Bugzilla – Bug 1045327
VUL-1: CVE-2017-15274: kernel-source: add_key syscall causes NULL pointer dereference
Last modified: 2020-06-08 19:13:05 UTC
The LTP test add_key02 dies with a kernel NULL pointer dereference From the test description: This is a regression test for commit 5649645d725c ("KEYS: fix dereferencing NULL payload with nonzero length"). OpenQA: https://openqa.suse.de/tests/1008206#step/run_ltp/98 Kernel log message: [ 18.240022] BUG: unable to handle kernel NULL pointer dereference at (null) [ 18.241384] IP: [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10 [ 18.242504] PGD 3babe067 PUD 3d166067 PMD 0 [ 18.243945] Oops: 0000 [#1] SMP [ 18.245254] Modules linked in: ext4 crc16 jbd2 mbcache loop af_packet iscsi_ibft iscsi_boot_sysfs ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 ipt_REJECT xt_pkttype xt_tcpudp iptable_filter ip6table_mangle nf_conntrack_ipv4 nf_defrag_ipv4 ip_tables xt_conntrack nf_conntrack ip6table_filter ip6_tables x_tables ppdev parport_pc parport snd_intel8x0 snd_ac97_codec snd_pcm acpi_cpufreq snd_timer joydev snd processor serio_raw soundcore button ac97_bus pcspkr i2c_piix4 ata_generic sr_mod cdrom btrfs xor hid_generic usbhid raid6_pq ata_piix ahci libahci cirrus drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm virtio_net virtio_scsi virtio_console drm virtio_blk libata ehci_pci ehci_hcd usbcore usb_common virtio_pci virtio_ring virtio floppy sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua scsi_mod autofs4 [ 18.259666] Supported: Yes [ 18.260422] CPU: 1 PID: 1807 Comm: add_key02 Not tainted 4.4.71-1-default #1 [ 18.261624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.9.1-0-gb3ef39f-prebuilt.qemu-project.org 04/01/2014 [ 18.263664] task: ffff88003bf2d300 ti: ffff88003bbc4000 task.ti: ffff88003bbc4000 [ 18.264895] RIP: 0010:[<ffffffff8134f9b5>] [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10 [ 18.266171] RSP: 0018:ffff88003bbc7ca8 EFLAGS: 00010206 [ 18.267156] RAX: 000000000000003f RBX: 0000000000000000 RCX: 0000000000000040 [ 18.268288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000070 [ 18.269419] RBP: 0000000000000000 R08: 0000000000000040 R09: 0000000000000002 [ 18.270553] R10: 0000000000000002 R11: 0000000000000040 R12: 0000000000000000 [ 18.271670] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 18.272775] FS: 00007f2e328aa700(0000) GS:ffff88003fd00000(0000) knlGS:0000000000000000 [ 18.273970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 18.274978] CR2: 0000000000000000 CR3: 000000003bc99000 CR4: 00000000000006e0 [ 18.276097] Stack: [ 18.276800] 0000000000000000 0000000000000000 0000000000000000 ffffffff8186e6a0 [ 18.277996] 0000000000000070 0000000000000000 0000000000000000 0000000000000004 [ 18.279181] 0000000000000000 ffffffff8186e720 ffff880036be8ac0 0000000000000000 [ 18.280360] Call Trace: [ 18.281142] [<ffffffff812e22b4>] x509_cert_parse+0x94/0x160 [ 18.282136] [<ffffffff812e2dc3>] x509_key_preparse+0x23/0x2a0 [ 18.283121] [<ffffffff812e1481>] asymmetric_key_preparse+0x51/0xb0 [ 18.284166] [<ffffffff81293922>] key_create_or_update+0x122/0x400 [ 18.285182] [<ffffffff812950a8>] SyS_add_key+0x118/0x200 [ 