Bug 1066618 - (CVE-2017-16525) VUL-0: CVE-2017-16525: kernel: The usb_serial_console_disconnect function allows local users to cause DoS
(CVE-2017-16525)
VUL-0: CVE-2017-16525: kernel: The usb_serial_console_disconnect function all...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/194501/
CVSSv2:SUSE:CVE-2017-16525:4.7:(AV:L/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2017-11-06 10:29 UTC by Johannes Segitz
Modified: 2022-08-31 08:03 UTC (History)
8 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2017-11-06 10:29:21 UTC
CVE-2017-16525

The usb_serial_console_disconnect function in drivers/usb/serial/console.c in
the Linux kernel before 4.13.8 allows local users to cause a denial of service
(use-after-free and system crash) or possibly have unspecified other impact via
a crafted USB device, related to disconnection and failed setup.

Couldn't find the module in supported.conf, unsure about this one.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-16525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16525
https://github.com/torvalds/linux/commit/299d7572e46f98534033a9e65973f13ad1ce9047
https://github.com/torvalds/linux/commit/bd998c2e0df0469707503023d50d46cf0b10c787
https://groups.google.com/d/msg/syzkaller/cMACrmo1x0k/4KhRoUgABAAJ
Comment 1 Oliver Neukum 2017-11-06 14:36:33 UTC
For the record:

Kernels 2.6.18-4.10 need only
299d7572e46f98534033a9e65973f13ad1ce9047

Later kernels need in addition:
bd998c2e0df0469707503023d50d46cf0b10c787
Comment 2 Oliver Neukum 2017-11-06 14:37:37 UTC
Patches added to the cve trees and SLE15
Comment 4 Swamp Workflow Management 2017-12-08 17:13:16 UTC
SUSE-SU-2017:3249-1: An update that solves 14 vulnerabilities and has 8 fixes is now available.

Category: security (important)
Bug References: 1043652,1047626,1066192,1066471,1066472,1066573,1066606,1066618,1066625,1066650,1066671,1066700,1066705,1067085,1067086,1067997,1069496,1069702,1069708,1070307,1070781,860993
CVE References: CVE-2014-0038,CVE-2017-1000405,CVE-2017-12193,CVE-2017-15102,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16649,CVE-2017-16650,CVE-2017-16939
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.106.1, kernel-source-3.12.61-52.106.1, kernel-syms-3.12.61-52.106.1, kernel-xen-3.12.61-52.106.1, kgraft-patch-SLE12_Update_29-1-5.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.106.1
Comment 5 Swamp Workflow Management 2017-12-11 20:19:17 UTC
SUSE-SU-2017:3265-1: An update that solves 20 vulnerabilities and has 53 fixes is now available.

Category: security (important)
Bug References: 1012917,1013018,1022967,1024450,1031358,1036286,1036629,1037441,1037667,1037669,1037994,1039803,1040609,1042863,1045154,1045205,1045327,1045538,1047523,1050381,1050431,1051133,1051932,1052311,1052365,1052370,1052593,1053148,1053152,1053317,1053802,1053933,1054070,1054076,1054093,1054247,1054305,1054706,1056230,1056504,1056588,1057179,1057796,1058524,1059051,1060245,1060665,1061017,1061180,1062520,1062842,1063301,1063544,1063667,1064803,1064861,1065180,1066471,1066472,1066573,1066606,1066618,1066625,1066650,1066671,1066700,1066705,1067085,1067816,1067888,909484,984530,996376
CVE References: CVE-2017-1000112,CVE-2017-10661,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14140,CVE-2017-14340,CVE-2017-14489,CVE-2017-15102,CVE-2017-15265,CVE-2017-15274,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16649,CVE-2017-8831
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    kernel-docs-3.0.101-108.18.3
SUSE Linux Enterprise Server 11-SP4 (src):    kernel-bigmem-3.0.101-108.18.1, kernel-default-3.0.101-108.18.1, kernel-ec2-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-source-3.0.101-108.18.1, kernel-syms-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-default-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-bigmem-3.0.101-108.18.1, kernel-default-3.0.101-108.18.1, kernel-ec2-3.0.101-108.18.1, kernel-pae-3.0.101-108.18.1, kernel-ppc64-3.0.101-108.18.1, kernel-trace-3.0.101-108.18.1, kernel-xen-3.0.101-108.18.1
Comment 6 Swamp Workflow Management 2018-01-08 20:09:39 UTC
SUSE-SU-2018:0040-1: An update that solves 32 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 1010175,1034862,1045327,1050231,1052593,1056982,1057179,1057389,1058524,1062520,1063544,1063667,1066295,1066472,1066569,1066573,1066606,1066618,1066625,1066650,1066671,1066693,1066700,1066705,1067085,1068032,1068671,1069702,1069708,1070771,1071074,1071470,1071695,1072561,1072876,1073792,1073874,1074033,999245
CVE References: CVE-2017-1000251,CVE-2017-11600,CVE-2017-13080,CVE-2017-13167,CVE-2017-14106,CVE-2017-14140,CVE-2017-14340,CVE-2017-15102,CVE-2017-15115,CVE-2017-15265,CVE-2017-15274,CVE-2017-15868,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16534,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16538,CVE-2017-16649,CVE-2017-16939,CVE-2017-17450,CVE-2017-17558,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7472,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-source-3.0.101-0.47.106.11.1, kernel-syms-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-ppc64-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-source-3.0.101-0.47.106.11.1, kernel-syms-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.106.11.1, kernel-default-3.0.101-0.47.106.11.1, kernel-ec2-3.0.101-0.47.106.11.1, kernel-pae-3.0.101-0.47.106.11.1, kernel-trace-3.0.101-0.47.106.11.1, kernel-xen-3.0.101-0.47.106.11.1
Comment 7 Swamp Workflow Management 2018-01-23 17:14:41 UTC
SUSE-SU-2018:0180-1: An update that solves 26 vulnerabilities and has 24 fixes is now available.

