Bug 1045327 (CVE-2017-15274) - VUL-1: CVE-2017-15274: kernel-source: add_key syscall causes NULL pointer dereference
Summary: VUL-1: CVE-2017-15274: kernel-source: add_key syscall causes NULL pointer der...
Status: RESOLVED FIXED
: 1100600 (view as bug list)
Alias: CVE-2017-15274
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: All Other
: P2 - High : Normal
Target Milestone: ---
Deadline: 2017-11-21
Assignee: Joey Lee
QA Contact: Security Team bot
URL:
Whiteboard: CVSSv2:SUSE:CVE-2017-15274:4.9:(AV:L/...
Keywords:
Depends on:
Blocks:
 
Reported: 2017-06-21 11:07 UTC by Richard Palethorpe
Modified: 2020-06-08 19:13 UTC (History)
8 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Richard Palethorpe 2017-06-21 11:07:24 UTC
The LTP test add_key02 dies with a kernel NULL pointer dereference

From the test description:

This is a regression test for commit 5649645d725c ("KEYS: fix dereferencing NULL payload with nonzero length").

OpenQA: https://openqa.suse.de/tests/1008206#step/run_ltp/98
Kernel log message:

[   18.240022] BUG: unable to handle kernel NULL pointer dereference at           (null)
[   18.241384] IP: [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10
[   18.242504] PGD 3babe067 PUD 3d166067 PMD 0 
[   18.243945] Oops: 0000 [#1] SMP 
[   18.245254] Modules linked in: ext4 crc16 jbd2 mbcache loop af_packet iscsi_ibft iscsi_boot_sysfs ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ipt_REJECT xt_pkttype xt_tcpudp iptable_filter ip6table_mangle nf_conntrack_ipv4 nf_defrag_ipv4 ip_tables xt_conntrack nf_conntrack ip6table_filter ip6_tables x_tables ppdev parport_pc parport snd_intel8x0 snd_ac97_codec snd_pcm acpi_cpufreq snd_timer joydev snd processor serio_raw soundcore button ac97_bus pcspkr i2c_piix4 ata_generic sr_mod cdrom btrfs xor hid_generic usbhid raid6_pq ata_piix ahci libahci cirrus drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm virtio_net virtio_scsi virtio_console drm virtio_blk libata ehci_pci ehci_hcd usbcore usb_common virtio_pci virtio_ring virtio floppy sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua scsi_mod autofs4
[   18.259666] Supported: Yes
[   18.260422] CPU: 1 PID: 1807 Comm: add_key02 Not tainted 4.4.71-1-default #1
[   18.261624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.9.1-0-gb3ef39f-prebuilt.qemu-project.org 04/01/2014
[   18.263664] task: ffff88003bf2d300 ti: ffff88003bbc4000 task.ti: ffff88003bbc4000
[   18.264895] RIP: 0010:[<ffffffff8134f9b5>]  [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10
[   18.266171] RSP: 0018:ffff88003bbc7ca8  EFLAGS: 00010206
[   18.267156] RAX: 000000000000003f RBX: 0000000000000000 RCX: 0000000000000040
[   18.268288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000070
[   18.269419] RBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000002
[   18.270553] R10: 0000000000000002 R11: 0000000000000040 R12: 0000000000000000
