Upstream information

CVE-2019-11190 at MITRE

Description

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.

SUSE information

SUSE Bugzilla entries: 1131543 [RESOLVED / WORKSFORME], 1132374 [RESOLVED / WONTFIX], 1132472 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
Openstack Cloud Magnum Orchestration 7
  • kernel-default >= 4.4.121-92.114.1
Patchnames:
SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2019-1534
SUSE CaaS Platform 3.0
  • kernel-default >= 4.4.180-94.97.1
Patchnames:
SUSE-CAASP-3.0-2019-1532
SUSE CaaS Platform ALL
  • kernel-default >= 4.4.180-94.97.1
Patchnames:
SUSE-CAASP-ALL-2019-1532
SUSE Enterprise Storage 4
  • kernel-default >= 4.4.121-92.114.1
  • kernel-default-base >= 4.4.121-92.114.1
  • kernel-default-devel >= 4.4.121-92.114.1
  • kernel-devel >= 4.4.121-92.114.1
  • kernel-macros >= 4.4.121-92.114.1
  • kernel-source >= 4.4.121-92.114.1
  • kernel-syms >= 4.4.121-92.114.1
  • kgraft-patch-4_4_121-92_114-default >= 1-3.5.1
  • kgraft-patch-SLE12-SP2_Update_30 >= 1-3.5.1
Patchnames:
SUSE-Storage-4-2019-1534
SUSE Linux Enterprise Build System Kit 12 SP3
  • kernel-zfcpdump >= 4.4.180-94.97.1
Patchnames:
SUSE-SLE-BSK-12-SP3-2019-1532
SUSE Linux Enterprise Desktop 12 SP3
  • kernel-default >= 4.4.180-94.97.1
  • kernel-default-devel >= 4.4.180-94.97.1
  • kernel-default-extra >= 4.4.180-94.97.1
  • kernel-devel >= 4.4.180-94.97.1
  • kernel-macros >= 4.4.180-94.97.1
  • kernel-source >= 4.4.180-94.97.1
  • kernel-syms >= 4.4.180-94.97.1
Patchnames:
SUSE-SLE-DESKTOP-12-SP3-2019-1532
SUSE Linux Enterprise High Availability 12 SP2
  • cluster-md-kmp-default >= 4.4.121-92.114.1
  • cluster-network-kmp-default >= 4.4.121-92.114.1
  • dlm-kmp-default >= 4.4.121-92.114.1
  • gfs2-kmp-default >= 4.4.121-92.114.1
  • kernel-default >= 4.4.121-92.114.1
  • ocfs2-kmp-default >= 4.4.121-92.114.1
Patchnames:
SUSE-SLE-HA-12-SP2-2019-1534
SUSE Linux Enterprise High Availability 12 SP3
  • cluster-md-kmp-default >= 4.4.180-94.97.1
  • dlm-kmp-default >= 4.4.180-94.97.1
  • gfs2-kmp-default >= 4.4.180-94.97.1
  • kernel-default >= 4.4.180-94.97.1
  • ocfs2-kmp-default >= 4.4.180-94.97.1
Patchnames:
SUSE-SLE-HA-12-SP3-2019-1532
SUSE Linux Enterprise Live Patching 12 SP3
  • kgraft-patch-4_4_180-94_97-default >= 1-4.3.3
  • kgraft-patch-SLE12-SP3_Update_26 >= 1-4.3.3
Patchnames:
SUSE-SLE-Live-Patching-12-SP3-2019-1532
SUSE Linux Enterprise Module for Public Cloud 12
  • kernel-ec2 >= 3.12.74-60.64.115.1
  • kernel-ec2-devel >= 3.12.74-60.64.115.1
  • kernel-ec2-extra >= 3.12.74-60.64.115.1
Patchnames:
SUSE-SLE-Module-Public-Cloud-12-2019-1533
SUSE-SLE-Module-Public-Cloud-12-2019-1692
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT
  • kernel-default >= 4.4.121-92.114.1
  • kernel-default-base >= 4.4.121-92.114.1
  • kernel-default-devel >= 4.4.121-92.114.1
  • kernel-devel >= 4.4.121-92.114.1
  • kernel-macros >= 4.4.121-92.114.1
  • kernel-source >= 4.4.121-92.114.1
  • kernel-syms >= 4.4.121-92.114.1
  • kgraft-patch-4_4_121-92_114-default >= 1-3.5.1
  • kgraft-patch-SLE12-SP2_Update_30 >= 1-3.5.1
Patchnames:
SUSE-SLE-POS-12-SP2-CLIENT-2019-1534
SUSE Linux Enterprise Server 11 SP4-LTSS
SUSE Linux Enterprise Server for SAP Applications 11 SP4-LTSS
  • kernel-bigmem >= 3.0.101-108.95.2
