First Last Prev Next    This bug is not in your last search results.
Bug 882804 - (CVE-2014-1739) VUL-0: CVE-2014-1739: kernel: Memory leak in ioctl media_enum_entities
(CVE-2014-1739)
VUL-0: CVE-2014-1739: kernel: Memory leak in ioctl media_enum_entities
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/99607/
maint:released:sle11-sp2:58650 maint:...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-06-16 08:54 UTC by Johannes Segitz
Modified: 2014-12-21 12:07 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2014-06-16 08:54:44 UTC 
OSS:2014/Q2/529

We found an infoleak vulnerability in the ioctl media_enum_entities()
that allows to disclose 200 bytes the kernel process' stack.
The vulnerability is exploitable from 2.6.38 onwards 3.15-rc3 by
local users with read access to `/dev/media0`.

Linux distributions ship with `chmod 600 /dev/media0` preventing
unprivileged local users from exploiting the vulnerability.

References:
http://speirofr.appspot.com/cve-2014-1739-kernel-infoleak-vulnerability-in-media_enum_entities.html
http://seclists.org/oss-sec/2014/q2/529
Comment 1 SMASH SMASH 2014-06-16 13:20:10 UTC 
Affected packages:

SLE-11-SP3: kernel-source
SLE-11-SP2: kernel-source
Comment 2 Swamp Workflow Management 2014-06-16 22:00:26 UTC 
bugbot adjusting priority
Comment 3 Michal Hocko 2014-06-19 09:22:54 UTC 
Seems to be introduced by 1651333b0974 [media] media: Entities, pads and links enumeration inn 2.6.39 so none of TD branches is affected.
Comment 4 Michal Marek 2014-08-15 14:21:35 UTC 
Fixed in SLE12 (3.12.22).

Does this need to be fixed in the SLE11-SP2-LTSS branch?
Comment 5 Johannes Segitz 2014-08-15 14:40:06 UTC 
Yes, please commit to SLE11-SP2 as well. We won't issue a patch just for that
but it should be fixed by the next LTSS kernel.
Comment 6 Takashi Iwai 2014-08-15 15:27:34 UTC 
Committed to SLE11-SP2 and SLE11-SP3 branches, as well as to openSUSE-13.1.
Reassigned back to security team.
Comment 7 Swamp Workflow Management 2014-09-09 23:12:58 UTC 
SUSE-SU-2014:1105-1: An update that solves 18 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 846404,864464,866911,870173,870576,871676,871797,871854,872634,873374,876590,877257,877775,878115,878509,879921,880484,881051,882804,883724,883795,885422,885725,886474,889173,889324
CVE References: CVE-2013-4299,CVE-2014-0055,CVE-2014-0077,CVE-2014-1739,CVE-2014-2706,CVE-2014-2851,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699,CVE-2014-5077
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    kernel-default-3.0.101-0.7.23.1, kernel-ec2-3.0.101-0.7.23.1, kernel-pae-3.0.101-0.7.23.1, kernel-source-3.0.101-0.7.23.1, kernel-syms-3.0.101-0.7.23.1, kernel-trace-3.0.101-0.7.23.1, kernel-xen-3.0.101-0.7.23.1, xen-4.1.6_06-0.5.30
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.7.23.1, kernel-pae-3.0.101-0.7.23.1, kernel-xen-3.0.101-0.7.23.1
Comment 8 Swamp Workflow Management 2014-09-28 16:10:08 UTC 
openSUSE-SU-2014:1246-1: An update that solves 18 vulnerabilities and has 8 fixes is now available.

Category: security (moderate)
Bug References: 846404,854722,864464,866911,870173,870576,871676,871797,871854,872634,873374,876590,877257,878115,878509,879921,880484,881051,882804,883724,883795,885422,885725,886474,889173,889324
CVE References: CVE-2013-6463,CVE-2014-0055,CVE-2014-0077,CVE-2014-1739,CVE-2014-2706,CVE-2014-2851,CVE-2014-3144,CVE-2014-3145,CVE-2014-3917,CVE-2014-4508,CVE-2014-4652,CVE-2014-4653,CVE-2014-4654,CVE-2014-4655,CVE-2014-4656,CVE-2014-4667,CVE-2014-4699,CVE-2014-5077
Sources used:
openSUSE Evergreen 11.4 (src):    kernel-docs-3.0.101-91.2, kernel-source-3.0.101-91.1, kernel-syms-3.0.101-91.1, preload-1.2-6.69.2
Comment 9 Swamp Workflow Management 2014-10-22 19:13:31 UTC 
SUSE-SU-2014:1316-1: An update that solves 11 vulnerabilities and has 64 fixes is now available.

