CVE-2019-11190

Upstream information

CVE-2019-11190 at MITRE

Description

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.

SUSE information

SUSE Bugzilla entries: 1131543 [RESOLVED / WORKSFORME], 1132374 [RESOLVED / WONTFIX], 1132472 [RESOLVED / FIXED]

SUSE Security Advisories:

SUSE-SU-2019:14089-1, published Tue Jun 18 10:45:00 MDT 2019
SUSE-SU-2019:1527-1, published Mon Jun 17 18:15:53 MDT 2019
SUSE-SU-2019:1532-1, published Mon Jun 17 18:03:51 MDT 2019
SUSE-SU-2019:1533-1, published Mon Jun 17 18:00:54 MDT 2019
SUSE-SU-2019:1534-1, published Mon Jun 17 18:49:23 MDT 2019
SUSE-SU-2019:1692-1, published Mon Jun 24 16:10:47 MDT 2019
openSUSE-SU-2019:1570-1, published Tue, 18 Jun 2019 15:12:50 +0200 (CEST)

List of released packages

Product(s)	Fixed package version(s)	References
SUSE CaaS Platform 3.0	`kernel-default >= 4.4.180-94.97.1`	Patchnames: SUSE-CAASP-3.0-2019-1532
SUSE Enterprise Storage 4	`kernel-default >= 4.4.121-92.114.1` `kernel-default-base >= 4.4.121-92.114.1` `kernel-default-devel >= 4.4.121-92.114.1` `kernel-devel >= 4.4.121-92.114.1` `kernel-macros >= 4.4.121-92.114.1` `kernel-source >= 4.4.121-92.114.1` `kernel-syms >= 4.4.121-92.114.1` `kgraft-patch-4_4_121-92_114-default >= 1-3.5.1`	Patchnames: SUSE-Storage-4-2019-1534
SUSE Linux Enterprise Desktop 12 SP3	`kernel-default >= 4.4.180-94.97.1` `kernel-default-devel >= 4.4.180-94.97.1` `kernel-default-extra >= 4.4.180-94.97.1` `kernel-devel >= 4.4.180-94.97.1` `kernel-macros >= 4.4.180-94.97.1` `kernel-source >= 4.4.180-94.97.1` `kernel-syms >= 4.4.180-94.97.1`	Patchnames: SUSE-SLE-DESKTOP-12-SP3-2019-1532
SUSE Linux Enterprise High Availability 12 SP2	`cluster-md-kmp-default >= 4.4.121-92.114.1` `cluster-network-kmp-default >= 4.4.121-92.114.1` `dlm-kmp-default >= 4.4.121-92.114.1` `gfs2-kmp-default >= 4.4.121-92.114.1` `ocfs2-kmp-default >= 4.4.121-92.114.1`	Patchnames: SUSE-SLE-HA-12-SP2-2019-1534
SUSE Linux Enterprise High Availability 12 SP3	`cluster-md-kmp-default >= 4.4.180-94.97.1` `dlm-kmp-default >= 4.4.180-94.97.1` `gfs2-kmp-default >= 4.4.180-94.97.1` `ocfs2-kmp-default >= 4.4.180-94.97.1`	Patchnames: SUSE-SLE-HA-12-SP3-2019-1532
SUSE Linux Enterprise Live Patching 12 SP3	`kgraft-patch-4_4_180-94_97-default >= 1-4.3.3`	Patchnames: SUSE-SLE-Live-Patching-12-SP3-2019-1532
SUSE Linux Enterprise Module for Public Cloud 12	`kernel-ec2 >= 3.12.74-60.64.115.1` `kernel-ec2-devel >= 3.12.74-60.64.115.1` `kernel-ec2-extra >= 3.12.74-60.64.115.1`	Patchnames: SUSE-SLE-Module-Public-Cloud-12-2019-1533 SUSE-SLE-Module-Public-Cloud-12-2019-1692
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT	`kernel-default >= 4.4.121-92.114.1` `kernel-default-base >= 4.4.121-92.114.1` `kernel-default-devel >= 4.4.121-92.114.1` `kernel-devel >= 4.4.121-92.114.1` `kernel-macros >= 4.4.121-92.114.1` `kernel-source >= 4.4.121-92.114.1` `kernel-syms >= 4.4.121-92.114.1` `kgraft-patch-4_4_121-92_114-default >= 1-3.5.1`	Patchnames: SUSE-SLE-POS-12-SP2-CLIENT-2019-1534
