Bugzilla – Bug 902675
VUL-0: CVE-2014-8369: kernel: kvm: excessive pages un-pinning in kvm_iommu_map error path
Last modified: 2016-05-24 11:13:00 UTC
rh#1156518 References: https://bugzilla.redhat.com/show_bug.cgi?id=1156518 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8369 http://people.canonical.com/~ubuntu-security/cve/2014/CVE-2014-8369.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8369
bugbot adjusting priority
The upstream commit is 3d32e4db (kvm: fix excessive pages un-pinning in kvm_iommu_map error path).
For SLE 12 this fix came in under stable update 3.12.33. For SLE 11 SP3 a patch based on upstream commit 3d32e4db was included.
An update workflow for this issue was started. This issue was rated as important. Please submit fixed packages until 2015-03-05. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/60808
SUSE-SU-2015:0481-1: An update that solves 34 vulnerabilities and has 13 fixes is now available. Category: security (important) Bug References: 771619,779488,833588,835839,847652,857643,864049,865442,867531,867723,870161,875051,876633,880892,883096,883948,887082,892490,892782,895680,896382,896390,896391,896392,897995,898693,899192,901885,902232,902346,902349,902351,902675,903640,904013,904700,905100,905312,905799,906586,907189,907338,907396,909078,912654,912705,915335 CVE References: CVE-2012-4398,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-2929,CVE-2013-7263,CVE-2014-0131,CVE-2014-0181,CVE-2014-2309,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-3690,CVE-2014-4608,CVE-2014-4943,CVE-2014-5471,CVE-2014-5472,CVE-2014-7826,CVE-2014-7841,CVE-2014-7842,CVE-2014-8134,CVE-2014-8369,CVE-2014-8559,CVE-2014-8709,CVE-2014-9584,CVE-2014-9585 Sources used: SUSE Linux Enterprise Server 11 SP2 LTSS (src): kernel-default-3.0.101-0.7.29.1, kernel-ec2-3.0.101-0.7.29.1, kernel-pae-3.0.101-0.7.29.1, kernel-source-3.0.101-0.7.29.1, kernel-syms-3.0.101-0.7.29.1, kernel-trace-3.0.101-0.7.29.1, kernel-xen-3.0.101-0.7.29.1, xen-4.1.6_08-0.5.19 SLE 11 SERVER Unsupported Extras (src): ext4-writeable-0-0.14.142, kernel-default-3.0.101-0.7.29.1, kernel-pae-3.0.101-0.7.29.1, kernel-xen-3.0.101-0.7.29.1
openSUSE-SU-2015:0566-1: An update that solves 38 vulnerabilities and has 13 fixes is now available. Category: security (important) Bug References: 771619,778463,833588,835839,847652,853040,864049,865442,867531,867723,870161,875051,876633,880892,883096,883724,883948,887082,892490,892782,895680,896382,896390,896391,896392,897995,898693,899192,901885,902232,902346,902349,902351,902675,903640,904013,904700,905100,905312,905799,906586,907189,907338,907396,907818,909077,909078,910251,912654,912705,915335 CVE References: CVE-2012-4398,CVE-2013-2893,CVE-2013-2897,CVE-2013-2899,CVE-2013-2929,CVE-2013-7263,CVE-2014-0131,CVE-2014-0181,CVE-2014-2309,CVE-2014-3181,CVE-2014-3184,CVE-2014-3185,CVE-2014-3186,CVE-2014-3601,CVE-2014-3610,CVE-2014-3646,CVE-2014-3647,CVE-2014-3673,CVE-2014-3687,CVE-2014-3688,CVE-2014-3690,CVE-2014-4508,CVE-2014-4608,CVE-2014-4943,CVE-2014-5471,CVE-2014-5472,CVE-2014-7826,CVE-2014-7841,CVE-2014-7842,CVE-2014-8133,CVE-2014-8134,CVE-2014-8369,CVE-2014-8559,CVE-2014-8709,CVE-2014-9090,CVE-2014-9322,CVE-2014-9584,CVE-2014-9585 Sources used: openSUSE Evergreen 11.4 (src): kernel-docs-3.0.101-99.2, kernel-source-3.0.101-99.1, kernel-syms-3.0.101-99.1, preload-1.2-6.77.1
