First Last Prev Next    This bug is not in your last search results.
Bug 823517 - (CVE-2013-2148) VUL-0: CVE-2013-2148: kernel: fanotify: info leak in copy_event_to_user
(CVE-2013-2148)
VUL-0: CVE-2013-2148: kernel: fanotify: info leak in copy_event_to_user
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Security Team bot
Security Team bot
maint:released:sle11-sp2:54197 maint:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-06 01:39 UTC by Alexander Bergmann
Modified: 2015-02-19 01:20 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2013-06-06 01:39:54 UTC 
Public via oss-security:

Date: Wed, 5 Jun 2013 13:23:02 +0530 (IST)
From: P J P
Subject: [oss-security] CVE Request: Linux kernel: fanotify: info leak in copy_event_to_user

Linux kernel built with the Filesystem wide access notification
(CONFIG_FANOTIFY) support is vulnerable to an information leakage flaw. The
leaked bytes could be accessed via read(2) call on the fanotify descriptor.

A user/program could use this flaw to leak kernel memory bytes.

Upstream fix:
-------------
  -> https://lkml.org/lkml/2013/6/3/128
Comment 1 Swamp Workflow Management 2013-06-06 16:00:11 UTC 
bugbot adjusting priority
Comment 2 Alexander Bergmann 2013-06-14 07:40:15 UTC 
CVE-2013-2148 was assigned for this issue.
Comment 3 Miklos Szeredi 2013-07-05 16:13:49 UTC 
Applied to:

SLE11-SP2
SLE11-SP3
openSUSE-12.2
openSUSE-12.3
Comment 4 Michal Hocko 2013-07-08 08:11:27 UTC 
Doesn't affect SLE11-SP1-TD AFACS. The issue has been introduced around a1014f102 (2.6.36).
Comment 6 Marcus Meissner 2013-09-20 14:13:06 UTC 
We have just released a kernel update for SUSE Linux Enterprise 11 SP2 tthat mentions/fixes this bug. The released version is 3.0.93-0.5.1.
Comment 7 Marcus Meissner 2013-09-20 14:44:14 UTC 
We have just released a kernel update for SUSE Linux Enterprise 11 SP3 that mentions/fixes this bug. The released version is 3.0.93-0.8.2.
Comment 8 Swamp Workflow Management 2013-09-20 16:52:13 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ia64)
SLE-HAE 11-SP3 (ia64)
SLE-SERVER 11-SP3 (ia64)
Comment 9 Swamp Workflow Management 2013-09-20 17:02:52 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ppc64)
SLE-HAE 11-SP3 (ppc64)
SLE-SERVER 11-SP3 (ppc64)
Comment 10 Swamp Workflow Management 2013-09-20 17:04:36 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (s390x)
SLE-HAE 11-SP3 (s390x)
SLE-SERVER 11-SP3 (s390x)
Comment 11 Swamp Workflow Management 2013-09-20 17:08:37 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (s390x)
SLE-HAE 11-SP2 (s390x)
SLE-SERVER 11-SP2 (s390x)
Comment 12 Swamp Workflow Management 2013-09-20 17:25:24 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)
Comment 13 Swamp Workflow Management 2013-09-20 17:33:23 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (ia64)
SLE-HAE 11-SP2 (ia64)
SLE-SERVER 11-SP2 (ia64)
Comment 14 Swamp Workflow Management 2013-09-20 17:50:07 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-devel, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-devel, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-devel, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (i386)
SLE-DESKTOP 11-SP3 (i386)
SLE-HAE 11-SP3 (i386)
SLE-SERVER 11-SP3 (i386)
SLES4VMWARE 11-SP3 (i386)
Comment 15 Swamp Workflow Management 2013-09-20 18:10:39 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-devel, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-devel, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-devel, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (i386)
SLE-DESKTOP 11-SP2 (i386)
SLE-HAE 11-SP2 (i386)
SLE-SERVER 11-SP2 (i386)
SLES4VMWARE 11-SP2 (i386)
Comment 16 Swamp Workflow Management 2013-09-20 18:22:27 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (ppc64)
SLE-HAE 11-SP2 (ppc64)
SLE-SERVER 11-SP2 (ppc64)
Comment 17 Swamp Workflow Management 2013-09-20 19:00:57 UTC 
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (x86_64)
SLE-DESKTOP 11-SP2 (x86_64)
SLE-HAE 11-SP2 (x86_64)
SLE-SERVER 11-SP2 (x86_64)
SLES4VMWARE 11-SP2 (x86_64)
Comment 18 Swamp Workflow Management 2013-09-20 22:08:59 UTC 
Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 19 Swamp Workflow Management 2013-09-20 23:08:06 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-pae, ext4-writeable-kmp-trace, ext4-writeable-kmp-xen, kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 20 Swamp Workflow Management 2013-09-21 00:08:04 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, ext4-writeable-kmp-xen, kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 21 Swamp Workflow Management 2013-09-21 01:08:00 UTC 
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 22 Swamp Workflow Management 2013-09-21 02:09:24 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 23 Swamp Workflow Management 2013-09-21 03:11:54 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-trace, kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 24 Swamp Workflow Management 2013-09-21 04:11:11 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 25 Swamp Workflow Management 2013-09-21 05:11:38 UTC 
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 26 Swamp Workflow Management 2013-09-21 06:12:46 UTC 
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 27 Swamp Workflow Management 2013-09-21 07:13:19 UTC 
Update released for: ext4-writeable-kmp-default, ext4-writeable-kmp-ppc64, ext4-writeable-kmp-trace, kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 28 Swamp Workflow Management 2013-10-07 17:07:07 UTC 
Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-RT 11-SP2 (x86_64)
Comment 29 Swamp Workflow Management 2013-10-07 17:07:33 UTC 
Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-RT 11-SP3 (x86_64)
Comment 30 Swamp Workflow Management 2013-10-31 23:08:08 UTC 
openSUSE-SU-2013:1619-1: An update that solves 12 vulnerabilities and has 17 fixes is now available.