[   18.271670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[   18.272775] FS:  00007f2e328aa700(0000) GS:ffff88003fd00000(0000) knlGS:0000000000000000
[   18.273970] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   18.274978] CR2: 0000000000000000 CR3: 000000003bc99000 CR4: 00000000000006e0
[   18.276097] Stack:
[   18.276800]  0000000000000000 0000000000000000 0000000000000000 ffffffff8186e6a0
[   18.277996]  0000000000000070 0000000000000000 0000000000000000 0000000000000004
[   18.279181]  0000000000000000 ffffffff8186e720 ffff880036be8ac0 0000000000000000
[   18.280360] Call Trace:
[   18.281142]  [<ffffffff812e22b4>] x509_cert_parse+0x94/0x160
[   18.282136]  [<ffffffff812e2dc3>] x509_key_preparse+0x23/0x2a0
[   18.283121]  [<ffffffff812e1481>] asymmetric_key_preparse+0x51/0xb0
[   18.284166]  [<ffffffff81293922>] key_create_or_update+0x122/0x400
[   18.285182]  [<ffffffff812950a8>] SyS_add_key+0x118/0x200
[   18.286144]  [<ffffffff81605f2e>] entry_SYSCALL_64_fastpath+0x12/0x6d
[   18.288478] DWARF2 unwinder stuck at entry_SYSCALL_64_fastpath+0x12/0x6d
[   18.289532] 
[   18.290192] Leftover inexact backtrace:
[   18.290192] 
[   18.291660] Code: 5f c3 44 89 e8 83 e0 01 88 44 24 40 74 0b 4c 3b 5c 24 10 0f 84 bb fd ff ff 48 8b 74 24 10 49 8d 43 ff 48 39 f0 0f 86 e5 05 00 00 <41> 0f b6 04 34 48 8d 7e 01 48 89 7c 24 28 88 44 24 5d 83 e0 1f 
[   18.295121] RIP  [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10
[   18.296158]  RSP <ffff88003bbc7ca8>
[   18.296960] CR2: 0000000000000000
[   18.297786] ---[ end trace aa44eccc8b1dde11 ]---
Comment 1 Richard Palethorpe 2017-06-23 08:11:13 UTC
Test is now passing: https://openqa.suse.de/tests/1014775#step/run_ltp/98
Comment 2 Yong Sun 2017-07-05 11:32:11 UTC
This test fails in RC2, but I didn't see Call trace.
http://qadb2.suse.de/qadb/result.php?submission_id=616907&search=1&testsuite_id=19
Comment 3 Joey Lee 2017-07-05 13:30:14 UTC
(In reply to Richard Palethorpe from comment #0)
> The LTP test add_key02 dies with a kernel NULL pointer dereference
> 
> From the test description:
> 
> This is a regression test for commit 5649645d725c ("KEYS: fix dereferencing
> NULL payload with nonzero length").
> 
> OpenQA: https://openqa.suse.de/tests/1008206#step/run_ltp/98
> Kernel log message:
> 
> [   18.240022] BUG: unable to handle kernel NULL pointer dereference at     
> (null)
> [   18.241384] IP: [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10
> [   18.242504] PGD 3babe067 PUD 3d166067 PMD 0 
> [   18.243945] Oops: 0000 [#1] SMP 
> [   18.245254] Modules linked in: ext4 crc16 jbd2 mbcache loop af_packet
> iscsi_ibft iscsi_boot_sysfs ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6
> ipt_REJECT xt_pkttype xt_tcpudp iptable_filter ip6table_mangle
> nf_conntrack_ipv4 nf_defrag_ipv4 ip_tables xt_conntrack nf_conntrack
> ip6table_filter ip6_tables x_tables ppdev parport_pc parport snd_intel8x0
> snd_ac97_codec snd_pcm acpi_cpufreq snd_timer joydev snd processor serio_raw