18.286144] [<ffffffff81605f2e>] entry_SYSCALL_64_fastpath+0x12/0x6d [ 18.288478] DWARF2 unwinder stuck at entry_SYSCALL_64_fastpath+0x12/0x6d [ 18.289532] [ 18.290192] Leftover inexact backtrace: [ 18.290192] [ 18.291660] Code: 5f c3 44 89 e8 83 e0 01 88 44 24 40 74 0b 4c 3b 5c 24 10 0f 84 bb fd ff ff 48 8b 74 24 10 49 8d 43 ff 48 39 f0 0f 86 e5 05 00 00 <41> 0f b6 04 34 48 8d 7e 01 48 89 7c 24 28 88 44 24 5d 83 e0 1f [ 18.295121] RIP [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10 [ 18.296158] RSP <ffff88003bbc7ca8> [ 18.296960] CR2: 0000000000000000 [ 18.297786] ---[ end trace aa44eccc8b1dde11 ]---
Test is now passing: https://openqa.suse.de/tests/1014775#step/run_ltp/98
This test fails in RC2, but I didn't see Call trace. http://qadb2.suse.de/qadb/result.php?submission_id=616907&search=1&testsuite_id=19
(In reply to Richard Palethorpe from comment #0) > The LTP test add_key02 dies with a kernel NULL pointer dereference > > From the test description: > > This is a regression test for commit 5649645d725c ("KEYS: fix dereferencing > NULL payload with nonzero length"). > > OpenQA: https://openqa.suse.de/tests/1008206#step/run_ltp/98 > Kernel log message: > > [ 18.240022] BUG: unable to handle kernel NULL pointer dereference at > (null) > [ 18.241384] IP: [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10 > [ 18.242504] PGD 3babe067 PUD 3d166067 PMD 0 > [ 18.243945] Oops: 0000 [#1] SMP > [ 18.245254] Modules linked in: ext4 crc16 jbd2 mbcache loop af_packet > iscsi_ibft iscsi_boot_sysfs ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 > ipt_REJECT xt_pkttype xt_tcpudp iptable_filter ip6table_mangle > nf_conntrack_ipv4 nf_defrag_ipv4 ip_tables xt_conntrack nf_conntrack > ip6table_filter ip6_tables x_tables ppdev parport_pc parport snd_intel8x0 > snd_ac97_codec snd_pcm acpi_cpufreq snd_timer joydev snd processor serio_raw > soundcore button ac97_bus pcspkr i2c_piix4 ata_generic sr_mod cdrom btrfs > xor hid_generic usbhid raid6_pq ata_piix ahci libahci cirrus drm_kms_helper > syscopyarea sysfillrect sysimgblt fb_sys_fops ttm virtio_net virtio_scsi > virtio_console drm virtio_blk libata ehci_pci ehci_hcd usbcore usb_common > virtio_pci virtio_ring virtio floppy sg dm_multipath dm_mod scsi_dh_rdac > scsi_dh_emc scsi_dh_alua scsi_mod autofs4 > [ 18.259666] Supported: Yes > [ 18.260422] CPU: 1 PID: 1807 Comm: add_key02 Not tainted 4.4.71-1-default > #1 > [ 18.261624] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS > rel-1.9.1-0-gb3ef39f-prebuilt.qemu-project.org 04/01/2014 > [ 18.263664] task: ffff88003bf2d300 ti: ffff88003bbc4000 task.ti: > ffff88003bbc4000 > [ 18.264895] RIP: 0010:[<ffffffff8134f9b5>] [<ffffffff8134f9b5>] > asn1_ber_decoder+0x2f5/0xc10 > [ 18.266171] RSP: 0018:ffff88003bbc7ca8 EFLAGS: 00010206 > [ 18.267156] RAX: 000000000000003f RBX: 0000000000000000 RCX: > 0000000000000040 > [ 18.268288] RDX: 0000000000000000 RSI: 0000000000000000 RDI: > 0000000000000070 > [ 18.269419] RBP: 0000000000000000 R08: 0000000000000040 R09: > 0000000000000002 > [ 18.270553] R10: 0000000000000002 R11: 0000000000000040 R12: > 0000000000000000 > [ 18.271670] R13: 0000000000000000 R14: 0000000000000000 R15: > 0000000000000000 > [ 18.272775] FS: 00007f2e328aa700(0000) GS:ffff88003fd00000(0000) > knlGS:0000000000000000 > [ 18.273970] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > [ 18.274978] CR2: 0000000000000000 CR3: 000000003bc99000 CR4: > 00000000000006e0 > [ 18.276097] Stack: > [ 18.276800] 0000000000000000 0000000000000000 0000000000000000 > ffffffff8186e6a0 > [ 18.277996] 0000000000000070 0000000000000000 0000000000000000 > 0000000000000004 > [ 18.279181] 0000000000000000 ffffffff8186e720 ffff880036be8ac0 > 0000000000000000 > [ 18.280360] Call Trace: > [ 18.281142] [<ffffffff812e22b4>] x509_cert_parse+0x94/0x160 > [ 18.282136] [<ffffffff812e2dc3>] x509_key_preparse+0x23/0x2a0 > [ 18.283121] [<ffffffff812e1481>] asymmetric_key_preparse+0x51/0xb0 > [ 18.284166] [<ffffffff81293922>] key_create_or_update+0x122/0x400 > [ 18.285182] [<ffffffff812950a8>] SyS_add_key+0x118/0x200 > [ 18.286144] [<ffffffff81605f2e>] entry_SYSCALL_64_fastpath+0x12/0x6d > [ 18.288478] DWARF2 unwinder stuck at entry_SYSCALL_64_fastpath+0x12/0x6d > [ 18.289532] > [ 18.290192] Leftover inexact backtrace: > [ 18.290192] > [ 18.291660] Code: 5f c3 44 89 e8 83 e0 01 88 44 24 40 74 0b 4c 3b 5c 24 > 10 0f 84 bb fd ff ff 48 8b 74 24 10 49 8d 43 ff 48 39 f0 0f 86 e5 05 00 00 > <41> 0f b6 04 34 48 8d 7e 01 48 89 7c 24 28 88 44 24 5d 83 e0 1f > [ 18.295121] RIP [<ffffffff8134f9b5>] asn1_ber_decoder+0x2f5/0xc10 > [ 18.296158] RSP <ffff88003bbc7ca8> > [ 18.296960] CR2: 0000000000000000 > [ 18.297786] ---[ end trace aa44eccc8b1dde11 ]--- Hi Richard, Sunny, Could you please attach the key that you tried to load by keyring? And, the steps of reproduction? Thanks
The Oops is a result from 4.4.71 that still didn't include the fix. So this can be ignored. The test case with 4.4.72 and later kernel should expect EFAULT instead of EINVAL, as stated in the changelog of the fix commit: KEYS: fix dereferencing NULL payload with nonzero length ..... Fix it by doing the copy_from_user() when 'plen' is nonzero rather than when '_payload' is non-NULL, causing the syscall to fail with EFAULT as expected when an invalid buffer is specified.
(In reply to Takashi Iwai from comment #4) > The Oops is a result from 4.4.71 that still didn't include the fix. So this > can be ignored. > > The test case with 4.4.72 and later kernel should expect EFAULT instead of > EINVAL, as stated in the changelog of the fix commit: > > KEYS: fix dereferencing NULL payload with nonzero length > > ..... Fix it by doing the copy_from_user() when 'plen' is nonzero > rather than when '_payload' is non-NULL, causing the syscall to fail > with EFAULT as expected when an invalid buffer is specified. Thanks for Takashi's help to analysis this problem. Set this bug to INVALID.
Thanks guys, I double checked the test case and it is doing the right thing.
This is currently blocking our kgraft patches (bsc#1062471). I think we should fix this in our LTSS kernels
(In reply to Johannes Segitz from comment #7) > This is currently blocking our kgraft patches (bsc#1062471). I think we > should fix this in our LTSS kernels I backported 5649645d7 kernel patch for SLE12-LTSS and SLE12-SP1-LTSS, submit to cve/linux-3.12 for waiting merged.