Category: security (important)
Bug References: 1012917,1013018,1024612,1034862,1045205,1045479,1045538,1047487,1048185,1050231,1050431,1051133,1054305,1056982,1063043,1064803,1064861,1065180,1065600,1066471,1066472,1066569,1066573,1066606,1066618,1066625,1066650,1066671,1066693,1066700,1066705,1066973,1067085,1067816,1067888,1068032,1068671,1068984,1069702,1070771,1070964,1071074,1071470,1071695,1072457,1072561,1072876,1073792,1073874,1074709
CVE References: CVE-2017-11600,CVE-2017-13167,CVE-2017-14106,CVE-2017-15102,CVE-2017-15115,CVE-2017-15868,CVE-2017-16525,CVE-2017-16527,CVE-2017-16529,CVE-2017-16531,CVE-2017-16534,CVE-2017-16535,CVE-2017-16536,CVE-2017-16537,CVE-2017-16538,CVE-2017-16649,CVE-2017-16939,CVE-2017-17450,CVE-2017-17558,CVE-2017-17805,CVE-2017-17806,CVE-2017-5715,CVE-2017-5753,CVE-2017-5754,CVE-2017-7472,CVE-2017-8824
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.14.1, kernel-rt_trace-3.0.101.rt130-69.14.1, kernel-source-rt-3.0.101.rt130-69.14.1, kernel-syms-rt-3.0.101.rt130-69.14.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.14.1, kernel-rt_debug-3.0.101.rt130-69.14.1, kernel-rt_trace-3.0.101.rt130-69.14.1
Comment 8 Marcus Meissner 2018-02-09 07:26:15 UTC
released
Comment 21 Swamp Workflow Management 2022-07-13 13:22:08 UTC
SUSE-SU-2022:2379-1: An update that solves 9 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1066618,1146519,1194013,1196901,1199487,1199657,1200571,1200604,1200605,1200619,1200692,1201050,1201080
CVE References: CVE-2017-16525,CVE-2021-26341,CVE-2021-4157,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.178.1, kernel-source-4.4.121-92.178.1, kernel-syms-4.4.121-92.178.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2022-07-21 13:18:43 UTC
SUSE-SU-2022:2478-1: An update that solves 9 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1066618,1146519,1194013,1196901,1199487,1199657,1200571,1200604,1200605,1200619,1200692,1201050,1201080
CVE References: CVE-2017-16525,CVE-2021-26341,CVE-2021-4157,CVE-2022-1679,CVE-2022-20132,CVE-2022-20141,CVE-2022-29900,CVE-2022-29901,CVE-2022-33981
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.167.1, kernel-source-4.4.180-94.167.1, kernel-syms-4.4.180-94.167.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 25 Oliver Neukum 2022-08-30 11:06:11 UTC
cve/linux-4.12 done
cve/cve/linux-3.12 done
cve/linux-3.0 done
cve/linux-2.6.32 done

cve/linux-2.6.16 not affected (too old)
cve/linux-5.3 not affected (too young)

cve/linux-4.4
that was an issue with bookkepping. It had the fix due to the stable series Takashi updated that entry.

All trees have been covered for quite some time. Administrative hickup.
Comment 26 Gabriele Sonnu 2022-08-31 08:03:58 UTC
Done.