Upstream information
Description
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).SUSE information
Overall state of this security issue: Running
This issue is currently rated as having moderate severity.
National Vulnerability Database | SUSE | |
---|---|---|
Base Score | 6.2 | 6.9 |
Vector | AV:L/AC:H/Au:N/C:C/I:C/A:C | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Access Vector | Local | Local |
Access Complexity | High | Medium |
Authentication | None | None |
Confidentiality Impact | Complete | Complete |
Integrity Impact | Complete | Complete |
Availability Impact | Complete | Complete |
National Vulnerability Database | SUSE | |
---|---|---|
Base Score | 7.4 | 8.4 |
Vector | CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H | CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Access Vector | Local | Local |
Access Complexity | High | Low |
Privileges Required | None | None |
User Interaction | None | None |
Scope | Unchanged | Unchanged |
Confidentiality Impact | High | High |
Integrity Impact | High | High |
Availability Impact | High | High |
CVSSv3 Version | 3 | 3 |
- SUSE-SU-2017:1613-1, published Mon, 19 Jun 2017 21:11:54 +0200 (CEST)
- SUSE-SU-2017:1615-1, published Mon, 19 Jun 2017 21:13:29 +0200 (CEST)
- SUSE-SU-2017:1617-1, published Mon Jun 19 13:14:45 MDT 2017
- SUSE-SU-2017:1618-1, published Mon, 19 Jun 2017 21:15:28 +0200 (CEST)
- SUSE-SU-2017:1628-1, published Wed, 21 Jun 2017 00:09:16 +0200 (CEST)
- SUSE-SU-2017:1903-1, published Thu, 20 Jul 2017 15:10:06 +0200 (CEST)
- SUSE-SU-2017:1904-1, published Thu, 20 Jul 2017 15:11:21 +0200 (CEST)
- SUSE-SU-2017:1905-1, published Thu, 20 Jul 2017 15:11:49 +0200 (CEST)
- SUSE-SU-2017:1906-1, published Thu, 20 Jul 2017 15:13:39 +0200 (CEST)
- SUSE-SU-2017:1907-1, published Thu, 20 Jul 2017 18:11:31 +0200 (CEST)
- SUSE-SU-2017:1908-1, published Thu, 20 Jul 2017 18:13:43 +0200 (CEST)
- SUSE-SU-2017:1909-1, published Thu, 20 Jul 2017 21:10:49 +0200 (CEST)
- SUSE-SU-2017:1910-1, published Thu, 20 Jul 2017 21:12:25 +0200 (CEST)
- SUSE-SU-2017:1911-1, published Thu Jul 20 13:14:10 MDT 2017
- SUSE-SU-2017:1912-1, published Thu, 20 Jul 2017 21:14:55 +0200 (CEST)
- SUSE-SU-2017:1913-1, published Thu, 20 Jul 2017 21:15:55 +0200 (CEST)
- SUSE-SU-2017:1914-1, published Thu, 20 Jul 2017 21:17:17 +0200 (CEST)
- SUSE-SU-2017:1915-1, published Thu, 20 Jul 2017 21:18:19 +0200 (CEST)
- SUSE-SU-2017:1922-1, published Fri, 21 Jul 2017 15:10:21 +0200 (CEST)
- SUSE-SU-2017:1923-1, published Fri, 21 Jul 2017 15:11:21 +0200 (CEST)
- SUSE-SU-2017:1924-1, published Fri, 21 Jul 2017 15:12:33 +0200 (CEST)
- SUSE-SU-2017:1925-1, published Fri, 21 Jul 2017 15:13:20 +0200 (CEST)
- SUSE-SU-2017:1937-1, published Mon, 24 Jul 2017 21:10:37 +0200 (CEST)
- SUSE-SU-2017:1939-1, published Mon, 24 Jul 2017 21:12:09 +0200 (CEST)
- SUSE-SU-2017:1941-1, published Mon, 24 Jul 2017 21:13:55 +0200 (CEST)
- SUSE-SU-2017:1942-1, published Mon Jul 24 13:14:41 MDT 2017
- SUSE-SU-2017:1943-1, published Mon, 24 Jul 2017 21:16:00 +0200 (CEST)
- SUSE-SU-2017:1944-1, published Mon, 24 Jul 2017 21:16:27 +0200 (CEST)
- SUSE-SU-2017:1945-1, published Mon, 24 Jul 2017 21:17:05 +0200 (CEST)
- SUSE-SU-2017:1946-1, published Mon, 24 Jul 2017 21:17:42 +0200 (CEST)
- SUSE-SU-2017:1990-1, published Fri, 28 Jul 2017 15:10:24 +0200 (CEST)