Mitre assigned CVE-2017-15274, please add this as reference
(In reply to Marcus Meissner from comment #9) > Mitre assigned CVE-2017-15274, please add this as reference Backported patch already merged to cve/linux-3.12: commit a1357f42a5cef87797174546155a99a825df6106 Author: Lee, Chun-Yi <jlee@suse.com> Date: Thu Oct 12 13:30:26 2017 +0800 KEYS: fix dereferencing NULL payload with nonzero length (bsc#1045327, bsc#1062471).
(In reply to Joey Lee from comment #10) > (In reply to Marcus Meissner from comment #9) > > Mitre assigned CVE-2017-15274, please add this as reference > > Backported patch already merged to cve/linux-3.12: > > commit a1357f42a5cef87797174546155a99a825df6106 > Author: Lee, Chun-Yi <jlee@suse.com> > Date: Thu Oct 12 13:30:26 2017 +0800 > > KEYS: fix dereferencing NULL payload with nonzero length > (bsc#1045327, bsc#1062471). I will also backport to: cve/linux-2.6.16 cve/linux-2.6.32 cve/linux-3.0
(In reply to Joey Lee from comment #10) > (In reply to Marcus Meissner from comment #9) > > Mitre assigned CVE-2017-15274, please add this as reference > > Backported patch already merged to cve/linux-3.12: > > commit a1357f42a5cef87797174546155a99a825df6106 > Author: Lee, Chun-Yi <jlee@suse.com> > Date: Thu Oct 12 13:30:26 2017 +0800 > > KEYS: fix dereferencing NULL payload with nonzero length > (bsc#1045327, bsc#1062471). Could you refresh the References tag in the patch to include the CVE number, and do push again?
(In reply to Takashi Iwai from comment #12) > (In reply to Joey Lee from comment #10) > > (In reply to Marcus Meissner from comment #9) > > > Mitre assigned CVE-2017-15274, please add this as reference > > > > Backported patch already merged to cve/linux-3.12: > > > > commit a1357f42a5cef87797174546155a99a825df6106 > > Author: Lee, Chun-Yi <jlee@suse.com> > > Date: Thu Oct 12 13:30:26 2017 +0800 > > > > KEYS: fix dereferencing NULL payload with nonzero length > > (bsc#1045327, bsc#1062471). > > Could you refresh the References tag in the patch to include the CVE number, > and do push again? I updated References tag and sent again.
(In reply to Joey Lee from comment #11) > (In reply to Joey Lee from comment #10) > > (In reply to Marcus Meissner from comment #9) > > > Mitre assigned CVE-2017-15274, please add this as reference > > > > Backported patch already merged to cve/linux-3.12: > > > > commit a1357f42a5cef87797174546155a99a825df6106 > > Author: Lee, Chun-Yi <jlee@suse.com> > > Date: Thu Oct 12 13:30:26 2017 +0800 > > > > KEYS: fix dereferencing NULL payload with nonzero length > > (bsc#1045327, bsc#1062471). > > I will also backport to: > > cve/linux-2.6.16 > cve/linux-2.6.32 > cve/linux-3.0 I sent backported patch to the above git branch.