> soundcore button ac97_bus pcspkr i2c_piix4 ata_generic sr_mod cdrom btrfs
> xor hid_generic usbhid raid6_pq ata_piix ahci libahci cirrus drm_kms_helper
> syscopyarea sysfillrect sysimgblt fb_sys_fops ttm virtio_net virtio_scsi
> virtio_console drm virtio_blk libata ehci_pci ehci_hcd usbcore usb_common
> virtio_pci virtio_ring virtio floppy sg dm_multipath dm_mod scsi_dh_rdac
> scsi_dh_emc scsi_dh_alua scsi_mod autofs4
> [   18.259666] Supported: Yes
> [   18.260422] CPU: 1 PID: 1807 Comm: add_key02 Not tainted 4.4.71-1-default
> #1
> [   18.261624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
> rel-1.9.1-0-gb3ef39f-prebuilt.qemu-project.org 04/01/2014
> [   18.263664] task: ffff88003bf2d300 ti: ffff88003bbc4000 task.ti:
> ffff88003bbc4000
> [   18.264895] RIP: 0010:[<ffffffff8134f9b5>]  [<ffffffff8134f9b5>]
> asn1_ber_decoder+0x2f5/0xc10
> [   18.266171] RSP: 0018:ffff88003bbc7ca8  EFLAGS: 00010206
> [   18.267156] RAX: 000000000000003f RBX: 0000000000000000 RCX:
> 0000000000000040
> [   18.268288] RDX: 0000000000000000 RSI: 0000000000000000 RDI:
> 0000000000000070
> [   18.269419] RBP: 0000000000000000 R08: 0000000000000040 R09:
> 0000000000000002
> [   18.270553] R10: 0000000000000002 R11: 0000000000000040 R12:
> 0000000000000000
> [   18.271670] R13: 0000000000000000 R14: 0000000000000000 R15:
> 0000000000000000
> [   18.272775] FS:  00007f2e328aa700(0000) GS:ffff88003fd00000(0000)
> knlGS:0000000000000000
> [   18.273970] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [   18.274978] CR2: 0000000000000000 CR3: 000000003bc99000 CR4:
> 00000000000006e0
> [   18.276097] Stack:
> [   18.276800]  0000000000000000 0000000000000000 0000000000000000
> ffffffff8186e6a0
> [   18.277996]  0000000000000070 0000000000000000 0000000000000000
> 0000000000000004
> [   18.279181]  0000000000000000 ffffffff8186e720 ffff880036be8ac0
> 0000000000000000
> [   18.280360] Call Trace:
> [   18.281142]  [<ffffffff812e22b4>] x509_cert_parse+0x94/0x160
> [   18.282136]  [<ffffffff812e2dc3>] x509_key_preparse+0x23/0x2a0
> [   18.283121]  [<ffffffff812e1481>] asymmetric_key_preparse+0x51/0xb0
> [   18.284166]  [<ffffffff81293922>] key_create_or_update+0x122/0x400
> [   18.285182]  [<ffffffff812950a8>] SyS_add_key+0x118/0x200
> [   18.286144]  [<ffffffff81605f2e>] entry_SYSCALL_64_fastpath+0x12/0x6d
> [   18.288478] DWARF2 unwinder stuck at entry_SYSCALL_64_fastpath+0x12/0x6d
> [   18.289532] 
> [   18.290192] Leftover inexact backtrace:
> [   18.290192] 
> [   18.291660] Code: 5f c3 44 89 e8 83 e0 01 88 44 24 40 74 0b 4c 3b 5c 24
> 10 0f 84 bb fd ff ff 48 8b 74 24 10 49 8d 43 ff 48 39 f0 0f 86 e5 05 00 00
> <41> 0f b6 04 34 48 8d 7e 01 48 89 7c 24 28 88 44 24 5d 83 e0 1f 
> [   18.295121] RIP  [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10
> [   18.296158]  RSP <ffff88003bbc7ca8>
> [   18.296960] CR2: 0000000000000000
> [   18.297786] ---[ end trace aa44eccc8b1dde11 ]---

