Bug 865307 - (CVE-2014-2039) VUL-0: CVE-2014-2039: kernel-source: s390: crash due to linkage stack instructions
(CVE-2014-2039)
VUL-0: CVE-2014-2039: kernel-source: s390: crash due to linkage stack instruc...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/96459/
maint:released:sle11-sp2:57399 main...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-02-24 11:33 UTC by Victor Pereira
Modified: 2019-05-01 16:13 UTC (History)
6 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments
s390-fix-kernel-crash-due-to-linkage-stack-instructions.patch (1.80 KB, patch)
2014-03-28 05:41 UTC, John Jolly
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2014-02-24 11:33:46 UTC
CVE-2014-2039

Linux kernel built for the s390 architecture(CONFIG_S390) is vulnerable to a
crash due to low-address protection exception. It occurs when an application
uses a linkage stack instruction.

An unprivileged user/application could use this flaw to crash the system
resulting in DoS.

Upstream fix:
-------------
  -> https://git.kernel.org/linus/8d7f6690cedb83456edd41c9bd583783f0703bf0

References:
http://comments.gmane.org/gmane.comp.security.oss.general/12194
https://bugzilla.redhat.com/show_bug.cgi?id=1067558
Comment 1 Swamp Workflow Management 2014-02-24 23:00:20 UTC
bugbot adjusting priority
Comment 2 Marcus Meissner 2014-02-25 08:13:45 UTC
patch is in sle11 sp3 tree connected to bug 862796
Comment 3 SMASH SMASH 2014-02-27 14:50:21 UTC
Affected packages:

SLE-11-SP3: kernel-source
SLE-10-SP3-TERADATA: kernel-source
SLE-11-SP1-TERADATA: kernel-source
SLE-11-SP2: kernel-source
Comment 4 SMASH SMASH 2014-02-27 14:50:40 UTC
Affected packages:

SLE-11-SP3: kernel-source
SLE-10-SP3-TERADATA: kernel-source
SLE-11-SP1-TERADATA: kernel-source
SLE-11-SP2: kernel-source
Comment 8 John Jolly 2014-03-31 14:59:39 UTC
Gerald,

Would you please direct this patch to the appropriate engineer for review?

Attachment#584116 [details]

https://bugzilla.novell.com/attachment.cgi?id=584116

This is a backport to SLE11-SP2 of upstream commit ID 	8d7f6690cedb83456edd41c9bd583783f0703bf0

https://git.kernel.org/linus/8d7f6690cedb83456edd41c9bd583783f0703bf0

We look forward to your response.
Comment 9 Gerald Schaefer 2014-03-31 15:24:48 UTC
(In reply to comment #8)
> Gerald,
> 
> Would you please direct this patch to the appropriate engineer for review?
> 
> Attachment#584116 [details]
> 
> https://bugzilla.novell.com/attachment.cgi?id=584116
> 
> This is a backport to SLE11-SP2 of upstream commit ID    
> 8d7f6690cedb83456edd41c9bd583783f0703bf0
> 
> https://git.kernel.org/linus/8d7f6690cedb83456edd41c9bd583783f0703bf0
> 
> We look forward to your response.

Adding Martin to cc and as "Info provider".
Comment 10 Martin Schwidefsky 2014-04-01 07:15:43 UTC
The patch from comment #8 looks good. The only difference in the patch is in the context.
Comment 11 Gerald Schaefer 2014-04-01 12:26:44 UTC
Removing NEEDINFO after comment #10.
Comment 12 John Jolly 2014-04-01 17:00:38 UTC
Patch submitted for SLE11-SP2-LTSS
Comment 13 John Jolly 2014-04-17 12:59:21 UTC
Fix is found in SLE11-SP3. Can we close this bug?
Comment 14 Swamp Workflow Management 2014-05-21 18:50:33 UTC
Update released for: btrfs-kmp-default, btrfs-kmp-pae, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-pae, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-pae, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-pae, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-pae, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-pae, kernel-pae-base, kernel-pae-debuginfo, kernel-pae-debugsource, kernel-pae-devel, kernel-pae-devel-debuginfo, kernel-pae-extra, kernel-pae-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-pae, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP2 (i386)
SLE-SERVER 11-SP2-LTSS (i386)
Comment 15 Swamp Workflow Management 2014-05-21 18:58:37 UTC
Update released for: btrfs-kmp-default, btrfs-kmp-trace, cluster-network-kmp-default, cluster-network-kmp-trace, ext4dev-kmp-default, ext4dev-kmp-trace, gfs2-kmp-default, gfs2-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-default-man, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-trace-man, ocfs2-kmp-default, ocfs2-kmp-trace
Products:
SLE-DEBUGINFO 11-SP2 (s390x)
SLE-SERVER 11-SP2-LTSS (s390x)
Comment 16 Swamp Workflow Management 2014-05-21 19:51:54 UTC
Update released for: btrfs-kmp-default, btrfs-kmp-trace, btrfs-kmp-xen, cluster-network-kmp-default, cluster-network-kmp-trace, cluster-network-kmp-xen, ext4dev-kmp-default, ext4dev-kmp-trace, ext4dev-kmp-xen, gfs2-kmp-default, gfs2-kmp-trace, gfs2-kmp-xen, hyper-v-kmp-default, hyper-v-kmp-trace, kernel-default, kernel-default-base, kernel-default-debuginfo, kernel-default-debugsource, kernel-default-devel, kernel-default-devel-debuginfo, kernel-default-extra, kernel-default-hmac, kernel-desktop-devel, kernel-ec2, kernel-ec2-base, kernel-ec2-debuginfo, kernel-ec2-debugsource, kernel-ec2-devel, kernel-ec2-devel-debuginfo, kernel-ec2-extra, kernel-ec2-hmac, kernel-source, kernel-source-debuginfo, kernel-source-vanilla, kernel-syms, kernel-trace, kernel-trace-base, kernel-trace-debuginfo, kernel-trace-debugsource, kernel-trace-devel, kernel-trace-devel-debuginfo, kernel-trace-extra, kernel-trace-hmac, kernel-xen, kernel-xen-base, kernel-xen-debuginfo, kernel-xen-debugsource, kernel-xen-devel, kernel-xen-devel-debuginfo, kernel-xen-extra, kernel-xen-hmac, ocfs2-kmp-default, ocfs2-kmp-trace, ocfs2-kmp-xen
Products:
SLE-DEBUGINFO 11-SP2 (x86_64)
SLE-SERVER 11-SP2-LTSS (x86_64)
Comment 17 Swamp Workflow Management 2014-05-22 00:13:12 UTC
SUSE-SU-2014:0696-1: An update that solves 21 vulnerabilities and has 32 fixes is now available.