SUSE-SU-2017:2769-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_20-6-4.1
SUSE-SU-2017:2770-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_23-4-4.1
SUSE-SU-2017:2771-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_19-8-4.1
SUSE-SU-2017:2772-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_22-5-4.1
SUSE-SU-2017:2773-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_26-3-4.1
SUSE-SU-2017:2774-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_25-3-4.1
SUSE-SU-2017:2775-1: An update that solves four vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1042892,1045327,1046191,1052311,1052368 CVE References: CVE-2017-1000112,CVE-2017-15274,CVE-2017-7645,CVE-2017-9242 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_27-2-4.1
SUSE-SU-2017:2776-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_16-10-4.1
SUSE-SU-2017:2777-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_17-9-4.1
SUSE-SU-2017:2778-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_9-11-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_9-11-4.1
SUSE-SU-2017:2779-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_10-10-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_10-10-4.1
SUSE-SU-2017:2780-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_21-5-4.1
SUSE-SU-2017:2781-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_24-3-4.1
SUSE-SU-2017:2782-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_13-7-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_13-7-4.1
SUSE-SU-2017:2783-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_12-8-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_12-8-4.1
SUSE-SU-2017:2784-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kgraft-patch-SLE12_Update_18-9-4.1
SUSE-SU-2017:2785-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_8-12-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_8-12-4.1
SUSE-SU-2017:2786-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_11-9-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_11-9-4.1
SUSE-SU-2017:2787-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_15-5-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_15-5-4.1
SUSE-SU-2017:2788-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_16-5-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_16-5-4.1
SUSE-SU-2017:2790-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_14-6-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_14-6-4.1
SUSE-SU-2017:2791-1: An update that solves four vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1038564,1042892,1045327,1052311,1052368 CVE References: CVE-2017-1000112,CVE-2017-15274,CVE-2017-8890,CVE-2017-9242 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_21-2-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_21-2-4.1
SUSE-SU-2017:2792-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_19-3-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_19-3-4.1
SUSE-SU-2017:2793-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_17-4-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_17-4-4.1
SUSE-SU-2017:2796-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_20-3-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_20-3-4.1
SUSE-SU-2017:2797-1: An update that fixes two vulnerabilities is now available. Category: security (important) Bug References: 1045327,1057950 CVE References: CVE-2017-1000251,CVE-2017-15274 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): kgraft-patch-SLE12-SP1_Update_18-3-4.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kgraft-patch-SLE12-SP1_Update_18-3-4.1
SUSE-SU-2017:2908-1: An update that solves 30 vulnerabilities and has 38 fixes is now available. Category: security (important) Bug References: 1001459,1012985,1023287,1027149,1028217,1030531,1030552,1031515,1033960,1034405,1035531,1035738,1037182,1037183,1037994,1038544,1038564,1038879,1038883,1038981,1038982,1039348,1039354,1039456,1039721,1039864,1039882,1039883,1039885,1040069,1041160,1041429,1041431,1042696,1042832,1042863,1044125,1045327,1045487,1045922,1046107,1048275,1048788,1049645,1049882,1053148,1053152,1053317,1056588,1056982,1057179,1058410,1058507,1058524,1059863,1062471,1062520,1063667,1064388,856774,860250,863764,878240,922855,922871,986924,993099,994364 CVE References: CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242 Sources used: SUSE OpenStack Cloud 6 (src): kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1 SUSE Linux Enterprise Server for SAP 12-SP1 (src): kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kernel-default-3.12.74-60.64.63.1, kernel-source-3.12.74-60.64.63.1, kernel-syms-3.12.74-60.64.63.1, kernel-xen-3.12.74-60.64.63.1, kgraft-patch-SLE12-SP1_Update_22-1-2.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.74-60.64.63.1