Hi Richard, Sunny, 

Could you please attach the key that you tried to load by keyring? And, the steps of reproduction?

Thanks
Comment 4 Takashi Iwai 2017-07-05 14:04:29 UTC
The Oops is a result from 4.4.71 that still didn't include the fix.  So this can be ignored.

The test case with 4.4.72 and later kernel should expect EFAULT instead of EINVAL, as stated in the changelog of the fix commit:

    KEYS: fix dereferencing NULL payload with nonzero length
    
    .....  Fix it by doing the copy_from_user() when 'plen' is nonzero
    rather than when '_payload' is non-NULL, causing the syscall to fail
    with EFAULT as expected when an invalid buffer is specified.
Comment 5 Joey Lee 2017-07-06 04:18:23 UTC
(In reply to Takashi Iwai from comment #4)
> The Oops is a result from 4.4.71 that still didn't include the fix.  So this
> can be ignored.
> 
> The test case with 4.4.72 and later kernel should expect EFAULT instead of
> EINVAL, as stated in the changelog of the fix commit:
> 
>     KEYS: fix dereferencing NULL payload with nonzero length
>     
>     .....  Fix it by doing the copy_from_user() when 'plen' is nonzero
>     rather than when '_payload' is non-NULL, causing the syscall to fail
>     with EFAULT as expected when an invalid buffer is specified.

Thanks for Takashi's help to analysis this problem. Set this bug to INVALID.
Comment 6 Richard Palethorpe 2017-07-07 07:14:42 UTC
Thanks guys, I double checked the test case and it is doing the right thing.
Comment 7 Johannes Segitz 2017-10-10 09:06:30 UTC
This is currently blocking our kgraft patches (bsc#1062471). I think we should fix this in our LTSS kernels
Comment 8 Joey Lee 2017-10-12 05:40:08 UTC
(In reply to Johannes Segitz from comment #7)
> This is currently blocking our kgraft patches (bsc#1062471). I think we
> should fix this in our LTSS kernels

I backported 5649645d7 kernel patch for SLE12-LTSS and SLE12-SP1-LTSS, submit to cve/linux-3.12 for waiting merged.
Comment 9 Marcus Meissner 2017-10-12 06:41:47 UTC
Mitre assigned CVE-2017-15274, please add this as reference
Comment 10 Joey Lee 2017-10-12 07:38:51 UTC
(In reply to Marcus Meissner from comment #9)
> Mitre assigned CVE-2017-15274, please add this as reference

Backported patch already merged to cve/linux-3.12:

commit a1357f42a5cef87797174546155a99a825df6106
Author: Lee, Chun-Yi <jlee@suse.com>
Date:   Thu Oct 12 13:30:26 2017 +0800

    KEYS: fix dereferencing NULL payload with nonzero length
    (bsc#1045327, bsc#1062471).
Comment 11 Joey Lee 2017-10-12 08:24:26 UTC
(In reply to Joey Lee from comment #10)
> (In reply to Marcus Meissner from comment #9)
> > Mitre assigned CVE-2017-15274, please add this as reference
> 
> Backported patch already merged to cve/linux-3.12:
> 
> commit a1357f42a5cef87797174546155a99a825df6106
> Author: Lee, Chun-Yi <jlee@suse.com>
> Date:   Thu Oct 12 13:30:26 2017 +0800
> 
>     KEYS: fix dereferencing NULL payload with nonzero length
>     (bsc#1045327, bsc#1062471).

I will also backport to:

  cve/linux-2.6.16
  cve/linux-2.6.32
  cve/linux-3.0
Comment 12 Takashi Iwai 2017-10-12 08:29:00 UTC
(In reply to Joey Lee from comment #10)
> (In reply to Marcus Meissner from comment #9)
> > Mitre assigned CVE-2017-15274, please add this as reference
> 
> Backported patch already merged to cve/linux-3.12:
> 
> commit a1357f42a5cef87797174546155a99a825df6106
> Author: Lee, Chun-Yi <jlee@suse.com>
> Date:   Thu Oct 12 13:30:26 2017 +0800
> 
>     KEYS: fix dereferencing NULL payload with nonzero length
>     (bsc#1045327, bsc#1062471).

Could you refresh the References tag in the patch to include the CVE number, and do push again?
Comment 13 Joey Lee 2017-10-12 08:46:42 UTC
(In reply to Takashi Iwai from comment #12)
> (In reply to Joey Lee from comment #10)
> > (In reply to Marcus Meissner from comment #9)
> > > Mitre assigned CVE-2017-15274, please add this as reference
> > 
> > Backported patch already merged to cve/linux-3.12:
> > 
> > commit a1357f42a5cef87797174546155a99a825df6106
> > Author: Lee, Chun-Yi <jlee@suse.com>
> > Date:   Thu Oct 12 13:30:26 2017 +0800
> > 
> >     KEYS: fix dereferencing NULL payload with nonzero length
> >     (bsc#1045327, bsc#1062471).
> 
> Could you refresh the References tag in the patch to include the CVE number,
> and do push again?