Category: security (important)
Bug References: 774818,806990,816708,826486,832309,849123,855657,859840,860441,860593,863586,866130,866615,866864,866911,869055,869934,870161,871797,876017,876055,876114,876590,879921,880344,880370,881051,881759,882317,882639,882804,882900,883376,883518,883724,884333,884582,884725,884767,885262,885382,885422,885509,886840,887082,887503,887608,887645,887680,888058,888105,888591,888607,888847,888849,888968,889061,889173,889451,889614,889727,890297,890426,890513,890526,891087,891259,891619,892200,892490,892723,893064,893496,893596,894200
CVE References: CVE-2013-1979,CVE-2014-1739,CVE-2014-2706,CVE-2014-4027,CVE-2014-4171,CVE-2014-4508,CVE-2014-4667,CVE-2014-4943,CVE-2014-5077,CVE-2014-5471,CVE-2014-5472
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-bigsmp-3.0.101-0.40.1
SUSE Linux Enterprise Server 11 SP3 (src):    iscsitarget-1.4.20-0.38.83, kernel-bigsmp-3.0.101-0.40.1, ofed-1.5.4.1-0.13.89, oracleasm-2.0.5-7.39.89
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.98, drbd-kmp-8.4.4-0.22.64, gfs2-2-0.16.104, ocfs2-1.6-0.20.98
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-bigsmp-3.0.101-0.40.1
SLE 11 SERVER Unsupported Extras (src):    kernel-bigsmp-3.0.101-0.40.1
Comment 10 Swamp Workflow Management 2014-10-22 23:15:56 UTC 
SUSE-SU-2014:1319-1: An update that solves 13 vulnerabilities and has 75 fixes is now available.

Category: security (important)
Bug References: 774818,806990,816708,826486,832309,833820,849123,855657,859840,860441,860593,863586,866130,866615,866864,866911,869055,869934,870161,871134,871797,876017,876055,876114,876590,879304,879921,880344,880370,880892,881051,881759,882317,882639,882804,882900,883096,883376,883518,883724,884333,884582,884725,884767,885262,885382,885422,885509,886840,887082,887418,887503,887608,887645,887680,888058,888105,888591,888607,888847,888849,888968,889061,889173,889451,889614,889727,890297,890426,890513,890526,891087,891259,891281,891619,891746,892200,892490,892723,893064,893496,893596,894200,895221,895608,895680,895983,896689
CVE References: CVE-2013-1979,CVE-2014-1739,CVE-2014-2706,CVE-2014-3153,CVE-2014-4027,CVE-2014-4171,CVE-2014-4508,CVE-2014-4667,CVE-2014-4943,CVE-2014-5077,CVE-2014-5471,CVE-2014-5472,CVE-2014-6410
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.40.1, kernel-pae-3.0.101-0.40.1, kernel-source-3.0.101-0.40.1, kernel-syms-3.0.101-0.40.1, kernel-trace-3.0.101-0.40.1, kernel-xen-3.0.101-0.40.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.40.1, kernel-ec2-3.0.101-0.40.1, kernel-pae-3.0.101-0.40.1, kernel-ppc64-3.0.101-0.40.1, kernel-source-3.0.101-0.40.1, kernel-syms-3.0.101-0.40.1, kernel-trace-3.0.101-0.40.1, kernel-xen-3.0.101-0.40.1, xen-4.2.4_04-0.7.3
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.99, drbd-kmp-8.4.4-0.22.65, iscsitarget-1.4.20-0.38.84, kernel-rt-3.0.101.rt130-0.28.1, kernel-rt_trace-3.0.101.rt130-0.28.1, kernel-source-rt-3.0.101.rt130-0.28.1, kernel-syms-rt-3.0.101.rt130-0.28.1, lttng-modules-2.1.1-0.11.75, ocfs2-1.6-0.20.99, ofed-1.5.4.1-0.13.90
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.98, gfs2-2-0.16.104, ocfs2-1.6-0.20.98
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.40.1, kernel-pae-3.0.101-0.40.1, kernel-source-3.0.101-0.40.1, kernel-syms-3.0.101-0.40.1, kernel-trace-3.0.101-0.40.1, kernel-xen-3.0.101-0.40.1, xen-4.2.4_04-0.7.3
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.40.1, kernel-pae-3.0.101-0.40.1, kernel-ppc64-3.0.101-0.40.1, kernel-xen-3.0.101-0.40.1
Comment 11 Marcus Meissner 2014-12-21 11:49:46 UTC 
all released
Comment 12 Swamp Workflow Management 2014-12-21 12:07:01 UTC 
openSUSE-SU-2014:1677-1: An update that solves 31 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 818966,835839,853040,856659,864375,865882,873790,875051,881008,882639,882804,883518,883724,883948,883949,884324,887046,887082,889173,890114,891689,892490,893429,896382,896385,896390,896391,896392,896689,897736,899785,900392,902346,902349,902351,904013,904700,905100,905744,907818,908163,909077,910251
CVE References: CVE-2013-2891,CVE-2013-2898,CVE-2014-0181,CVE-2014-0206,CVE-2014-1739,CVE-2014-3181,CVE-2014-3182,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-4171,CVE-2014-4508,CVE-2014-4608,CVE-2014-4611,CVE-2014-4943,CVE-2014-5077,CVE-2014-5206,CVE-2014-5207,CVE-2014-5471,CVE-2014-5472,CVE-2014-6410,CVE-2014-7826,CVE-2014-7841,CVE-2014-7975,CVE-2014-8133,CVE-2014-8709,CVE-2014-9090,CVE-2014-9322
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.16.1, crash-7.0.2-2.16.1, hdjmod-1.28-16.16.1, ipset-6.21.1-2.20.1, iscsitarget-1.4.20.3-13.16.1, kernel-docs-3.11.10-25.2, kernel-source-3.11.10-25.1, kernel-syms-3.11.10-25.1, ndiswrapper-1.58-16.1, pcfclock-0.44-258.16.1, vhba-kmp-20130607-2.17.1, virtualbox-4.2.18-2.21.1, xen-4.3.2_02-30.1, xtables-addons-2.3-2.16.1
First Last Prev Next    This bug is not in your last search results.