Security update for the Linux Kernel
| Announcement ID: | SUSE-SU-2018:1761-1 |
| Rating: | important |
| References: | #1038553 #1046610 #1079152 #1082962 #1083382 #1083900 #1087007 #1087012 #1087082 #1087086 #1087095 #1092813 #1092904 #1094033 #1094353 #1094823 #1096140 #1096242 #1096281 #1096480 #1096728 #1097356 |
| Affected Products: |
An update that solves 10 vulnerabilities and has 12 fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive
various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-3665: Prevent disclosure of FPU registers (including XMM and
AVX registers) between processes. These registers might contain
encryption keys when doing SSE accelerated AES enc/decryption
(bsc#1087086)
- CVE-2018-5848: In the function wmi_set_ie(), the length validation code
did not handle unsigned integer overflow properly. As a result, a large
value of the 'ie_len' argument could have caused a buffer overflow
(bnc#1097356)
- CVE-2018-1000204: Prevent infoleak caused by incorrect handling of the
SG_IO ioctl (bsc#1096728)
- CVE-2017-13305: Prevent information disclosure vulnerability in
encrypted-keys (bsc#1094353)
- CVE-2018-1094: The ext4_fill_super function did not always initialize
the crc32c checksum driver, which allowed attackers to cause a denial of
service (ext4_xattr_inode_hash NULL pointer dereference and system
crash) via a crafted ext4 image (bsc#1087007).
- CVE-2018-1093: The ext4_valid_block_bitmap function allowed attackers to
cause a denial of service (out-of-bounds read and system crash) via a
crafted ext4 image because balloc.c and ialloc.c do not validate bitmap
block numbers (bsc#1087095).
- CVE-2018-1092: The ext4_iget function mishandled the case of a root
directory with a zero i_links_count, which allowed attackers to cause a
denial of service (ext4_process_freed_data NULL pointer dereference and
OOPS) via a crafted ext4 image (bsc#1087012).
- CVE-2018-1130: NULL pointer dereference in dccp_write_xmit() function
that allowed a local user to cause a denial of service by a number of
certain crafted system calls (bsc#1092904)
- CVE-2018-5803: Prevent error in the "_sctp_make_chunk()" function when
handling SCTP packets length that could have been exploited to cause a
kernel crash (bnc#1083900)
- CVE-2018-7492: Prevent NULL pointer dereference in the net/rds/rdma.c
__rds_rdma_map() function that allowed local attackers to cause a system
panic and a denial-of-service, related to RDS_GET_MR and
RDS_GET_MR_FOR_DEST (bsc#1082962)
The following non-security bugs were fixed:
- Btrfs: fix unexpected balance crash due to BUG_ON (bsc#1038553).
- Fix excessive newline in /proc/*/status (bsc#1094823).
- KVM: x86: Sync back MSR_IA32_SPEC_CTRL to VCPU data structure
(bsc#1096242, bsc#1096281).
- dm thin metadata: call precommit before saving the roots (bsc#1083382).
- dm thin: fix inability to discard blocks when in out-of-data-space mode
(bsc#1083382).
- dm thin: fix missing out-of-data-space to write mode transition if
blocks are released (bsc#1083382).
- dm thin: restore requested 'error_if_no_space' setting on OODS to WRITE
transition (bsc#1083382).
- dm: fix various targets to dm_register_target after module __init
resources created (bsc#1083382).
- kABI: work around BPF SSBD removal (bsc#1087082).
- kgraft/bnx2fc: Do not block kGraft in bnx2fc_l2_rcv kthread
(bsc#1094033).
- mm, page_alloc: do not break __GFP_THISNODE by zonelist reset
(bsc#1079152).
- usbip: usbip_host: fix NULL-ptr deref and use-after-free errors
(bsc#1096480).
- usbip: usbip_host: fix bad unlock balance during stub_probe()
(bsc#1096480).
- x86/boot: Fix early command-line parsing when matching at end
(bsc#1096281).
- x86/boot: Fix early command-line parsing when partial word matches
(bsc#1096281).
- x86/bugs: spec_ctrl must be cleared from cpu_caps_set when being
disabled (bsc#1096140).
- x86/kaiser: export symbol kaiser_set_shadow_pgd() (bsc#1092813)
- xen-netfront: fix req_prod check to avoid RX hang when index wraps
(bsc#1046610).
