Bug 969355 - (CVE-2015-8830) VUL-0: CVE-2015-8830: kernel: AIO write triggers integer overflow in some protocols
(CVE-2015-8830)
VUL-0: CVE-2015-8830: kernel: AIO write triggers integer overflow in some pro...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/162483/
CVSSv2:RedHat:CVE-2015-8830:5.8:(AV:N...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-03-03 13:49 UTC by Alexander Bergmann
Modified: 2016-08-24 13:13 UTC (History)
4 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2016-03-03 13:49:37 UTC
rh#1314275

It was found that AIO interface permitted reading or writing 2 GiB of data or more in a single chunk, which could lead to an integer overflow when applied to certain filesystems, socket or device types.

Upstream patches:

https://git.kernel.org/linus/4c185ce06dca14f5cea192f5a2c981ef50663f2b
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit?id=c4f4b82694fe48b02f7a881a1797131a6dad1364

CVE assignment:

http://seclists.org/oss-sec/2016/q1/491

CVE-2015-8830 was assigned to this issue.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1314275
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8830
http://seclists.org/oss-sec/2016/q1/491
Comment 1 Swamp Workflow Management 2016-03-03 23:01:30 UTC
bugbot adjusting priority
Comment 3 Goldwyn Rodrigues 2016-03-14 06:34:44 UTC
This is already present in SLE12-SP1 kernel, though in a slightly different way.
Reference: commit 2698377daeb469a9d68021979d2e506922f788da

I don't think this makes sense in previous kernels. See bug#969354 for older kernels.

What needs to be done here?
Comment 5 Goldwyn Rodrigues 2016-03-21 20:22:39 UTC
opensuse 13.2 is the only one missing this patch. Patch applied.
Comment 6 Marcus Meissner 2016-08-03 15:10:13 UTC
assuming all done
Comment 7 Swamp Workflow Management 2016-08-24 13:13:42 UTC
openSUSE-SU-2016:2144-1: An update that solves 53 vulnerabilities and has 28 fixes is now available.

Category: security (important)
Bug References: 901754,941113,942702,945219,955654,957052,957988,959709,960561,961512,963762,963765,966245,966437,966693,966849,967972,967973,967974,967975,968010,968011,968012,968013,968018,968670,969354,969355,970114,970275,970892,970909,970911,970948,970955,970956,970958,970970,971124,971125,971126,971360,971628,971799,971919,971944,972174,973378,973570,974308,974418,974646,975945,978401,978445,978469,978821,978822,979021,979213,979548,979867,979879,979913,980348,980363,980371,980725,981267,982706,983143,983213,984464,984755,984764,986362,986365,986377,986572,986573,986811
CVE References: CVE-2012-6701,CVE-2013-7446,CVE-2014-9904,CVE-2015-3288,CVE-2015-6526,CVE-2015-7566,CVE-2015-8709,CVE-2015-8785,CVE-2015-8812,CVE-2015-8816,CVE-2015-8830,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2187,CVE-2016-2188,CVE-2016-2384,CVE-2016-2543,CVE-2016-2544,CVE-2016-2545,CVE-2016-2546,CVE-2016-2547,CVE-2016-2548,CVE-2016-2549,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3136,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-3672,CVE-2016-3689,CVE-2016-3951,CVE-2016-4470,CVE-2016-4482,CVE-2016-4485,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4580,CVE-2016-4581,CVE-2016-4805,CVE-2016-4913,CVE-2016-4997,CVE-2016-5244,CVE-2016-5829
Sources used:
openSUSE 13.2 (src):    bbswitch-0.8-3.20.3, cloop-2.639-14.20.3, crash-7.0.8-20.3, hdjmod-1.28-18.21.3, ipset-6.23-20.3, kernel-debug-3.16.7-42.1, kernel-default-3.16.7-42.1, kernel-desktop-3.16.7-42.1, kernel-docs-3.16.7-42.2, kernel-ec2-3.16.7-42.1, kernel-obs-build-3.16.7-42.2, kernel-obs-qa-3.16.7-42.1, kernel-obs-qa-xen-3.16.7-42.1, kernel-pae-3.16.7-42.1, kernel-source-3.16.7-42.1, kernel-syms-3.16.7-42.1, kernel-vanilla-3.16.7-42.1, kernel-xen-3.16.7-42.1, pcfclock-0.44-260.20.2, vhba-kmp-20140629-2.20.2, virtualbox-5.0.20-48.5, xen-4.4.4_02-46.2, xtables-addons-2.6-22.3