Upstream information

CVE-2014-3534 at MITRE

Description

arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACE_POKEUSR_AREA requests, which allows local users to obtain read and write access to kernel memory locations, and consequently gain privileges, via a crafted application that makes a ptrace system call.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having important severity.

CVSS v2 Scores
  National Vulnerability Database
Base Score 7.2
Vector AV:L/AC:L/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Low
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 885460 [CLOSED / FIXED]

No SUSE Security Announcements cross referenced.

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • kernel-default >= 3.12.28-4.6
  • kernel-default-devel >= 3.12.28-4.6
  • kernel-default-extra >= 3.12.28-4.6
  • kernel-devel >= 3.12.28-4.6
  • kernel-macros >= 3.12.28-4.6
  • kernel-source >= 3.12.28-4.6
  • kernel-syms >= 3.12.28-4.6
  • kernel-xen >= 3.12.28-4.6
  • kernel-xen-devel >= 3.12.28-4.6
Patchnames:
SUSE Linux Enterprise Desktop 12 GA kernel-default
SUSE Linux Enterprise Desktop 12 SP1
  • kernel-default >= 3.12.49-11.1
  • kernel-default-devel >= 3.12.49-11.1
  • kernel-default-extra >= 3.12.49-11.1
  • kernel-devel >= 3.12.49-11.1
  • kernel-macros >= 3.12.49-11.1
  • kernel-source >= 3.12.49-11.1
  • kernel-syms >= 3.12.49-11.1
  • kernel-xen >= 3.12.49-11.1
  • kernel-xen-devel >= 3.12.49-11.1
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA kernel-default
SUSE Linux Enterprise Server 12
  • kernel-default >= 3.12.28-4.6
  • kernel-default-base >= 3.12.28-4.6
  • kernel-default-devel >= 3.12.28-4.6
  • kernel-default-man >= 3.12.28-4.6
  • kernel-devel >= 3.12.28-4.6
  • kernel-macros >= 3.12.28-4.6
  • kernel-source >= 3.12.28-4.6
  • kernel-syms >= 3.12.28-4.6
  • kernel-xen >= 3.12.28-4.6
  • kernel-xen-base >= 3.12.28-4.6
  • kernel-xen-devel >= 3.12.28-4.6
Patchnames:
SUSE Linux Enterprise Server 12 GA kernel-default
SUSE Linux Enterprise Server 12 SP1
  • kernel-default >= 3.12.49-11.1
  • kernel-default-base >= 3.12.49-11.1
  • kernel-default-devel >= 3.12.49-11.1
  • kernel-default-man >= 3.12.49-11.1
  • kernel-devel >= 3.12.49-11.1
  • kernel-macros >= 3.12.49-11.1
  • kernel-source >= 3.12.49-11.1
  • kernel-syms >= 3.12.49-11.1
  • kernel-xen >= 3.12.49-11.1
  • kernel-xen-base >= 3.12.49-11.1
  • kernel-xen-devel >= 3.12.49-11.1
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA kernel-default
SUSE Linux Enterprise Software Development Kit 12
  • kernel-docs >= 3.12.28-4.6
  • kernel-obs-build >= 3.12.28-4.3
  • kernel-zfcpdump >= 3.12.28-4.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA kernel-docs
SUSE Linux Enterprise Software Development Kit 12 SP1
  • kernel-docs >= 3.12.49-11.1
  • kernel-obs-build >= 3.12.49-11.2
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA kernel-docs
SUSE Linux Enterprise Workstation Extension 12
  • kernel-default-extra >= 3.12.28-4.6
Patchnames:
SUSE Linux Enterprise Workstation Extension 12 GA kernel-default-extra
SUSE Linux Enterprise Workstation Extension 12 SP1
  • kernel-default-extra >= 3.12.49-11.1
Patchnames:
SUSE Linux Enterprise Workstation Extension 12 SP1 GA kernel-default-extra