Bug 975533 - (CVE-2015-8845) VUL-0: CVE-2015-8845: kernel: incorrect restoration of machine specific registers from userspace
(CVE-2015-8845)
VUL-0: CVE-2015-8845: kernel: incorrect restoration of machine specific regis...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Torsten Duwe
Security Team bot
https://smash.suse.de/issue/167802/
CVSSv2:SUSE:CVE-2015-8844:4.4:(AV:L/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2016-04-14 10:12 UTC by Johannes Segitz
Modified: 2020-06-16 22:06 UTC (History)
7 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Johannes Segitz 2016-04-14 10:12:54 UTC
https://git.kernel.org/cgit/linux/kernel/git/powerpc/linux.git/commit/?h=fixes&id=7f821fc9c77a9b01fe7b1d6e72717b33d8d64142

This tm_reclaim() now causes a TM Bad Thing exception as this state has already been saved and the processor is no longer in TM suspend mode.

CVE-2015-8845.

Acknowledgements: Miroslav Vadkerti of Red Hat engineering team

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1326540
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-8844
http://seclists.org/oss-sec/2016/q2/68
Comment 1 Swamp Workflow Management 2016-04-14 22:00:58 UTC
bugbot adjusting priority
Comment 2 Torsten Duwe 2016-06-15 15:16:35 UTC
Patch committed for SLE12-SP0, hope it gets auto-merged into SP1...
(SP2 is safe, everything older does not support TM)
Comment 3 Swamp Workflow Management 2016-06-27 17:24:42 UTC
SUSE-SU-2016:1690-1: An update that solves 29 vulnerabilities and has 89 fixes is now available.

Category: security (important)
Bug References: 676471,880007,889207,899908,903279,928547,931448,940413,943989,944309,945345,947337,953233,954847,956491,956852,957805,957986,960857,962336,962846,962872,963193,963572,963762,964461,964727,965319,966054,966245,966573,966831,967251,967292,967299,967903,968010,968141,968448,968512,968667,968670,968687,968812,968813,969439,969571,969655,969690,969735,969992,969993,970062,970114,970504,970506,970604,970892,970909,970911,970948,970955,970956,970958,970970,971049,971124,971125,971126,971159,971170,971360,971600,971628,971947,972003,972174,972844,972891,972933,972951,973378,973556,973570,973855,974165,974308,974406,974418,974646,975371,975488,975533,975945,976739,976868,977582,977685,978401,978822,979169,979213,979419,979485,979548,979867,979879,980348,980371,981143,981344,982354,982698,983213,983318,983394,983904,984456
CVE References: CVE-2014-9717,CVE-2015-8816,CVE-2015-8845,CVE-2016-0758,CVE-2016-2053,CVE-2016-2143,CVE-2016-2184,CVE-2016-2185,CVE-2016-2186,CVE-2016-2188,CVE-2016-2782,CVE-2016-2847,CVE-2016-3134,CVE-2016-3136,CVE-2016-3137,CVE-2016-3138,CVE-2016-3139,CVE-2016-3140,CVE-2016-3156,CVE-2016-3672,CVE-2016-3689,CVE-2016-3951,CVE-2016-4482,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4805,CVE-2016-5244
Sources used:
SUSE Linux Enterprise Workstation Extension 12 (src):    kernel-default-3.12.60-52.49.1
SUSE Linux Enterprise Software Development Kit 12 (src):    kernel-docs-3.12.60-52.49.3, kernel-obs-build-3.12.60-52.49.1
SUSE Linux Enterprise Server 12 (src):    kernel-default-3.12.60-52.49.1, kernel-source-3.12.60-52.49.1, kernel-syms-3.12.60-52.49.1, kernel-xen-3.12.60-52.49.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.60-52.49.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12_Update_14-1-2.1
SUSE Linux Enterprise Desktop 12 (src):    kernel-default-3.12.60-52.49.1, kernel-source-3.12.60-52.49.1, kernel-syms-3.12.60-52.49.1, kernel-xen-3.12.60-52.49.1
Comment 4 Swamp Workflow Management 2016-08-02 14:21:16 UTC
SUSE-SU-2016:1937-1: An update that solves 24 vulnerabilities and has 76 fixes is now available.