I updated References tag and sent again.
Comment 14 Joey Lee 2017-10-12 12:53:51 UTC
(In reply to Joey Lee from comment #11)
> (In reply to Joey Lee from comment #10)
> > (In reply to Marcus Meissner from comment #9)
> > > Mitre assigned CVE-2017-15274, please add this as reference
> > 
> > Backported patch already merged to cve/linux-3.12:
> > 
> > commit a1357f42a5cef87797174546155a99a825df6106
> > Author: Lee, Chun-Yi <jlee@suse.com>
> > Date:   Thu Oct 12 13:30:26 2017 +0800
> > 
> >     KEYS: fix dereferencing NULL payload with nonzero length
> >     (bsc#1045327, bsc#1062471).
> 
> I will also backport to:
> 
>   cve/linux-2.6.16
>   cve/linux-2.6.32
>   cve/linux-3.0

I sent backported patch to the above git branch.
Comment 15 Swamp Workflow Management 2017-10-19 10:10:03 UTC
SUSE-SU-2017:2769-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_20-6-4.1
Comment 16 Swamp Workflow Management 2017-10-19 10:10:42 UTC
SUSE-SU-2017:2770-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_23-4-4.1
Comment 17 Swamp Workflow Management 2017-10-19 10:11:20 UTC
SUSE-SU-2017:2771-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_19-8-4.1
Comment 18 Swamp Workflow Management 2017-10-19 10:11:59 UTC
SUSE-SU-2017:2772-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_22-5-4.1
Comment 19 Swamp Workflow Management 2017-10-19 10:12:38 UTC
SUSE-SU-2017:2773-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_26-3-4.1
Comment 20 Swamp Workflow Management 2017-10-19 10:13:17 UTC
SUSE-SU-2017:2774-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_25-3-4.1
Comment 21 Swamp Workflow Management 2017-10-19 13:07:38 UTC
SUSE-SU-2017:2775-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1042892,1045327,1046191,1052311,1052368
CVE References: CVE-2017-1000112,CVE-2017-15274,CVE-2017-7645,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_27-2-4.1
Comment 22 Swamp Workflow Management 2017-10-19 13:08:28 UTC
SUSE-SU-2017:2776-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_16-10-4.1
Comment 23 Swamp Workflow Management 2017-10-19 13:08:58 UTC
SUSE-SU-2017:2777-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_17-9-4.1
Comment 24 Swamp Workflow Management 2017-10-19 16:09:38 UTC
SUSE-SU-2017:2778-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_9-11-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_9-11-4.1
Comment 25 Swamp Workflow Management 2017-10-19 16:10:17 UTC
SUSE-SU-2017:2779-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_10-10-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_10-10-4.1
Comment 26 Swamp Workflow Management 2017-10-19 16:10:53 UTC
SUSE-SU-2017:2780-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_21-5-4.1
Comment 27 Swamp Workflow Management 2017-10-19 16:11:28 UTC
SUSE-SU-2017:2781-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_24-3-4.1
Comment 28 Swamp Workflow Management 2017-10-19 16:12:02 UTC
SUSE-SU-2017:2782-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_13-7-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_13-7-4.1
Comment 29 Swamp Workflow Management 2017-10-19 16:12:35 UTC
SUSE-SU-2017:2783-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_12-8-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_12-8-4.1
Comment 30 Swamp Workflow Management 2017-10-19 16:13:10 UTC
SUSE-SU-2017:2784-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kgraft-patch-SLE12_Update_18-9-4.1
Comment 31 Swamp Workflow Management 2017-10-19 16:13:46 UTC
SUSE-SU-2017:2785-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_8-12-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_8-12-4.1
Comment 32 Swamp Workflow Management 2017-10-19 16:14:18 UTC
SUSE-SU-2017:2786-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_11-9-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_11-9-4.1
Comment 33 Swamp Workflow Management 2017-10-19 19:07:21 UTC
SUSE-SU-2017:2787-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_15-5-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_15-5-4.1
Comment 34 Swamp Workflow Management 2017-10-19 19:07:53 UTC
SUSE-SU-2017:2788-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_16-5-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_16-5-4.1
Comment 35 Swamp Workflow Management 2017-10-19 19:08:42 UTC
SUSE-SU-2017:2790-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_14-6-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_14-6-4.1
Comment 36 Swamp Workflow Management 2017-10-20 01:08:11 UTC
SUSE-SU-2017:2791-1: An update that solves four vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1038564,1042892,1045327,1052311,1052368
CVE References: CVE-2017-1000112,CVE-2017-15274,CVE-2017-8890,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_21-2-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_21-2-4.1
Comment 37 Swamp Workflow Management 2017-10-20 13:08:25 UTC
SUSE-SU-2017:2792-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_19-3-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_19-3-4.1
Comment 38 Swamp Workflow Management 2017-10-20 13:09:04 UTC
SUSE-SU-2017:2793-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_17-4-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_17-4-4.1
Comment 39 Swamp Workflow Management 2017-10-20 13:10:17 UTC
SUSE-SU-2017:2796-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_20-3-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_20-3-4.1
Comment 40 Swamp Workflow Management 2017-10-20 13:10:51 UTC
SUSE-SU-2017:2797-1: An update that fixes two vulnerabilities is now available.