  • kernel-bigmem-base >= 3.0.101-108.95.2
  • kernel-bigmem-devel >= 3.0.101-108.95.2
  • kernel-default >= 3.0.101-108.95.2
  • kernel-default-base >= 3.0.101-108.95.2
  • kernel-default-devel >= 3.0.101-108.95.2
  • kernel-default-man >= 3.0.101-108.95.2
  • kernel-ec2 >= 3.0.101-108.95.2
  • kernel-ec2-base >= 3.0.101-108.95.2
  • kernel-ec2-devel >= 3.0.101-108.95.2
  • kernel-pae >= 3.0.101-108.95.2
  • kernel-pae-base >= 3.0.101-108.95.2
  • kernel-pae-devel >= 3.0.101-108.95.2
  • kernel-ppc64 >= 3.0.101-108.95.2
  • kernel-ppc64-base >= 3.0.101-108.95.2
  • kernel-ppc64-devel >= 3.0.101-108.95.2
  • kernel-source >= 3.0.101-108.95.1
  • kernel-syms >= 3.0.101-108.95.1
  • kernel-trace >= 3.0.101-108.95.2
  • kernel-trace-base >= 3.0.101-108.95.2
  • kernel-trace-devel >= 3.0.101-108.95.2
  • kernel-xen >= 3.0.101-108.95.2
  • kernel-xen-base >= 3.0.101-108.95.2
  • kernel-xen-devel >= 3.0.101-108.95.2
Patchnames:
slessp4-kernel-source-14089
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP1-LTSS
  • kernel-default >= 3.12.74-60.64.115.1
  • kernel-default-base >= 3.12.74-60.64.115.1
  • kernel-default-devel >= 3.12.74-60.64.115.1
  • kernel-default-man >= 3.12.74-60.64.115.1
  • kernel-devel >= 3.12.74-60.64.115.1
  • kernel-macros >= 3.12.74-60.64.115.1
  • kernel-source >= 3.12.74-60.64.115.1
  • kernel-syms >= 3.12.74-60.64.115.1
  • kernel-xen >= 3.12.74-60.64.115.1
  • kernel-xen-base >= 3.12.74-60.64.115.1
  • kernel-xen-devel >= 3.12.74-60.64.115.1
  • kgraft-patch-3_12_74-60_64_115-default >= 1-2.5.1
  • kgraft-patch-3_12_74-60_64_115-xen >= 1-2.5.1
  • kgraft-patch-SLE12-SP1_Update_34 >= 1-2.5.1
Patchnames:
SUSE-SLE-SERVER-12-SP1-2019-1533
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server for SAP Applications 12 SP2-BCL
  • kernel-default >= 4.4.121-92.114.1
  • kernel-default-base >= 4.4.121-92.114.1
  • kernel-default-devel >= 4.4.121-92.114.1
  • kernel-devel >= 4.4.121-92.114.1
  • kernel-macros >= 4.4.121-92.114.1
  • kernel-source >= 4.4.121-92.114.1
  • kernel-syms >= 4.4.121-92.114.1
Patchnames:
SUSE-SLE-SERVER-12-SP2-BCL-2019-1534
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server for SAP Applications 12 SP2-ESPOS
  • kernel-default >= 4.4.121-92.114.1
  • kernel-default-base >= 4.4.121-92.114.1
  • kernel-default-devel >= 4.4.121-92.114.1
  • kernel-devel >= 4.4.121-92.114.1
  • kernel-macros >= 4.4.121-92.114.1
  • kernel-source >= 4.4.121-92.114.1
  • kernel-syms >= 4.4.121-92.114.1
  • kgraft-patch-4_4_121-92_114-default >= 1-3.5.1
  • kgraft-patch-SLE12-SP2_Update_30 >= 1-3.5.1
Patchnames:
SUSE-SLE-SERVER-12-SP2-ESPOS-2019-1534
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP2-LTSS
  • kernel-default >= 4.4.121-92.114.1
  • kernel-default-base >= 4.4.121-92.114.1
  • kernel-default-devel >= 4.4.121-92.114.1
  • kernel-default-man >= 4.4.121-92.114.1
  • kernel-devel >= 4.4.121-92.114.1
  • kernel-macros >= 4.4.121-92.114.1
  • kernel-source >= 4.4.121-92.114.1
  • kernel-syms >= 4.4.121-92.114.1
  • kgraft-patch-4_4_121-92_114-default >= 1-3.5.1
  • kgraft-patch-SLE12-SP2_Update_30 >= 1-3.5.1
Patchnames:
SUSE-SLE-SERVER-12-SP2-2019-1534
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP3
  • kernel-azure >= 4.4.180-4.31.1
