Bug 1143048 - (CVE-2018-20856) VUL-1: CVE-2018-20856: kernel-source: memory use-after-free issue in __blk_drain_queue()
(CVE-2018-20856)
VUL-1: CVE-2018-20856: kernel-source: memory use-after-free issue in __blk_dr...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/238068/
CVSSv3.1:SUSE:CVE-2018-20856:7.0:(AV...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-07-26 14:03 UTC by Alexandros Toptsoglou
Modified: 2021-11-16 08:30 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexandros Toptsoglou 2019-07-26 14:03:54 UTC
CVE-2018-20856

An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c,
there is an __blk_drain_queue() use-after-free because a certain error case is
mishandled.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20856
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20856
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=54648cf1ec2d7f4b6a71767799c45676a138ca24
https://github.com/torvalds/linux/commit/54648cf1ec2d7f4b6a71767799c45676a138ca24
Comment 1 Takashi Iwai 2019-07-29 06:49:27 UTC
SLE15 already contains the fix.

SLE12-SP3-LTSS blacklists it as it requires other non-stable changes, added by Coly.

cve/linux-4.4 and older don't contain the commit.
Comment 2 Coly Li 2019-07-29 16:09:14 UTC
(In reply to Takashi Iwai from comment #1)
> SLE15 already contains the fix.
> 
> SLE12-SP3-LTSS blacklists it as it requires other non-stable changes, added
> by Coly.
> 
> cve/linux-4.4 and older don't contain the commit.

I didn't realize it was a CVE fix when I added the commit into blacklist.
Now I just rebase this patch to SLE12-SP3-LTSS kernel and submit the single rebased patch into users/colyli/cve/linux-4.4/for-next

Thanks for the information.

Coly Li
Comment 3 Takashi Iwai 2019-08-02 10:15:44 UTC
Thanks!  Could you check and handle for older releases as well?
Comment 4 Coly Li 2019-08-02 15:31:33 UTC
(In reply to Takashi Iwai from comment #3)
> Thanks!  Could you check and handle for older releases as well?

Sure, let me handle them.
Comment 8 Swamp Workflow Management 2019-09-02 10:28:31 UTC
SUSE-SU-2019:2263-1: An update that solves 12 vulnerabilities and has 24 fixes is now available.

Category: security (important)
Bug References: 1106061,1123161,1125674,1127034,1128977,1130972,1133860,1134399,1135335,1135365,1137584,1139358,1139826,1140652,1140903,1140945,1141181,1141401,1141402,1141452,1141453,1141454,1142023,1142254,1142857,1143045,1143048,1143189,1143191,1143333,1144257,1144273,1144288,1144920,1145920,1145922
CVE References: CVE-2018-20855,CVE-2018-20856,CVE-2019-10207,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-13648,CVE-2019-14283,CVE-2019-14284,CVE-2019-15117,CVE-2019-15118,CVE-2019-3819
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    kernel-default-4.4.180-94.103.1, kernel-source-4.4.180-94.103.1, kernel-syms-4.4.180-94.103.1, kgraft-patch-SLE12-SP3_Update_28-1-4.3.1
SUSE OpenStack Cloud 8 (src):    kernel-default-4.4.180-94.103.1, kernel-source-4.4.180-94.103.1, kernel-syms-4.4.180-94.103.1, kgraft-patch-SLE12-SP3_Update_28-1-4.3.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    kernel-default-4.4.180-94.103.1, kernel-source-4.4.180-94.103.1, kernel-syms-4.4.180-94.103.1, kgraft-patch-SLE12-SP3_Update_28-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    kernel-default-4.4.180-94.103.1, kernel-source-4.4.180-94.103.1, kernel-syms-4.4.180-94.103.1, kgraft-patch-SLE12-SP3_Update_28-1-4.3.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    kernel-default-4.4.180-94.103.1, kernel-source-4.4.180-94.103.1, kernel-syms-4.4.180-94.103.1
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.180-94.103.1
SUSE Enterprise Storage 5 (src):    kernel-default-4.4.180-94.103.1, kernel-source-4.4.180-94.103.1, kernel-syms-4.4.180-94.103.1, kgraft-patch-SLE12-SP3_Update_28-1-4.3.1
SUSE CaaS Platform 3.0 (src):    kernel-default-4.4.180-94.103.1
HPE Helion Openstack 8 (src):    kernel-default-4.4.180-94.103.1, kernel-source-4.4.180-94.103.1, kernel-syms-4.4.180-94.103.1, kgraft-patch-SLE12-SP3_Update_28-1-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2019-09-05 10:17:13 UTC
SUSE-SU-2019:2299-1: An update that solves 12 vulnerabilities and has 19 fixes is now available.

Category: security (important)
Bug References: 1045640,1076033,1107256,1123161,1130972,1134399,1139358,1140012,1140652,1140903,1140945,1141401,1141402,1141452,1141453,1141454,1141628,1142023,1142098,1142857,1143045,1143048,1143189,1143191,1144257,1144273,1144288,1144920,1145920,1145922,1146163
CVE References: CVE-2017-18551,CVE-2018-20855,CVE-2018-20856,CVE-2019-10207,CVE-2019-1125,CVE-2019-11810,CVE-2019-13631,CVE-2019-14283,CVE-2019-14284,CVE-2019-15117,CVE-2019-15118,CVE-2019-3819
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.120.1, kernel-source-4.4.121-92.120.1, kernel-syms-4.4.121-92.120.1, kgraft-patch-SLE12-SP2_Update_32-1-3.3.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.120.1, kernel-source-4.4.121-92.120.1, kernel-syms-4.4.121-92.120.1, kgraft-patch-SLE12-SP2_Update_32-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.120.1, kernel-source-4.4.121-92.120.1, kernel-syms-4.4.121-92.120.1, kgraft-patch-SLE12-SP2_Update_32-1-3.3.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.120.1, kernel-source-4.4.121-92.120.1, kernel-syms-4.4.121-92.120.1
SUSE Linux Enterprise High Availability 12-SP2 (src):    kernel-default-4.4.121-92.120.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.120.1, kernel-source-4.4.121-92.120.1, kernel-syms-4.4.121-92.120.1, kgraft-patch-SLE12-SP2_Update_32-1-3.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Coly Li 2019-09-25 15:38:20 UTC
The patch is merged, close the report as fixed.
Comment 12 Marcus Meissner 2019-09-25 16:16:08 UTC
Please reassign security bugs back to sceurity-team. check ozut boris howto
Comment 13 Robert Frohl 2021-11-16 08:30:24 UTC
done