Upstream information
Description
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.SUSE information
SUSE Bugzilla entries: 1131543 [RESOLVED / WORKSFORME], 1132374 [RESOLVED / WONTFIX], 1132472 [RESOLVED / FIXED] SUSE Security Advisories:- SUSE-SU-2019:14089-1, published Tue Jun 18 10:45:00 MDT 2019
- SUSE-SU-2019:1527-1, published Mon Jun 17 18:15:53 MDT 2019
- SUSE-SU-2019:1532-1, published Mon Jun 17 18:03:51 MDT 2019
- SUSE-SU-2019:1533-1, published Mon Jun 17 18:00:54 MDT 2019
- SUSE-SU-2019:1534-1, published Mon Jun 17 18:49:23 MDT 2019
- SUSE-SU-2019:1692-1, published Mon Jun 24 16:10:47 MDT 2019
- openSUSE-SU-2019:1570-1, published Tue, 18 Jun 2019 15:12:50 +0200 (CEST)
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE CaaS Platform 3.0 |
| Patchnames: SUSE-CAASP-3.0-2019-1532 |
SUSE Enterprise Storage 4 |
| Patchnames: SUSE-Storage-4-2019-1534 |
SUSE Linux Enterprise Desktop 12 SP3 |
| Patchnames: SUSE-SLE-DESKTOP-12-SP3-2019-1532 SUSE-SLE-SDK-12-SP3-2019-1532 SUSE-SLE-WE-12-SP3-2019-1532 |
SUSE Linux Enterprise High Availability 12 SP2 SUSE Linux Enterprise High Performance Computing 12 SP2 SUSE Linux Enterprise Server 12 SP2 |
| Patchnames: SUSE-SLE-HA-12-SP2-2019-1534 |
SUSE Linux Enterprise High Availability 12 SP3 SUSE Linux Enterprise High Performance Computing 12 SP3 |
| Patchnames: SUSE-SLE-HA-12-SP3-2019-1532 |
SUSE Linux Enterprise High Performance Computing 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server for SAP Applications 12 |
| Patchnames: SUSE-SLE-Module-Public-Cloud-12-2019-1533 SUSE-SLE-Module-Public-Cloud-12-2019-1692 |
SUSE Linux Enterprise Live Patching 12 SP3 |
| Patchnames: SUSE-SLE-Live-Patching-12-SP3-2019-1532 |
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT |
| Patchnames: SUSE-SLE-POS-12-SP2-CLIENT-2019-1534 |
SUSE Linux Enterprise Server 11 SP4-LTSS |
| Patchnames: slessp4-kernel-source-14089 |
SUSE Linux Enterprise Server 12 SP1-LTSS |
| Patchnames: SUSE-SLE-SERVER-12-SP1-2019-1533 |
SUSE Linux Enterprise Server 12 SP2-BCL |
| Patchnames: SUSE-SLE-SERVER-12-SP2-BCL-2019-1534 |
SUSE Linux Enterprise Server 12 SP2-ESPOS |
| Patchnames: SUSE-SLE-SERVER-12-SP2-ESPOS-2019-1534 |
SUSE Linux Enterprise Server 12 SP2-LTSS |
| Patchnames: SUSE-SLE-SERVER-12-SP2-2019-1534 |
SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3 |
| Patchnames: SUSE-SLE-HA-12-SP2-2019-1534 SUSE-SLE-HA-12-SP3-2019-1532 SUSE-SLE-Module-Public-Cloud-12-2019-1533 SUSE-SLE-Module-Public-Cloud-12-2019-1692 SUSE-SLE-SDK-12-SP3-2019-1532 SUSE-SLE-SERVER-12-SP3-2019-1527 SUSE-SLE-SERVER-12-SP3-2019-1532 SUSE-SLE-WE-12-SP3-2019-1532 |
SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 12 SP5 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 12 SP5 |
| Patchnames: SUSE-SLE-HA-12-SP2-2019-1534 SUSE-SLE-HA-12-SP3-2019-1532 SUSE-SLE-Module-Public-Cloud-12-2019-1533 SUSE-SLE-Module-Public-Cloud-12-2019-1692 |
SUSE Linux Enterprise Server 12-LTSS |
| Patchnames: SUSE-SLE-SERVER-12-2019-1692 |
SUSE Linux Enterprise Server for SAP Applications 12 SP1 |
| Patchnames: SUSE-SLE-SAP-12-SP1-2019-1533 |
SUSE Linux Enterprise Server for SAP Applications 12 SP2 |
| Patchnames: SUSE-SLE-HA-12-SP2-2019-1534 SUSE-SLE-SAP-12-SP2-2019-1534 |
SUSE Linux Enterprise Software Development Kit 12 SP3 |
| Patchnames: SUSE-SLE-SDK-12-SP3-2019-1532 |
SUSE Linux Enterprise Workstation Extension 12 SP3 |
| Patchnames: SUSE-SLE-WE-12-SP3-2019-1532 |
SUSE OpenStack Cloud 7 |
| Patchnames: SUSE-OpenStack-Cloud-7-2019-1534 |