Bug 1057474 (CVE-2017-12146) - VUL-0: CVE-2017-12146: kernel-source: Race condition in driver_override implementation
Summary: VUL-0: CVE-2017-12146: kernel-source: Race condition in driver_override imple...
Status: RESOLVED FIXED
Alias: CVE-2017-12146
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Minor
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/191518/
Whiteboard: CVSSv3:SUSE:CVE-2017-12146:6.4:(AV:L/...
Keywords:
Depends on:
Blocks:
 
Reported: 2017-09-06 19:43 UTC by Marcus Meissner
Modified: 2019-05-01 13:55 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2017-09-06 19:43:56 UTC
via rh bug


It was found that the driver_override implementation in base/platform.c is susceptible to race condition when different threads are reading vs storing a different driver override.

Upstream patch:

https://github.com/torvalds/linux/commit/6265539776a0810b7ce6398c27866ddb9c6bd154

Introduced by commit:

https://github.com/torvalds/linux/commit/3d713e0e382e
Comment 1 Marcus Meissner 2017-09-06 19:44:47 UTC
3d713e0e382e is in 3.17, so SLES 12 SP2 and later are affected.
Comment 2 Marcus Meissner 2017-09-06 19:58:44 UTC
this is in /sys/devices/platform/*/driver_override

the files are usually reachable by root only I think.
Comment 3 Takashi Iwai 2017-09-07 10:21:38 UTC
Already included in 4.4.77 and 4.12.1.
So the fix needed only for SLE12-SP0/SP1.
Comment 4 Takashi Iwai 2017-09-07 10:23:44 UTC
(In reply to Takashi Iwai from comment #3)
> So the fix needed only for SLE12-SP0/SP1.

And no, as already pointed out in comment #1, it's from 3.17, so they aren't affected either.  We already covered all.

Reassigned back to security team.
Comment 11 Marcus Meissner 2018-02-09 09:45:50 UTC
was in 4.4.90 for SLES 12 SP2 and SP3, older versions not affected.