  • kernel-azure-base >= 4.4.180-4.31.1
  • kernel-azure-devel >= 4.4.180-4.31.1
  • kernel-default >= 4.4.180-94.97.1
  • kernel-default-base >= 4.4.180-94.97.1
  • kernel-default-devel >= 4.4.180-94.97.1
  • kernel-default-man >= 4.4.180-94.97.1
  • kernel-devel >= 4.4.180-94.97.1
  • kernel-devel-azure >= 4.4.180-4.31.1
  • kernel-macros >= 4.4.180-94.97.1
  • kernel-source >= 4.4.180-94.97.1
  • kernel-source-azure >= 4.4.180-4.31.1
  • kernel-syms >= 4.4.180-94.97.1
  • kernel-syms-azure >= 4.4.180-4.31.1
Patchnames:
SUSE-SLE-SERVER-12-SP3-2019-1527
SUSE-SLE-SERVER-12-SP3-2019-1532
SUSE Linux Enterprise Server 12-LTSS
SUSE Linux Enterprise Server for SAP Applications 12-LTSS
  • kernel-default >= 3.12.61-52.154.1
  • kernel-default-base >= 3.12.61-52.154.1
  • kernel-default-devel >= 3.12.61-52.154.1
  • kernel-default-man >= 3.12.61-52.154.1
  • kernel-devel >= 3.12.61-52.154.1
  • kernel-macros >= 3.12.61-52.154.1
  • kernel-source >= 3.12.61-52.154.1
  • kernel-syms >= 3.12.61-52.154.1
  • kernel-xen >= 3.12.61-52.154.1
  • kernel-xen-base >= 3.12.61-52.154.1
  • kernel-xen-devel >= 3.12.61-52.154.1
  • kgraft-patch-3_12_61-52_154-default >= 1-1.5.1
  • kgraft-patch-3_12_61-52_154-xen >= 1-1.5.1
  • kgraft-patch-SLE12_Update_40 >= 1-1.5.1
Patchnames:
SUSE-SLE-SERVER-12-2019-1692
SUSE Linux Enterprise Server for SAP Applications 12 SP1
  • kernel-default >= 3.12.74-60.64.115.1
  • kernel-default-base >= 3.12.74-60.64.115.1
  • kernel-default-devel >= 3.12.74-60.64.115.1
  • kernel-devel >= 3.12.74-60.64.115.1
  • kernel-macros >= 3.12.74-60.64.115.1
  • kernel-source >= 3.12.74-60.64.115.1
  • kernel-syms >= 3.12.74-60.64.115.1
  • kernel-xen >= 3.12.74-60.64.115.1
  • kernel-xen-base >= 3.12.74-60.64.115.1
  • kernel-xen-devel >= 3.12.74-60.64.115.1
  • kgraft-patch-3_12_74-60_64_115-default >= 1-2.5.1
  • kgraft-patch-3_12_74-60_64_115-xen >= 1-2.5.1
  • kgraft-patch-SLE12-SP1_Update_34 >= 1-2.5.1
Patchnames:
SUSE-SLE-SAP-12-SP1-2019-1533
SUSE Linux Enterprise Server for SAP Applications 12 SP2
  • kernel-default >= 4.4.121-92.114.1
  • kernel-default-base >= 4.4.121-92.114.1
  • kernel-default-devel >= 4.4.121-92.114.1
  • kernel-devel >= 4.4.121-92.114.1
  • kernel-macros >= 4.4.121-92.114.1
  • kernel-source >= 4.4.121-92.114.1
  • kernel-syms >= 4.4.121-92.114.1
  • kgraft-patch-4_4_121-92_114-default >= 1-3.5.1
  • kgraft-patch-SLE12-SP2_Update_30 >= 1-3.5.1
Patchnames:
SUSE-SLE-SAP-12-SP2-2019-1534
SUSE Linux Enterprise Software Development Kit 12 SP3
  • kernel-docs >= 4.4.180-94.97.1
  • kernel-obs-build >= 4.4.180-94.97.1
Patchnames:
SUSE-SLE-SDK-12-SP3-2019-1532
SUSE Linux Enterprise Workstation Extension 12 SP3
  • kernel-default >= 4.4.180-94.97.1
  • kernel-default-extra >= 4.4.180-94.97.1
Patchnames:
SUSE-SLE-WE-12-SP3-2019-1532
SUSE OpenStack Cloud 7
  • kernel-default >= 4.4.121-92.114.1
  • kernel-default-base >= 4.4.121-92.114.1
  • kernel-default-devel >= 4.4.121-92.114.1
  • kernel-default-man >= 4.4.121-92.114.1
  • kernel-devel >= 4.4.121-92.114.1
  • kernel-macros >= 4.4.121-92.114.1
  • kernel-source >= 4.4.121-92.114.1
  • kernel-syms >= 4.4.121-92.114.1
  • kgraft-patch-4_4_121-92_114-default >= 1-3.5.1
  • kgraft-patch-SLE12-SP2_Update_30 >= 1-3.5.1
Patchnames:
SUSE-OpenStack-Cloud-7-2019-1534