Category: security (important)
Bug References: 1045327,1057950
CVE References: CVE-2017-1000251,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kgraft-patch-SLE12-SP1_Update_18-3-4.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kgraft-patch-SLE12-SP1_Update_18-3-4.1
Comment 41 Swamp Workflow Management 2017-10-30 18:29:55 UTC
SUSE-SU-2017:2908-1: An update that solves 30 vulnerabilities and has 38 fixes is now available.

Category: security (important)
Bug References: 1001459,1012985,1023287,1027149,1028217,1030531,1030552,1031515,1033960,1034405,1035531,1035738,1037182,1037183,1037994,1038544,1038564,1038879,1038883,1038981,1038982,1039348,1039354,1039456,1039721,1039864,1039882,1039883,1039885,1040069,1041160,1041429,1041431,1042696,1042832,1042863,1044125,1045327,1045487,1045922,1046107,1048275,1048788,1049645,1049882,1053148,1053152,1053317,1056588,1056982,1057179,1058410,1058507,1058524,1059863,1062471,1062520,1063667,1064388,856774,860250,863764,878240,922855,922871,986924,993099,994364
CVE References: CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE OpenStack Cloud 6 (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.63.1
Comment 42 Swamp Workflow Management 2017-11-02 17:17:59 UTC
SUSE-SU-2017:2920-1: An update that solves 36 vulnerabilities and has 22 fixes is now available.

Category: security (important)
Bug References: 1008353,1012422,1017941,1029850,1030593,1032268,1034405,1034670,1035576,1035877,1036752,1037182,1037183,1037306,1037994,1038544,1038879,1038981,1038982,1039348,1039349,1039354,1039456,1039721,1039882,1039883,1039885,1040069,1041431,1041958,1044125,1045327,1045487,1045922,1046107,1047408,1048275,1049645,1049882,1052593,1053148,1053152,1056588,1056982,1057179,1058038,1058410,1058507,1058524,1062520,1063667,1064388,938162,975596,977417,984779,985562,990682
CVE References: CVE-2015-9004,CVE-2016-10229,CVE-2016-9604,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-2647,CVE-2017-6951,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8106,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.101.1, kernel-source-3.12.61-52.101.1, kernel-syms-3.12.61-52.101.1, kernel-xen-3.12.61-52.101.1, kgraft-patch-SLE12_Update_28-1-8.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.101.1
Comment 44 Swamp Workflow Management 2017-11-14 10:42:09 UTC
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2017-11-21.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63894
Comment 45 Swamp Workflow Management 2017-11-30 20:08:49 UTC
SUSE-SU-2017:3165-1: An update that solves 5 vulnerabilities and has 17 fixes is now available.

