Bug 825006 - (CVE-2013-2146) VUL-1: CVE-2013-2146: kernel: perf/x86: offcore_rsp valid mask for SNB/IVB
(CVE-2013-2146)
VUL-1: CVE-2013-2146: kernel: perf/x86: offcore_rsp valid mask for SNB/IVB
Status: VERIFIED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Tony Jones
Security Team bot
maint:released:sle11-sp3:55874 maint...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2013-06-14 07:21 UTC by Marcus Meissner
Modified: 2015-02-19 10:33 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2013-06-14 07:21:21 UTC
is public, via kernel git

CVE-2013-2146

Linux kernel built with the Performance Events Subsystem(CONFIG_PERF_EVENTS=y)
is vulnerable to a kernel crash flaw, caused by incorrect masking of the
reserved bits.

A user/program could use this flaw to crash the kernel, resulting in DoS.

https://git.kernel.org/linus/f1923820c447e986a9da0fc6bf60c1dccdf0408e
http://www.openwall.com/lists/oss-security/2013/06/05/23
Comment 1 Tony Jones 2013-06-14 12:02:36 UTC
(In reply to comment #0)

> http://www.openwall.com/lists/oss-security/2013/06/05/23

Are there going to be CVEs for the remaining two?  Not sure if it's been spun into separate threads as requested?
Comment 2 Swamp Workflow Management 2013-06-14 16:00:30 UTC
bugbot adjusting priority
Comment 3 Marcus Meissner 2013-06-18 09:49:16 UTC
After readingf the thread and checking kernel mainline git ... The other two issue are still in discussion?

(Did not find a specific perf git)

If this is the case I would postpone work on the other two issue and just do this for now.
Comment 4 Tony Jones 2013-12-19 23:01:44 UTC
Unable to actually reproduce but verified that mask fix does indeed change values allowed by config1 specifier.

checked into SLE11-SP3,  OpenSUSE-12.3.  Fix already present in 12.2 via stable.
Comment 5 Swamp Workflow Management 2014-01-31 11:00:54 UTC
Update released for: cluster-network-kmp-rt, cluster-network-kmp-rt_trace, drbd-kmp-rt, drbd-kmp-rt_trace, iscsitarget-kmp-rt, iscsitarget-kmp-rt_trace, kernel-rt, kernel-rt-base, kernel-rt-debuginfo, kernel-rt-debugsource, kernel-rt-devel, kernel-rt-devel-debuginfo, kernel-rt-extra, kernel-rt-hmac, kernel-rt_trace, kernel-rt_trace-base, kernel-rt_trace-debuginfo, kernel-rt_trace-debugsource, kernel-rt_trace-devel, kernel-rt_trace-devel-debuginfo, kernel-rt_trace-extra, kernel-rt_trace-hmac, kernel-source-rt, kernel-syms-rt, lttng-modules-kmp-rt, lttng-modules-kmp-rt_trace, ocfs2-kmp-rt, ocfs2-kmp-rt_trace, ofed-kmp-rt, ofed-kmp-rt_trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-RT 11-SP3 (x86_64)
Comment 6 Swamp Workflow Management 2014-01-31 15:09:16 UTC
SUSE-SU-2014:0168-1: An update that solves 16 vulnerabilities and has 83 fixes is now available.

Category: security (moderate)
Bug References: 708296,733022,770541,787843,789359,803174,806988,810323,813245,818064,818545,819979,820102,820338,821619,821980,825006,825696,825896,826602,826756,826978,827527,827767,828236,831103,833097,834473,834708,834808,835074,835186,836718,837206,837739,838623,839407,839973,840116,840226,841445,841654,842239,843185,843419,843429,843445,843642,843645,843654,845352,845378,845729,846036,846298,846989,847261,847660,847842,848317,848321,848335,848336,848544,848864,849021,849029,849034,849256,849362,849404,849675,849809,849950,850072,850103,850324,850493,850640,851066,851101,851290,851314,851879,852373,852558,852559,852652,852761,853050,853051,853053,853428,853465,854546,854634,854722,856307,856481
CVE References: CVE-2013-2146,CVE-2013-2930,CVE-2013-4345,CVE-2013-4483,CVE-2013-4511,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-4592,CVE-2013-6367,CVE-2013-6376,CVE-2013-6378,CVE-2013-6380,CVE-2013-6383,CVE-2013-6463,CVE-2013-7027
Sources used:
SUSE Linux Enterprise Real Time Extension 11 SP3 (src):    cluster-network-1.4-2.27.37, drbd-kmp-8.4.4-0.22.3, iscsitarget-1.4.20-0.38.22, kernel-rt-3.0.101.rt130-0.10.1, kernel-rt_trace-3.0.101.rt130-0.10.1, kernel-source-rt-3.0.101.rt130-0.10.1, kernel-syms-rt-3.0.101.rt130-0.10.1, lttng-modules-2.1.1-0.11.22, ocfs2-1.6-0.20.37, ofed-1.5.4.1-0.13.28
Comment 7 Swamp Workflow Management 2014-02-04 18:52:36 UTC
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (s390x)
SLE-HAE 11-SP3 (s390x)
SLE-SERVER 11-SP3 (s390x)
Comment 8 Swamp Workflow Management 2014-02-04 19:12:38 UTC
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ia64)
SLE-HAE 11-SP3 (ia64)
SLE-SERVER 11-SP3 (ia64)
Comment 9 Swamp Workflow Management 2014-02-04 19:28:26 UTC
Update released for: cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-pae, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (i386)
SLE-DESKTOP 11-SP3 (i386)
SLE-HAE 11-SP3 (i386)
SLE-SERVER 11-SP3 (i386)
SLES4VMWARE 11-SP3 (i386)
Comment 10 Swamp Workflow Management 2014-02-04 20:02:25 UTC
Update released for: cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen, xen-kmp-default, xen-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (x86_64)
SLE-DESKTOP 11-SP3 (x86_64)
SLE-HAE 11-SP3 (x86_64)
SLE-SERVER 11-SP3 (x86_64)
SLES4VMWARE 11-SP3 (x86_64)
Comment 11 Swamp Workflow Management 2014-02-04 20:19:36 UTC
Update released for: cluster-network-kmp-default, cluster-network-kmp-ppc64, cluster-network-kmp-trace, gfs2-kmp-default, gfs2-kmp-ppc64, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-extra, kernel-default-hmac, kernel-ppc64, kernel-ppc64-base, kernel-ppc64-debuginfo, kernel-ppc64-debugsource, kernel-ppc64-devel, kernel-ppc64-extra, kernel-ppc64-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-extra, kernel-trace-hmac, ocfs2-kmp-default, ocfs2-kmp-ppc64, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP3 (ppc64)
SLE-HAE 11-SP3 (ppc64)
SLE-SERVER 11-SP3 (ppc64)
Comment 12 Swamp Workflow Management 2014-02-05 00:28:43 UTC
SUSE-SU-2014:0189-1: An update that solves 17 vulnerabilities and has 104 fixes is now available.

