88.1",
"kernel-xen": "3.12.74-60.64.88.1"
}
]
}