- SUSE-SU-2017:2342-1, published Mon, 4 Sep 2017 21:11:06 +0200 (CEST)
- TID7020973, published Sa 3. Mär 12:02:12 CET 2018
- TID7021086, published Sa 3. Mär 12:02:05 CET 2018
- openSUSE-SU-2017:1633-1, published Wed, 21 Jun 2017 12:12:06 +0200 (CEST)
- openSUSE-SU-2017:1685-1, published Mon, 26 Jun 2017 15:18:09 +0200 (CEST)
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
Openstack Cloud Magnum Orchestration 7 |
| Patchnames: SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1058 SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-994 |
SUSE Linux Enterprise Build System Kit 12 SP2 |
| Patchnames: SUSE-SLE-BSK-12-SP2-2017-1058 SUSE-SLE-BSK-12-SP2-2017-994 |
SUSE Linux Enterprise Desktop 12 SP2 |
| Patchnames: SUSE-SLE-DESKTOP-12-SP2-2017-1058 SUSE-SLE-DESKTOP-12-SP2-2017-994 |
SUSE Linux Enterprise Desktop 12 SP3 |
| |
SUSE Linux Enterprise High Availability 12 SP2 |
| Patchnames: SUSE-SLE-HA-12-SP2-2017-1058 SUSE-SLE-HA-12-SP2-2017-994 |
SUSE Linux Enterprise High Availability 12 SP3 |
| |
SUSE Linux Enterprise Live Patching 12 |
| Patchnames: SUSE-SLE-Live-Patching-12-2017-1058 SUSE-SLE-Live-Patching-12-2017-1180 SUSE-SLE-Live-Patching-12-2017-1181 SUSE-SLE-Live-Patching-12-2017-1182 SUSE-SLE-Live-Patching-12-2017-1183 SUSE-SLE-Live-Patching-12-2017-1184 SUSE-SLE-Live-Patching-12-2017-1185 SUSE-SLE-Live-Patching-12-2017-1186 SUSE-SLE-Live-Patching-12-2017-1196 SUSE-SLE-Live-Patching-12-2017-1197 SUSE-SLE-Live-Patching-12-2017-994 |
SUSE Linux Enterprise Module for Public Cloud 12 |
| Patchnames: SUSE-SLE-Module-Public-Cloud-12-2017-1050 SUSE-SLE-Module-Public-Cloud-12-2017-1077 SUSE-SLE-Module-Public-Cloud-12-2017-995 SUSE-SLE-Module-Public-Cloud-12-2017-996 |
SUSE Linux Enterprise Point of Sale 11 SP3 |
| Patchnames: sleposp3-kernel-13156 sleposp3-kernel-13178 |
SUSE Linux Enterprise Real Time Extension 11 SP4 |
| Patchnames: slertesp4-kernel-rt-13262 |
SUSE Linux Enterprise Real Time Extension 12 SP2 |
| Patchnames: SUSE-SLE-RT-12-SP2-2017-1231 |
SUSE Linux Enterprise Server 11 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 11 SP3-LTSS |
| Patchnames: slessp3-kernel-13156 slessp3-kernel-13178 |
SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 |
| Patchnames: slessp4-kernel-13160 slessp4-kernel-source-13172 |
SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS |
| Patchnames: SUSE-SLE-SERVER-12-SP1-2017-1050 SUSE-SLE-SERVER-12-SP1-2017-1187 SUSE-SLE-SERVER-12-SP1-2017-1189 SUSE-SLE-SERVER-12-SP1-2017-1190 SUSE-SLE-SERVER-12-SP1-2017-1207 SUSE-SLE-SERVER-12-SP1-2017-1208 SUSE-SLE-SERVER-12-SP1-2017-1209 SUSE-SLE-SERVER-12-SP1-2017-1210 SUSE-SLE-SERVER-12-SP1-2017-1211 SUSE-SLE-SERVER-12-SP1-2017-1212 SUSE-SLE-SERVER-12-SP1-2017-996 |
SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 |
| Patchnames: SUSE-SLE-SERVER-12-SP2-2017-1058 SUSE-SLE-SERVER-12-SP2-2017-994 |
SUSE Linux Enterprise Server 12 SP3 |
| |
SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Server for SAP Applications 12-LTSS |
| Patchnames: SUSE-SLE-SERVER-12-2017-1077 SUSE-SLE-SERVER-12-2017-1178 SUSE-SLE-SERVER-12-2017-1179 SUSE-SLE-SERVER-12-2017-1188 SUSE-SLE-SERVER-12-2017-1194 SUSE-SLE-SERVER-12-2017-1195 SUSE-SLE-SERVER-12-2017-1205 SUSE-SLE-SERVER-12-2017-1206 SUSE-SLE-SERVER-12-2017-995 |
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 |
| Patchnames: SUSE-SLE-RPI-12-SP2-2017-1058 SUSE-SLE-RPI-12-SP2-2017-994 |