Category: security (moderate)
Bug References: 708296,733022,769035,769644,770541,787843,789359,793727,798050,805114,805740,806988,807434,810323,813245,818064,818545,819979,820102,820338,820434,821619,821980,823618,825006,825696,825896,826602,826756,826978,827527,827767,828236,831103,833097,834473,834708,834808,835074,835186,836718,837206,837739,838623,839407,839973,840116,840226,841445,841654,842239,843185,843419,843429,843445,843642,843645,843654,845352,845378,845621,845729,846036,846298,846654,846984,846989,847261,847660,847842,848055,848317,848321,848335,848336,848544,848652,848864,849021,849029,849034,849256,849362,849364,849404,849675,849809,849855,849950,850072,850103,850324,850493,850640,851066,851101,851290,851314,851603,851879,852153,852373,852558,852559,852624,852652,852761,853050,853051,853052,853053,853428,853465,854516,854546,854634,854722,856307,856481,858534,858831
CVE References: CVE-2013-2146,CVE-2013-2930,CVE-2013-4345,CVE-2013-4483,CVE-2013-4511,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-4592,CVE-2013-6367,CVE-2013-6368,CVE-2013-6376,CVE-2013-6378,CVE-2013-6380,CVE-2013-6383,CVE-2013-6463,CVE-2013-7027
Sources used:
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    kernel-default-3.0.101-0.15.1, kernel-pae-3.0.101-0.15.1, kernel-source-3.0.101-0.15.1, kernel-syms-3.0.101-0.15.1, kernel-trace-3.0.101-0.15.1, kernel-xen-3.0.101-0.15.1
SUSE Linux Enterprise Server 11 SP3 (src):    kernel-default-3.0.101-0.15.1, kernel-ec2-3.0.101-0.15.1, kernel-pae-3.0.101-0.15.1, kernel-ppc64-3.0.101-0.15.1, kernel-source-3.0.101-0.15.1, kernel-syms-3.0.101-0.15.1, kernel-trace-3.0.101-0.15.1, kernel-xen-3.0.101-0.15.1, xen-4.2.3_08-0.7.22
SUSE Linux Enterprise High Availability Extension 11 SP3 (src):    cluster-network-1.4-2.27.40, gfs2-2-0.16.46, ocfs2-1.6-0.20.40
SUSE Linux Enterprise Desktop 11 SP3 (src):    kernel-default-3.0.101-0.15.1, kernel-pae-3.0.101-0.15.1, kernel-source-3.0.101-0.15.1, kernel-syms-3.0.101-0.15.1, kernel-trace-3.0.101-0.15.1, kernel-xen-3.0.101-0.15.1, xen-4.2.3_08-0.7.22
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.15.1, kernel-pae-3.0.101-0.15.1, kernel-ppc64-3.0.101-0.15.1, kernel-xen-3.0.101-0.15.1
Comment 13 Swamp Workflow Management 2014-02-05 01:10:03 UTC
Update released for: kernel-default-extra, kernel-ppc64-extra
Products:
SLE-SERVER 11-EXTRA (ppc64)
Comment 14 Swamp Workflow Management 2014-02-05 02:09:06 UTC
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (ia64)
Comment 15 Swamp Workflow Management 2014-02-05 03:10:17 UTC
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 16 Swamp Workflow Management 2014-02-05 04:11:11 UTC
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 17 Swamp Workflow Management 2014-02-05 05:15:49 UTC
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 18 Swamp Workflow Management 2014-02-06 18:06:09 UTC
openSUSE-SU-2014:0204-1: An update that solves 16 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 804950,805226,808358,811746,825006,831836,838024,840226,840656,844513,848079,848255,849021,849023,849029,849034,849362,852373,852558,852559,853050,853051,853052,853053,854173,854634,854722,860993
CVE References: CVE-2013-0343,CVE-2013-1792,CVE-2013-4348,CVE-2013-4511,CVE-2013-4513,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-6367,CVE-2013-6368,CVE-2013-6376,CVE-2013-6378,CVE-2013-6380,CVE-2013-6431,CVE-2013-7027,CVE-2014-0038
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.28.2, kernel-source-3.7.10-1.28.1, kernel-syms-3.7.10-1.28.1