SUSE-SU-2017:2920-1: An update that solves 36 vulnerabilities and has 22 fixes is now available. Category: security (important) Bug References: 1008353,1012422,1017941,1029850,1030593,1032268,1034405,1034670,1035576,1035877,1036752,1037182,1037183,1037306,1037994,1038544,1038879,1038981,1038982,1039348,1039349,1039354,1039456,1039721,1039882,1039883,1039885,1040069,1041431,1041958,1044125,1045327,1045487,1045922,1046107,1047408,1048275,1049645,1049882,1052593,1053148,1053152,1056588,1056982,1057179,1058038,1058410,1058507,1058524,1062520,1063667,1064388,938162,975596,977417,984779,985562,990682 CVE References: CVE-2015-9004,CVE-2016-10229,CVE-2016-9604,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-2647,CVE-2017-6951,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8106,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kernel-default-3.12.61-52.101.1, kernel-source-3.12.61-52.101.1, kernel-syms-3.12.61-52.101.1, kernel-xen-3.12.61-52.101.1, kgraft-patch-SLE12_Update_28-1-8.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.61-52.101.1
An update workflow for this issue was started. This issue was rated as important. Please submit fixed packages until 2017-11-21. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/63894
SUSE-SU-2017:3165-1: An update that solves 5 vulnerabilities and has 17 fixes is now available. Category: security (important) Bug References: 1022967,1036286,1044228,1045327,1052593,1053317,1056230,1056504,1057796,1059051,1059525,1060245,1060665,1061017,1061180,1062520,1062842,1063301,1063544,1063667,909484,996376 CVE References: CVE-2017-1000253,CVE-2017-13080,CVE-2017-14489,CVE-2017-15265,CVE-2017-15274 Sources used: SUSE Linux Enterprise Real Time Extension 11-SP4 (src): kernel-rt-3.0.101.rt130-69.11.1, kernel-rt_trace-3.0.101.rt130-69.11.1, kernel-source-rt-3.0.101.rt130-69.11.1, kernel-syms-rt-3.0.101.rt130-69.11.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-rt-3.0.101.rt130-69.11.1, kernel-rt_debug-3.0.101.rt130-69.11.1, kernel-rt_trace-3.0.101.rt130-69.11.1
SUSE-SU-2017:3265-1: An update that solves 20 vulnerabilities and has 53 fixes is now available. Category: security (important) Bug References: 1012917,1013018,1022967,1024450,1031358,1036286,1036629,1037441,1037667,1037669,1037994,1039803,1040609,1042863,1045154,1045205,1045327,1045538,1047523,1050381,1050431,1051133,1051932,1052311,1052365,1052370,1052593,1053148,1053152,1053317,1053802,1053933,1054070,1054076,1054093,1054247,1054305,1054706,1056230,1056504,1056588,1057179,1057796,1058524,1059051,1060245,1060665,1061017,1061180,1062520,1062842,1063301,1063544,1063667,1064803,1064861,1065180,1066471,1066472,1066573,1066606,1066618,1066625,1066650,1066671,1066700,1066705,1067085,1067816,1067888,909484,984530,996376 CVE References: CVE-2017-1000112,CVE-2017-10661,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14140,CVE-2017-14340,CVE-2017-14489,CVE-2017-15102,CVE-2017-15265,CVE-2017-15274,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16649,CVE-2017-8831 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): kernel-docs-3.0.101-108.18.3 SUSE Linux Enterprise Server 11-SP4 (src): kernel-bigmem-3.0.101-108.18.1, kernel-default-3.0.101-108.18.1, kernel-ec2-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-source-3.0.101-108.18.1, kernel-syms-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-default-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-bigmem-3.0.101-108.18.1, kernel-default-3.0.101-108.18.1, kernel-ec2-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1
SUSE-SU-2018:0040-1: An update that solves 32 vulnerabilities and has 7 fixes is now available. Category: security (important) Bug References: 1010175,1034862,1045327,1050231,1052593,1056982,1057179,1057389,1058524,1062520,1063544,1063667,1066295,1066472,1066569,1066573,1066606,1066618,1066625,1066650,1066671,1066693,1066700,1066705,1067085,1068032,1068671,1069702,1069708,1070771,1071074,1071470,1071695,1072561,1072876,1073792,1073874,1074033,999245 CVE References: CVE-2017-1000251,CVE-2017-11600,CVE-2017-13080,CVE-2017-13167,CVE-2017-14106,CVE-2017-14140,CVE-2017-14340,CVE-2017-15102,CVE-2017-15115,CVE-2017-15265,CVE-2017-15274,CVE-2017-15868,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16534,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16538,CVE-2017-16649,CVE-2017-16939,CVE-2017-17450,CVE-2017-17558,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7472,CVE-2017-8824 Sources used: SUSE Linux Enterprise Server 11-SP3-LTSS (src): kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-source-3.0.101-0.47.106.11.1, kernel-syms-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-ppc64-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-source-3.0.101-0.47.106.11.1, kernel-syms-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
released
*** Bug 1100600 has been marked as a duplicate of this bug. ***