Category: security (moderate)
Bug References: 783858,785542,787649,789598,794988,801178,806976,807153,807471,814336,815320,817377,818053,821560,821612,822575,823342,823517,824171,824295,827749,827750,828119,828714,831055,831058,833321,835414,838346
CVE References: CVE-2013-0231,CVE-2013-1774,CVE-2013-1819,CVE-2013-2148,CVE-2013-2164,CVE-2013-2232,CVE-2013-2234,CVE-2013-2237,CVE-2013-2850,CVE-2013-2851,CVE-2013-4162,CVE-2013-4163
Sources used:
openSUSE 12.2 (src):    kernel-docs-3.4.63-2.44.2, kernel-source-3.4.63-2.44.1, kernel-syms-3.4.63-2.44.1
Comment 31 Swamp Workflow Management 2013-11-26 21:15:02 UTC 
openSUSE-SU-2013:1773-1: An update that solves 12 vulnerabilities and has 58 fixes is now available.

Category: security (low)
Bug References: 745640,760407,765523,773006,773255,773837,783475,785901,789010,801427,803320,804482,805371,806396,806976,807471,807502,808940,809122,812526,812974,813604,813733,814336,815320,816043,817035,817377,818465,819363,819523,820172,820434,821052,822066,822077,822575,822825,823082,823342,823497,823517,824159,824295,824915,825048,825142,825227,825591,825657,825887,826350,826960,827372,827376,827378,827749,827750,828119,828192,828574,828714,829082,829357,829622,830901,831055,831058,831410,831949
CVE References: CVE-2013-1059,CVE-2013-1774,CVE-2013-1819,CVE-2013-1929,CVE-2013-2148,CVE-2013-2164,CVE-2013-2232,CVE-2013-2234,CVE-2013-2237,CVE-2013-2851,CVE-2013-4162,CVE-2013-4163
Sources used:
openSUSE 11.4 (src):    kernel-docs-3.0.93-62.3, kernel-source-3.0.93-62.1, kernel-syms-3.0.93-62.1, preload-1.2-6.45.4
Comment 32 Swamp Workflow Management 2013-12-30 20:13:57 UTC 
openSUSE-SU-2013:1971-1: An update that solves 34 vulnerabilities and has 19 fixes is now available.

Category: security (moderate)
Bug References: 799516,801341,802347,804198,807153,807188,807471,808827,809906,810144,810473,811882,812116,813733,813889,814211,814336,814510,815256,815320,816668,816708,817651,818053,818561,821612,821735,822575,822579,823267,823342,823517,823633,823797,824171,824295,826102,826350,826374,827749,827750,828119,828191,828714,829539,831058,831956,832615,833321,833585,834647,837258,838346
CVE References: CVE-2013-0914,CVE-2013-1059,CVE-2013-1819,CVE-2013-1929,CVE-2013-1979,CVE-2013-2141,CVE-2013-2148,CVE-2013-2164,CVE-2013-2206,CVE-2013-2232,CVE-2013-2234,CVE-2013-2237,CVE-2013-2546,CVE-2013-2547,CVE-2013-2548,CVE-2013-2634,CVE-2013-2635,CVE-2013-2851,CVE-2013-2852,CVE-2013-3222,CVE-2013-3223,CVE-2013-3224,CVE-2013-3226,CVE-2013-3227,CVE-2013-3228,CVE-2013-3229,CVE-2013-3230,CVE-2013-3231,CVE-2013-3232,CVE-2013-3233,CVE-2013-3234,CVE-2013-3235,CVE-2013-3301,CVE-2013-4162
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.24.1, kernel-source-3.7.10-1.24.1, kernel-syms-3.7.10-1.24.1
First Last Prev Next    This bug is not in your last search results.