Bug 1111014 - VUL-0: CVE-2018-17963: xen: net: ignore packets with large size
VUL-0: CVE-2018-17963: xen: net: ignore packets with large size
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/216248/
CVSSv3:SUSE:CVE-2018-17963:6.5:(AV:N/...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-10-08 08:18 UTC by Johannes Segitz
Modified: 2021-01-21 18:21 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2018-10-08 08:18:47 UTC
+++ This bug was initially created as a clone of Bug #1111013 +++

rh#1636777

A potential integer overflow issue was found in the QEMU emulator. It could occur when a packet with large packet size is accepted and processed.
A user inside guest could use this flaw to crash the Qemu process resulting in DoS.

Fix: https://lists.gnu.org/archive/html/qemu-devel/2018-09/msg03267.html

References:
https://www.openwall.com/lists/oss-security/2018/10/08/1
https://bugzilla.redhat.com/show_bug.cgi?id=1636777
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17963
Comment 1 Charles Arnold 2018-10-11 20:34:44 UTC
Applicable to xen qemu 'upstream' version for,

SLE11-SP3/SP4, SLE12, SLE12-SP1

Applicable to xen qemu-traditional version for,

SLE11-SP1/SP2/SP3/SP4 SLE12, SLE12-SP1/SP2/SP3/SP4

Not applicable to SLE10-SP3/SP4
Comment 2 Olaf Hering 2018-10-15 09:45:01 UTC
Are we good to go, at least with xen for SUSE:SLE-12-SP2:Update? Need a fix xen for bug#1094508 "soon".
Comment 5 Swamp Workflow Management 2018-10-23 16:16:06 UTC
SUSE-SU-2018:3332-1: An update that solves two vulnerabilities and has one errata is now available.

Category: security (moderate)
Bug References: 1094508,1103276,1111014
CVE References: CVE-2018-15468,CVE-2018-17963
Sources used:
SUSE OpenStack Cloud 7 (src):    xen-4.7.6_05-43.42.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    xen-4.7.6_05-43.42.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    xen-4.7.6_05-43.42.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    xen-4.7.6_05-43.42.1
SUSE Enterprise Storage 4 (src):    xen-4.7.6_05-43.42.1
Comment 6 Swamp Workflow Management 2018-10-26 16:16:48 UTC
SUSE-SU-2018:3490-1: An update that solves 5 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1027519,1078292,1091107,1094508,1103275,1103276,1103279,1106263,1111014
CVE References: CVE-2018-15468,CVE-2018-15469,CVE-2018-15470,CVE-2018-17963,CVE-2018-3646
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    xen-4.9.3_03-3.44.2
SUSE Linux Enterprise Server 12-SP3 (src):    xen-4.9.3_03-3.44.2
SUSE Linux Enterprise Desktop 12-SP3 (src):    xen-4.9.3_03-3.44.2
SUSE CaaS Platform ALL (src):    xen-4.9.3_03-3.44.2
SUSE CaaS Platform 3.0 (src):    xen-4.9.3_03-3.44.2
Comment 7 Swamp Workflow Management 2018-10-30 11:12:35 UTC
openSUSE-SU-2018:3560-1: An update that solves 5 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1027519,1078292,1091107,1094508,1103275,1103276,1103279,1106263,1111014
CVE References: CVE-2018-15468,CVE-2018-15469,CVE-2018-15470,CVE-2018-17963,CVE-2018-3646
Sources used:
openSUSE Leap 42.3 (src):    xen-4.9.3_03-31.1
Comment 9 Swamp Workflow Management 2019-01-02 19:09:01 UTC
SUSE-SU-2019:0003-1: An update that solves 11 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 1027519,1108940,1111014,1114405,1114423,1114988,1115040,1115043,1115044,1115045,1115047,1117756
CVE References: CVE-2018-17963,CVE-2018-18849,CVE-2018-18883,CVE-2018-19665,CVE-2018-19961,CVE-2018-19962,CVE-2018-19963,CVE-2018-19964,CVE-2018-19965,CVE-2018-19966,CVE-2018-19967
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP4 (src):    xen-4.11.1_02-2.3.1
SUSE Linux Enterprise Server 12-SP4 (src):    xen-4.11.1_02-2.3.1
SUSE Linux Enterprise Desktop 12-SP4 (src):    xen-4.11.1_02-2.3.1
Comment 12 Swamp Workflow Management 2019-04-01 13:19:44 UTC
SUSE-SU-2019:0827-1: An update that solves 15 vulnerabilities and has 10 fixes is now available.

Category: security (important)
Bug References: 1027519,1056336,1105528,1108940,1110924,1111007,1111011,1111014,1112188,1114423,1114988,1115040,1115045,1115047,1117756,1123157,1126140,1126141,1126192,1126195,1126196,1126198,1126201,1127400,1129623
CVE References: CVE-2017-13672,CVE-2018-10839,CVE-2018-17958,CVE-2018-17962,CVE-2018-17963,CVE-2018-18438,CVE-2018-18849,CVE-2018-19665,CVE-2018-19961,CVE-2018-19962,CVE-2018-19965,CVE-2018-19966,CVE-2018-19967,CVE-2019-6778,CVE-2019-9824
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    xen-4.4.4_40-22.77.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2019-04-01 13:23:03 UTC
SUSE-SU-2019:0825-1: An update that solves 14 vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1056336,1110924,1111007,1111011,1111014,1112188,1114423,1114988,1115040,1115047,1117756,1123157,1126140,1126141,1126192,1126195,1126196,1126201,1129623
CVE References: CVE-2017-13672,CVE-2018-10839,CVE-2018-17958,CVE-2018-17962,CVE-2018-17963,CVE-2018-18438,CVE-2018-18849,CVE-2018-19665,CVE-2018-19961,CVE-2018-19962,CVE-2018-19966,CVE-2018-19967,CVE-2019-6778,CVE-2019-9824
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    xen-4.5.5_28-22.58.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    xen-4.5.5_28-22.58.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 14 Swamp Workflow Management 2019-04-03 13:10:16 UTC
SUSE-SU-2019:14011-1: An update that solves 14 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1110924,1111007,1111011,1111014,1112188,1114423,1114988,1115040,1115045,1115047,1117756,1123157,1126140,1126141,1126192,1126195,1126196,1129623
CVE References: CVE-2018-10839,CVE-2018-17958,CVE-2018-17962,CVE-2018-17963,CVE-2018-18438,CVE-2018-18849,CVE-2018-19665,CVE-2018-19961,CVE-2018-19962,CVE-2018-19965,CVE-2018-19966,CVE-2018-19967,CVE-2019-6778,CVE-2019-9824
Sources used:
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    xen-4.2.5_21-45.30.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    xen-4.2.5_21-45.30.1

*** NOTE: This information is not intended to be used for external
    communication, because this may only be a partial fix.
    If you have questions please reach out to maintenance coordination.
Comment 15 Charles Arnold 2019-06-07 15:16:33 UTC
Fixed and released.
Comment 16 Marcus Meissner 2019-08-30 15:14:56 UTC
released