Category: security (important)
Bug References: 662458,676471,897662,928547,944309,945345,947337,950998,951844,953048,953233,954847,956491,957805,957986,957990,958390,958463,960857,962742,962846,963762,964727,965087,966245,967640,968667,969016,970114,970506,970604,970609,970948,971049,971770,971947,972124,972933,973378,973499,973570,974165,974308,974620,974646,974692,975533,975772,975788,976739,976821,976868,977417,977582,977685,978401,978469,978527,978822,979169,979213,979347,979419,979485,979489,979521,979548,979867,979879,979922,980246,980348,980371,980706,981038,981143,981344,982282,982354,982544,982698,983143,983213,983318,983394,983721,983904,983977,984148,984456,984755,985232,985978,986362,986569,986572,986811,988215,988498,988552
CVE References: CVE-2014-9717,CVE-2014-9904,CVE-2015-7833,CVE-2015-8539,CVE-2015-8551,CVE-2015-8552,CVE-2015-8845,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-2847,CVE-2016-3672,CVE-2016-3707,CVE-2016-4470,CVE-2016-4482,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4805,CVE-2016-4997,CVE-2016-5244,CVE-2016-5828,CVE-2016-5829
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP1 (src):    kernel-compute-3.12.61-60.18.1, kernel-compute_debug-3.12.61-60.18.1, kernel-rt-3.12.61-60.18.1, kernel-rt_debug-3.12.61-60.18.1, kernel-source-rt-3.12.61-60.18.1, kernel-syms-rt-3.12.61-60.18.1
Comment 5 Swamp Workflow Management 2016-08-19 12:15:12 UTC
SUSE-SU-2016:2105-1: An update that solves 21 vulnerabilities and has 55 fixes is now available.

Category: security (important)
Bug References: 947337,950998,951844,953048,954847,956491,957990,962742,963655,963762,965087,966245,968667,970114,970506,971770,972933,973378,973499,974165,974308,974620,975531,975533,975772,975788,977417,978401,978469,978822,979074,979213,979419,979485,979489,979521,979548,979681,979867,979879,979922,980348,980363,980371,980856,980883,981038,981143,981344,981597,982282,982354,982544,982698,983143,983213,983318,983721,983904,983977,984148,984456,984755,984764,985232,985978,986362,986365,986569,986572,986573,986811,988215,988498,988552,990058
CVE References: CVE-2014-9904,CVE-2015-7833,CVE-2015-8551,CVE-2015-8552,CVE-2015-8845,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-3672,CVE-2016-4470,CVE-2016-4482,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4805,CVE-2016-4997,CVE-2016-4998,CVE-2016-5244,CVE-2016-5828,CVE-2016-5829
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP1 (src):    kernel-default-3.12.62-60.62.1
SUSE Linux Enterprise Software Development Kit 12-SP1 (src):    kernel-docs-3.12.62-60.62.3, kernel-obs-build-3.12.62-60.62.1
SUSE Linux Enterprise Server 12-SP1 (src):    kernel-default-3.12.62-60.62.1, kernel-source-3.12.62-60.62.1, kernel-syms-3.12.62-60.62.1, kernel-xen-3.12.62-60.62.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.62-60.62.1
SUSE Linux Enterprise Live Patching 12 (src):    kgraft-patch-SLE12-SP1_Update_7-1-4.2
SUSE Linux Enterprise Desktop 12-SP1 (src):    kernel-default-3.12.62-60.62.1, kernel-source-3.12.62-60.62.1, kernel-syms-3.12.62-60.62.1, kernel-xen-3.12.62-60.62.1
Comment 6 Swamp Workflow Management 2016-08-29 18:14:33 UTC
openSUSE-SU-2016:2184-1: An update that solves 21 vulnerabilities and has 49 fixes is now available.

Category: security (important)
Bug References: 947337,950998,951844,953048,954847,956491,957990,962742,963655,963762,965087,966245,968667,970114,970506,971770,972933,973378,973499,974165,974308,974620,975531,975533,975772,975788,977417,978401,978469,978822,979213,979419,979485,979489,979521,979548,979681,979867,979879,979922,980348,980363,980371,981038,981143,981344,982282,982354,982544,982698,983143,983213,983318,983721,983904,983977,984148,984456,984755,985232,985978,986362,986365,986569,986572,986811,988215,988498,988552,990058
CVE References: CVE-2014-9904,CVE-2015-7833,CVE-2015-8551,CVE-2015-8552,CVE-2015-8845,CVE-2016-0758,CVE-2016-1583,CVE-2016-2053,CVE-2016-3672,CVE-2016-4470,CVE-2016-4482,CVE-2016-4486,CVE-2016-4565,CVE-2016-4569,CVE-2016-4578,CVE-2016-4805,CVE-2016-4997,CVE-2016-4998,CVE-2016-5244,CVE-2016-5828,CVE-2016-5829
Sources used:
openSUSE 13.1 (src):    cloop-2.639-11.32.2, crash-7.0.2-2.32.7, hdjmod-1.28-16.32.2, ipset-6.21.1-2.36.2, iscsitarget-1.4.20.3-13.32.2, kernel-debug-3.12.62-52.1, kernel-default-3.12.62-52.1, kernel-desktop-3.12.62-52.1, kernel-docs-3.12.62-52.2, kernel-ec2-3.12.62-52.1, kernel-pae-3.12.62-52.1, kernel-source-3.12.62-52.1, kernel-syms-3.12.62-52.1, kernel-trace-3.12.62-52.1, kernel-vanilla-3.12.62-52.1, kernel-xen-3.12.62-52.1, ndiswrapper-1.58-33.2, openvswitch-1.11.0-0.39.3, pcfclock-0.44-258.33.2, vhba-kmp-20130607-2.32.2, virtualbox-4.2.36-2.64.4, xen-4.3.4_10-65.3, xtables-addons-2.3-2.31.2