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Server for SAP 12-SP1:
zypper in -t patch SUSE-SLE-SAP-12-SP1-2018-1183=1 - SUSE Linux Enterprise Server 12-SP1-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP1-2018-1183=1 - SUSE Linux Enterprise Module for Public Cloud 12:
zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2018-1183=1
Package List:
- SUSE Linux Enterprise Server for SAP 12-SP1 (ppc64le x86_64):
- kernel-default-3.12.74-60.64.96.1
- kernel-default-base-3.12.74-60.64.96.1
- kernel-default-base-debuginfo-3.12.74-60.64.96.1
- kernel-default-debuginfo-3.12.74-60.64.96.1
- kernel-default-debugsource-3.12.74-60.64.96.1
- kernel-default-devel-3.12.74-60.64.96.1
- kernel-syms-3.12.74-60.64.96.1
- SUSE Linux Enterprise Server for SAP 12-SP1 (noarch):
- kernel-devel-3.12.74-60.64.96.1
- kernel-macros-3.12.74-60.64.96.1
- kernel-source-3.12.74-60.64.96.1
- SUSE Linux Enterprise Server for SAP 12-SP1 (x86_64):
- kernel-xen-3.12.74-60.64.96.1
- kernel-xen-base-3.12.74-60.64.96.1
- kernel-xen-base-debuginfo-3.12.74-60.64.96.1
- kernel-xen-debuginfo-3.12.74-60.64.96.1
- kernel-xen-debugsource-3.12.74-60.64.96.1
- kernel-xen-devel-3.12.74-60.64.96.1
- kgraft-patch-3_12_74-60_64_96-default-1-2.3.1
- kgraft-patch-3_12_74-60_64_96-xen-1-2.3.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (ppc64le s390x x86_64):
- kernel-default-3.12.74-60.64.96.1
- kernel-default-base-3.12.74-60.64.96.1
- kernel-default-base-debuginfo-3.12.74-60.64.96.1
- kernel-default-debuginfo-3.12.74-60.64.96.1
- kernel-default-debugsource-3.12.74-60.64.96.1
- kernel-default-devel-3.12.74-60.64.96.1
- kernel-syms-3.12.74-60.64.96.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (noarch):
- kernel-devel-3.12.74-60.64.96.1
- kernel-macros-3.12.74-60.64.96.1
- kernel-source-3.12.74-60.64.96.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (x86_64):
- kernel-xen-3.12.74-60.64.96.1
- kernel-xen-base-3.12.74-60.64.96.1
- kernel-xen-base-debuginfo-3.12.74-60.64.96.1
- kernel-xen-debuginfo-3.12.74-60.64.96.1
- kernel-xen-debugsource-3.12.74-60.64.96.1
- kernel-xen-devel-3.12.74-60.64.96.1
- kgraft-patch-3_12_74-60_64_96-default-1-2.3.1
- kgraft-patch-3_12_74-60_64_96-xen-1-2.3.1
- SUSE Linux Enterprise Server 12-SP1-LTSS (s390x):
- kernel-default-man-3.12.74-60.64.96.1
- SUSE Linux Enterprise Module for Public Cloud 12 (x86_64):
- kernel-ec2-3.12.74-60.64.96.1
- kernel-ec2-debuginfo-3.12.74-60.64.96.1
- kernel-ec2-debugsource-3.12.74-60.64.96.1
- kernel-ec2-devel-3.12.74-60.64.96.1
- kernel-ec2-extra-3.12.74-60.64.96.1
- kernel-ec2-extra-debuginfo-3.12.74-60.64.96.1
References:
- https://www.suse.com/security/cve/CVE-2017-13305.html
- https://www.suse.com/security/cve/CVE-2018-1000204.html
- https://www.suse.com/security/cve/CVE-2018-1092.html
- https://www.suse.com/security/cve/CVE-2018-1093.html
- https://www.suse.com/security/cve/CVE-2018-1094.html
- https://www.suse.com/security/cve/CVE-2018-1130.html
- https://www.suse.com/security/cve/CVE-2018-3665.html
- https://www.suse.com/security/cve/CVE-2018-5803.html
- https://www.suse.com/security/cve/CVE-2018-5848.html
- https://www.suse.com/security/cve/CVE-2018-7492.html
- https://bugzilla.suse.com/1038553
- https://bugzilla.suse.com/1046610
- https://bugzilla.suse.com/1079152
- https://bugzilla.suse.com/1082962
- https://bugzilla.suse.com/1083382
- https://bugzilla.suse.com/1083900
- https://bugzilla.suse.com/1087007
- https://bugzilla.suse.com/1087012
- https://bugzilla.suse.com/1087082
- https://bugzilla.suse.com/1087086
- https://bugzilla.suse.com/1087095
- https://bugzilla.suse.com/1092813
- https://bugzilla.suse.com/1092904
- https://bugzilla.suse.com/1094033
- https://bugzilla.suse.com/1094353
- https://bugzilla.suse.com/1094823
- https://bugzilla.suse.com/1096140
- https://bugzilla.suse.com/1096242
- https://bugzilla.suse.com/1096281
- https://bugzilla.suse.com/1096480
- https://bugzilla.suse.com/1096728
- https://bugzilla.suse.com/1097356