SUSE-SU-2015:0581-1: An update that solves 21 vulnerabilities and has 67 fixes is now available. Category: security (important) Bug References: 771619,816099,829110,833588,833820,846656,853040,856760,864401,864404,864409,864411,865419,875051,876086,876594,877593,882470,883948,884817,887597,891277,894213,895841,896484,900279,900644,902232,902349,902351,902675,903096,903640,904053,904242,904659,904671,905304,905312,905799,906586,907196,907338,907551,907611,907818,908069,908163,908393,908550,908551,908572,908825,909077,909078,909088,909092,909093,909095,909264,909565,909740,909846,910013,910150,910159,910321,910322,910517,911181,911325,911326,912171,912705,913059,914355,914423,914726,915209,915322,915335,915791,915826,916515,916982,917839,917884,920250 CVE References: CVE-2013-7263,CVE-2014-0181,CVE-2014-3687,CVE-2014-3688,CVE-2014-3690,CVE-2014-4608,CVE-2014-7822,CVE-2014-7842,CVE-2014-7970,CVE-2014-8133,CVE-2014-8134,CVE-2014-8160,CVE-2014-8369,CVE-2014-8559,CVE-2014-9090,CVE-2014-9322,CVE-2014-9419,CVE-2014-9420,CVE-2014-9584,CVE-2014-9585,CVE-2015-1593 Sources used: SUSE Linux Enterprise Server 11 SP3 for VMware (src): kernel-bigsmp-3.0.101-0.47.50.1, kernel-default-3.0.101-0.47.50.1, kernel-pae-3.0.101-0.47.50.1, kernel-source-3.0.101-0.47.50.1, kernel-syms-3.0.101-0.47.50.1, kernel-trace-3.0.101-0.47.50.1, kernel-xen-3.0.101-0.47.50.1 SUSE Linux Enterprise Server 11 SP3 (src): kernel-bigsmp-3.0.101-0.47.50.1, kernel-default-3.0.101-0.47.50.1, kernel-ec2-3.0.101-0.47.50.1, kernel-pae-3.0.101-0.47.50.1, kernel-ppc64-3.0.101-0.47.50.1, kernel-source-3.0.101-0.47.50.1, kernel-syms-3.0.101-0.47.50.1, kernel-trace-3.0.101-0.47.50.1, kernel-xen-3.0.101-0.47.50.1, xen-4.2.5_04-0.7.1 SUSE Linux Enterprise High Availability Extension 11 SP3 (src): cluster-network-1.4-2.28.1.7, gfs2-2-0.17.1.7, ocfs2-1.6-0.21.1.7 SUSE Linux Enterprise Desktop 11 SP3 (src): kernel-bigsmp-3.0.101-0.47.50.1, kernel-default-3.0.101-0.47.50.1, kernel-pae-3.0.101-0.47.50.1, kernel-source-3.0.101-0.47.50.1, kernel-syms-3.0.101-0.47.50.1, kernel-trace-3.0.101-0.47.50.1, kernel-xen-3.0.101-0.47.50.1, xen-4.2.5_04-0.7.1 SLE 11 SERVER Unsupported Extras (src): kernel-bigsmp-3.0.101-0.47.50.1, kernel-default-3.0.101-0.47.50.1, kernel-pae-3.0.101-0.47.50.1, kernel-ppc64-3.0.101-0.47.50.1, kernel-xen-3.0.101-0.47.50.1
SUSE-SU-2015:0736-1: An update that solves 21 vulnerabilities and has 69 fixes is now available. Category: security (important) Bug References: 771619,816099,829110,833588,833820,846656,853040,856760,864401,864404,864409,864411,865419,875051,876086,876594,877593,882470,883948,884817,887597,891277,894213,895841,896484,900279,900644,902232,902349,902351,902675,903096,903640,904053,904242,904659,904671,905304,905312,905799,906586,907196,907338,907551,907611,907818,908069,908163,908393,908550,908551,908572,908825,909077,909078,909088,909092,909093,909095,909264,909565,909740,909846,910013,910150,910159,910251,910321,910322,910517,911181,911325,911326,912171,912705,913059,914355,914423,914726,915209,915322,915335,915791,915826,916515,916982,917839,917884,920250,924282 CVE References: CVE-2013-7263,CVE-2014-0181,CVE-2014-3687,CVE-2014-3688,CVE-2014-3690,CVE-2014-4608,CVE-2014-7822,CVE-2014-7842,CVE-2014-7970,CVE-2014-8133,CVE-2014-8134,CVE-2014-8160,CVE-2014-8369,CVE-2014-8559,CVE-2014-9090,CVE-2014-9322,CVE-2014-9419,CVE-2014-9420,CVE-2014-9584,CVE-2014-9585,CVE-2015-1593 Sources used: SUSE Linux Enterprise Real Time Extension 11 SP3 (src): cluster-network-1.4-2.28.1.14, drbd-kmp-8.4.4-0.23.1.14, iscsitarget-1.4.20-0.39.1.14, kernel-rt-3.0.101.rt130-0.33.36.1, kernel-rt_trace-3.0.101.rt130-0.33.36.1, kernel-source-rt-3.0.101.rt130-0.33.36.1, kernel-syms-rt-3.0.101.rt130-0.33.36.1, lttng-modules-2.1.1-0.12.1.13, ocfs2-1.6-0.21.1.14, ofed-1.5.4.1-0.14.1.14
done