Category: security (important)
Bug References: 1022967,1036286,1044228,1045327,1052593,1053317,1056230,1056504,1057796,1059051,1059525,1060245,1060665,1061017,1061180,1062520,1062842,1063301,1063544,1063667,909484,996376
CVE References: CVE-2017-1000253,CVE-2017-13080,CVE-2017-14489,CVE-2017-15265,CVE-2017-15274
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.11.1, kernel-rt_trace-3.0.101.rt130-69.11.1, kernel-source-rt-3.0.101.rt130-69.11.1, kernel-syms-rt-3.0.101.rt130-69.11.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.11.1, kernel-rt_debug-3.0.101.rt130-69.11.1, kernel-rt_trace-3.0.101.rt130-69.11.1
Comment 46 Swamp Workflow Management 2017-12-11 20:12:44 UTC
SUSE-SU-2017:3265-1: An update that solves 20 vulnerabilities and has 53 fixes is now available.

Category: security (important)
Bug References: 1012917,1013018,1022967,1024450,1031358,1036286,1036629,1037441,1037667,1037669,1037994,1039803,1040609,1042863,1045154,1045205,1045327,1045538,1047523,1050381,1050431,1051133,1051932,1052311,1052365,1052370,1052593,1053148,1053152,1053317,1053802,1053933,1054070,1054076,1054093,1054247,1054305,1054706,1056230,1056504,1056588,1057179,1057796,1058524,1059051,1060245,1060665,1061017,1061180,1062520,1062842,1063301,1063544,1063667,1064803,1064861,1065180,1066471,1066472,1066573,1066606,1066618,1066625,1066650,1066671,1066700,1066705,1067085,1067816,1067888,909484,984530,996376
CVE References: CVE-2017-1000112,CVE-2017-10661,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14140,CVE-2017-14340,CVE-2017-14489,CVE-2017-15102,CVE-2017-15265,CVE-2017-15274,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16649,CVE-2017-8831
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-108.18.3
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-108.18.1, kernel-default-3.0.101-108.18.1, kernel-ec2-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-source-3.0.101-108.18.1, kernel-syms-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-108.18.1, kernel-default-3.0.101-108.18.1, kernel-ec2-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1
Comment 47 Swamp Workflow Management 2018-01-08 20:07:31 UTC
SUSE-SU-2018:0040-1: An update that solves 32 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 1010175,1034862,1045327,1050231,1052593,1056982,1057179,1057389,1058524,1062520,1063544,1063667,1066295,1066472,1066569,1066573,1066606,1066618,1066625,1066650,1066671,1066693,1066700,1066705,1067085,1068032,1068671,1069702,1069708,1070771,1071074,1071470,1071695,1072561,1072876,1073792,1073874,1074033,999245
CVE References: CVE-2017-1000251,CVE-2017-11600,CVE-2017-13080,CVE-2017-13167,CVE-2017-14106,CVE-2017-14140,CVE-2017-14340,CVE-2017-15102,CVE-2017-15115,CVE-2017-15265,CVE-2017-15274,CVE-2017-15868,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16534,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16538,CVE-2017-16649,CVE-2017-16939,CVE-2017-17450,CVE-2017-17558,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7472,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-source-3.0.101-0.47.106.11.1, kernel-syms-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-ppc64-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-source-3.0.101-0.47.106.11.1, kernel-syms-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
Comment 48 Marcus Meissner 2018-02-09 06:37:19 UTC
released
Comment 49 Michal Suchanek 2018-08-06 17:44:22 UTC
*** Bug 1100600 has been marked as a duplicate of this bug. ***