Category: security (important)
Bug References: 708296,736697,746500,814788,819351,831029,836347,843185,844513,847672,849364,851426,852488,852553,852967,853455,854025,855347,855885,856083,857499,857643,858280,858534,858604,858869,858870,858872,862429,863300,863335,864025,864833,865307,865310,865330,865342,865783,866102,867953,868528,868653,869033,869563,870801,871325,871561,871861,873061,874108,875690,875798,876102
CVE References: CVE-2013-4470,CVE-2013-4579,CVE-2013-6382,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-0069,CVE-2014-0101,CVE-2014-0196,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2039,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122
Sources used:
SUSE Linux Enterprise Server 11 SP2 LTSS (src):    kernel-default-3.0.101-0.7.19.1, kernel-ec2-3.0.101-0.7.19.1, kernel-pae-3.0.101-0.7.19.1, kernel-source-3.0.101-0.7.19.1, kernel-syms-3.0.101-0.7.19.1, kernel-trace-3.0.101-0.7.19.1, kernel-xen-3.0.101-0.7.19.1
SLE 11 SERVER Unsupported Extras (src):    kernel-default-3.0.101-0.7.19.1, kernel-pae-3.0.101-0.7.19.1, kernel-xen-3.0.101-0.7.19.1
Comment 18 Swamp Workflow Management 2014-05-22 00:21:13 UTC
Update released for: kernel-default-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (x86_64)
Comment 19 Swamp Workflow Management 2014-05-22 01:08:21 UTC
Update released for: kernel-default-extra, kernel-pae-extra, kernel-xen-extra
Products:
SLE-SERVER 11-EXTRA (i386)
Comment 20 Swamp Workflow Management 2014-05-22 02:08:17 UTC
Update released for: kernel-default-extra
Products:
SLE-SERVER 11-EXTRA (s390x)
Comment 21 Johannes Segitz 2014-05-22 10:54:37 UTC
SLE11 SP2 was released and bnc#862796 takes care of SLE11 SP3 -> closed
Comment 22 Swamp Workflow Management 2014-06-06 10:17:38 UTC
openSUSE-SU-2014:0766-1: An update that solves 30 vulnerabilities and has 37 fixes is now available.

Category: security (moderate)
Bug References: 708296,736697,746500,758813,813733,814788,817377,819351,823260,831029,836347,840226,841402,843185,844513,847672,849021,849364,850263,851426,852488,852553,852558,852967,853455,854025,855347,855885,856083,857499,857643,858280,858534,858604,858869,858870,858872,862023,862429,863300,863335,864025,864833,865307,865310,865330,865342,865783,866102,867139,867255,867953,868049,868528,868653,869033,869563,870801,871252,871325,871561,871861,873061,874108,875690,875798,876102
CVE References: CVE-2012-2313,CVE-2013-0343,CVE-2013-1929,CVE-2013-2015,CVE-2013-2147,CVE-2013-4345,CVE-2013-4470,CVE-2013-4511,CVE-2013-4579,CVE-2013-6382,CVE-2013-6383,CVE-2013-6763,CVE-2013-6885,CVE-2013-7263,CVE-2013-7264,CVE-2013-7265,CVE-2013-7339,CVE-2014-00691,CVE-2014-0101,CVE-2014-0196,CVE-2014-1444,CVE-2014-1445,CVE-2014-1446,CVE-2014-1737,CVE-2014-1738,CVE-2014-1874,CVE-2014-2039,CVE-2014-2523,CVE-2014-2678,CVE-2014-3122
Sources used:
openSUSE 11.4 (src):    kernel-docs-3.0.101-83.3, kernel-source-3.0.101-83.1, kernel-syms-3.0.101-83.1, preload-1.2-6.61.1