SUSE Linux Enterprise Server for SAP Applications 12 SP1 |
| Patchnames: SUSE-SLE-SAP-12-SP1-2017-1050 SUSE-SLE-SAP-12-SP1-2017-1187 SUSE-SLE-SAP-12-SP1-2017-1189 SUSE-SLE-SAP-12-SP1-2017-1190 SUSE-SLE-SAP-12-SP1-2017-1207 SUSE-SLE-SAP-12-SP1-2017-1208 SUSE-SLE-SAP-12-SP1-2017-1209 SUSE-SLE-SAP-12-SP1-2017-1210 SUSE-SLE-SAP-12-SP1-2017-1211 SUSE-SLE-SAP-12-SP1-2017-1212 SUSE-SLE-SAP-12-SP1-2017-996 |
SUSE Linux Enterprise Server for SAP Applications 12 |
| Patchnames: SUSE-SLE-SAP-12-2017-1077 SUSE-SLE-SAP-12-2017-1178 SUSE-SLE-SAP-12-2017-1179 SUSE-SLE-SAP-12-2017-1188 SUSE-SLE-SAP-12-2017-1194 SUSE-SLE-SAP-12-2017-1195 SUSE-SLE-SAP-12-2017-1205 SUSE-SLE-SAP-12-2017-1206 SUSE-SLE-SAP-12-2017-995 |
SUSE Linux Enterprise Software Development Kit 11 SP4 |
| Patchnames: sdksp4-kernel-13160 sdksp4-kernel-source-13172 |
SUSE Linux Enterprise Software Development Kit 12 SP2 |
| Patchnames: SUSE-SLE-SDK-12-SP2-2017-1058 SUSE-SLE-SDK-12-SP2-2017-994 |
SUSE Linux Enterprise Software Development Kit 12 SP3 |
| |
SUSE Linux Enterprise Workstation Extension 12 SP2 |
| Patchnames: SUSE-SLE-WE-12-SP2-2017-1058 SUSE-SLE-WE-12-SP2-2017-994 |
SUSE Linux Enterprise Workstation Extension 12 SP3 |
| |
SUSE OpenStack Cloud 6 |
| Patchnames: SUSE-OpenStack-Cloud-6-2017-1050 SUSE-OpenStack-Cloud-6-2017-996 |
openSUSE Leap 42.2 |
| Patchnames: openSUSE-2017-716 openSUSE-2017-734 |
openSUSE Leap 42.3 |
| Patchnames: openSUSE Leap 42.3 GA kernel-default |
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.
Product(s) | Source package | State |
---|---|---|
SUSE Linux Enterprise Desktop 12 SP1 | kernel-default | Unsupported |
SUSE Linux Enterprise Desktop 12 SP1 | kernel-source | Unsupported |
SUSE Linux Enterprise Desktop 12 SP2 | kernel-default | Released |
SUSE Linux Enterprise Desktop 12 SP2 | kernel-source | Released |
SUSE Linux Enterprise Desktop 12 SP3 | kernel-default | Released |
SUSE Linux Enterprise Desktop 12 SP3 | kernel-source | Released |
SUSE Linux Enterprise Live Patching | kgraft-patch-SLE12-SP2_Update_0 | Released |
SUSE Linux Enterprise Server 11 SP3 LTSS | kernel-default | Released |
SUSE Linux Enterprise Server 11 SP3 LTSS | kernel-source | Released |
SUSE Linux Enterprise Server 11 SP4 | kernel-default | Released |
SUSE Linux Enterprise Server 11 SP4 | kernel-source | Released |
SUSE Linux Enterprise Server 12 LTSS | kernel-default | Released |
SUSE Linux Enterprise Server 12 LTSS | kernel-source | Released |
SUSE Linux Enterprise Server 12 SP1 | kernel-default | Unsupported |
SUSE Linux Enterprise Server 12 SP1 | kernel-source | Unsupported |
SUSE Linux Enterprise Server 12 SP1 LTSS | kernel-default | Released |
SUSE Linux Enterprise Server 12 SP1 LTSS | kernel-source | Released |
SUSE Linux Enterprise Server 12 SP2 | kernel-default | Released |
SUSE Linux Enterprise Server 12 SP2 | kernel-source | Released |
SUSE Linux Enterprise Server 12 SP3 | kernel-default | Released |
SUSE Linux Enterprise Server 12 SP3 | kernel-source | Released |
SUSE Linux Enterprise Server for SAP Applications 12 SP3 | kernel-default | Released |
SUSE Linux Enterprise Server for SAP Applications 12 SP3 | kernel-source | Released |
SUSE Linux Enterprise Server for the Raspberry Pi | kernel-default | Released |
SUSE Linux Enterprise Server for the Raspberry Pi | kernel-source | Released |