SUSE Linux Enterprise Server 11 SP4-LTSS	`kernel-bigmem >= 3.0.101-108.95.2` `kernel-bigmem-base >= 3.0.101-108.95.2` `kernel-bigmem-devel >= 3.0.101-108.95.2` `kernel-default >= 3.0.101-108.95.2` `kernel-default-base >= 3.0.101-108.95.2` `kernel-default-devel >= 3.0.101-108.95.2` `kernel-default-man >= 3.0.101-108.95.2` `kernel-ec2 >= 3.0.101-108.95.2` `kernel-ec2-base >= 3.0.101-108.95.2` `kernel-ec2-devel >= 3.0.101-108.95.2` `kernel-pae >= 3.0.101-108.95.2` `kernel-pae-base >= 3.0.101-108.95.2` `kernel-pae-devel >= 3.0.101-108.95.2` `kernel-ppc64 >= 3.0.101-108.95.2` `kernel-ppc64-base >= 3.0.101-108.95.2` `kernel-ppc64-devel >= 3.0.101-108.95.2` `kernel-source >= 3.0.101-108.95.1` `kernel-syms >= 3.0.101-108.95.1` `kernel-trace >= 3.0.101-108.95.2` `kernel-trace-base >= 3.0.101-108.95.2` `kernel-trace-devel >= 3.0.101-108.95.2` `kernel-xen >= 3.0.101-108.95.2` `kernel-xen-base >= 3.0.101-108.95.2` `kernel-xen-devel >= 3.0.101-108.95.2`	Patchnames: slessp4-kernel-source-14089
SUSE Linux Enterprise Server 12 SP1-LTSS	`kernel-default >= 3.12.74-60.64.115.1` `kernel-default-base >= 3.12.74-60.64.115.1` `kernel-default-devel >= 3.12.74-60.64.115.1` `kernel-default-man >= 3.12.74-60.64.115.1` `kernel-devel >= 3.12.74-60.64.115.1` `kernel-macros >= 3.12.74-60.64.115.1` `kernel-source >= 3.12.74-60.64.115.1` `kernel-syms >= 3.12.74-60.64.115.1` `kernel-xen >= 3.12.74-60.64.115.1` `kernel-xen-base >= 3.12.74-60.64.115.1` `kernel-xen-devel >= 3.12.74-60.64.115.1` `kgraft-patch-3_12_74-60_64_115-default >= 1-2.5.1` `kgraft-patch-3_12_74-60_64_115-xen >= 1-2.5.1`	Patchnames: SUSE-SLE-SERVER-12-SP1-2019-1533
SUSE Linux Enterprise Server 12 SP2-BCL	`kernel-default >= 4.4.121-92.114.1` `kernel-default-base >= 4.4.121-92.114.1` `kernel-default-devel >= 4.4.121-92.114.1` `kernel-devel >= 4.4.121-92.114.1` `kernel-macros >= 4.4.121-92.114.1` `kernel-source >= 4.4.121-92.114.1` `kernel-syms >= 4.4.121-92.114.1`	Patchnames: SUSE-SLE-SERVER-12-SP2-BCL-2019-1534
SUSE Linux Enterprise Server 12 SP2-ESPOS	`kernel-default >= 4.4.121-92.114.1` `kernel-default-base >= 4.4.121-92.114.1` `kernel-default-devel >= 4.4.121-92.114.1` `kernel-devel >= 4.4.121-92.114.1` `kernel-macros >= 4.4.121-92.114.1` `kernel-source >= 4.4.121-92.114.1` `kernel-syms >= 4.4.121-92.114.1` `kgraft-patch-4_4_121-92_114-default >= 1-3.5.1`	Patchnames: SUSE-SLE-SERVER-12-SP2-ESPOS-2019-1534
SUSE Linux Enterprise Server 12 SP2-LTSS	`kernel-default >= 4.4.121-92.114.1` `kernel-default-base >= 4.4.121-92.114.1` `kernel-default-devel >= 4.4.121-92.114.1` `kernel-default-man >= 4.4.121-92.114.1` `kernel-devel >= 4.4.121-92.114.1` `kernel-macros >= 4.4.121-92.114.1` `kernel-source >= 4.4.121-92.114.1` `kernel-syms >= 4.4.121-92.114.1` `kgraft-patch-4_4_121-92_114-default >= 1-3.5.1`	Patchnames: SUSE-SLE-SERVER-12-SP2-2019-1534
SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3	`kernel-azure >= 4.4.180-4.31.1` `kernel-azure-base >= 4.4.180-4.31.1` `kernel-azure-devel >= 4.4.180-4.31.1` `kernel-default >= 4.4.180-94.97.1` `kernel-default-base >= 4.4.180-94.97.1` `kernel-default-devel >= 4.4.180-94.97.1` `kernel-default-man >= 4.4.180-94.97.1` `kernel-devel >= 4.4.180-94.97.1` `kernel-devel-azure >= 4.4.180-4.31.1` `kernel-macros >= 4.4.180-94.97.1` `kernel-source >= 4.4.180-94.97.1` `kernel-source-azure >= 4.4.180-4.31.1` `kernel-syms >= 4.4.180-94.97.1` `kernel-syms-azure >= 4.4.180-4.31.1`	Patchnames: SUSE-SLE-SERVER-12-SP3-2019-1527 SUSE-SLE-SERVER-12-SP3-2019-1532
SUSE Linux Enterprise Server 12-LTSS	`kernel-default >= 3.12.61-52.154.1` `kernel-default-base >= 3.12.61-52.154.1` `kernel-default-devel >= 3.12.61-52.154.1` `kernel-default-man >= 3.12.61-52.154.1` `kernel-devel >= 3.12.61-52.154.1` `kernel-macros >= 3.12.61-52.154.1` `kernel-source >= 3.12.61-52.154.1` `kernel-syms >= 3.12.61-52.154.1` `kernel-xen >= 3.12.61-52.154.1` `kernel-xen-base >= 3.12.61-52.154.1` `kernel-xen-devel >= 3.12.61-52.154.1` `kgraft-patch-3_12_61-52_154-default >= 1-1.5.1` `kgraft-patch-3_12_61-52_154-xen >= 1-1.5.1`	Patchnames: SUSE-SLE-SERVER-12-2019-1692
SUSE Linux Enterprise Server for SAP Applications 12 SP1	`kernel-default >= 3.12.74-60.64.115.1` `kernel-default-base >= 3.12.74-60.64.115.1` `kernel-default-devel >= 3.12.74-60.64.115.1` `kernel-devel >= 3.12.74-60.64.115.1` `kernel-macros >= 3.12.74-60.64.115.1` `kernel-source >= 3.12.74-60.64.115.1` `kernel-syms >= 3.12.74-60.64.115.1` `kernel-xen >= 3.12.74-60.64.115.1` `kernel-xen-base >= 3.12.74-60.64.115.1` `kernel-xen-devel >= 3.12.74-60.64.115.1` `kgraft-patch-3_12_74-60_64_115-default >= 1-2.5.1` `kgraft-patch-3_12_74-60_64_115-xen >= 1-2.5.1`	Patchnames: SUSE-SLE-SAP-12-SP1-2019-1533
SUSE Linux Enterprise Server for SAP Applications 12 SP2	`kernel-default >= 4.4.121-92.114.1` `kernel-default-base >= 4.4.121-92.114.1` `kernel-default-devel >= 4.4.121-92.114.1` `kernel-devel >= 4.4.121-92.114.1` `kernel-macros >= 4.4.121-92.114.1` `kernel-source >= 4.4.121-92.114.1` `kernel-syms >= 4.4.121-92.114.1` `kgraft-patch-4_4_121-92_114-default >= 1-3.5.1`	Patchnames: SUSE-SLE-SAP-12-SP2-2019-1534
SUSE Linux Enterprise Software Development Kit 12 SP3	`kernel-docs >= 4.4.180-94.97.1` `kernel-obs-build >= 4.4.180-94.97.1`	Patchnames: SUSE-SLE-SDK-12-SP3-2019-1532
SUSE Linux Enterprise Workstation Extension 12 SP3	`kernel-default-extra >= 4.4.180-94.97.1`	Patchnames: SUSE-SLE-WE-12-SP3-2019-1532
SUSE OpenStack Cloud 7	`kernel-default >= 4.4.121-92.114.1` `kernel-default-base >= 4.4.121-92.114.1` `kernel-default-devel >= 4.4.121-92.114.1` `kernel-default-man >= 4.4.121-92.114.1` `kernel-devel >= 4.4.121-92.114.1` `kernel-macros >= 4.4.121-92.114.1` `kernel-source >= 4.4.121-92.114.1` `kernel-syms >= 4.4.121-92.114.1` `kgraft-patch-4_4_121-92_114-default >= 1-3.5.1`	Patchnames: SUSE-OpenStack-Cloud-7-2019-1534

CVE-2019-11190

Common Vulnerabilities and Exposures

Upstream information

Description

SUSE information

List of released packages

SUSE Linux Enterprise

SUSE Rancher

Solutions

Industries

Support

Services

Resources

Partners

Communities

About