Bug 1037306 - (CVE-2015-9004) VUL-0: CVE-2015-9004: kernel-source: kernel/events/core.c in < 3.19 mishandles counter grouping (perf_pmu_register and perf_event_open)
VUL-0: CVE-2015-9004: kernel-source: kernel/events/core.c in < 3.19 mishandle...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Tony Jones
Security Team bot
Depends on:
Blocks: 1040251
  Show dependency treegraph
Reported: 2017-05-02 23:41 UTC by Mikhail Kasimov
Modified: 2017-11-02 17:15 UTC (History)
3 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Mikhail Kasimov 2017-05-02 23:41:16 UTC
Ref: https://nvd.nist.gov/vuln/detail/CVE-2015-9004

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.

Source:  MITRE      Last Modified:  05/02/2017


[1] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c3c87e770458aa004bd7ed3f29945ff436fd6511

[2] https://github.com/torvalds/linux/commit/c3c87e770458aa004bd7ed3f29945ff436fd6511

[3] https://source.android.com/security/bulletin/2017-05-01

Please, check, if it is applicable for SUSE-supported kernel-branches.
Comment 1 Takashi Iwai 2017-05-03 14:52:54 UTC
The upstream fix is in 3.19 -> SLE12-SP2/SP3, openSUSE are OK.
The fix is included in 3.12.68 stable kernel -> SLE12-SP0/SP1 are OK.

I leave the rest checks to Tony :)
Comment 2 Josef Cejka 2017-05-23 10:30:28 UTC
Customer in bug #1040251 asks if the bug affects SLES11SP4.
Comment 3 Josef Cejka 2017-05-23 16:15:49 UTC
(In reply to Josef Cejka from comment #2)
> Customer in bug #1040251 asks if the bug affects SLES11SP4.

and SLES11SP3 too.
Comment 4 Tony Jones 2017-06-12 18:20:59 UTC
Neither SLE11-SP3-LTSS or SLE11-SP4 are affected as neither contains 9fc81d87420d

Comment 5 Marcus Meissner 2017-06-19 09:33:49 UTC
the sle12 ga ltss kernel did not receive the minor stable updates so far.

so it is still affected.
Comment 6 Tony Jones 2017-06-23 23:36:02 UTC
(In reply to Marcus Meissner from comment #5)
> the sle12 ga ltss kernel did not receive the minor stable updates so far.
> so it is still affected.

pushed to git:users/tonyj/SLE12-LTSS/for-next
Comment 7 Swamp Workflow Management 2017-11-02 17:15:08 UTC
SUSE-SU-2017:2920-1: An update that solves 36 vulnerabilities and has 22 fixes is now available.

Category: security (important)
Bug References: 1008353,1012422,1017941,1029850,1030593,1032268,1034405,1034670,1035576,1035877,1036752,1037182,1037183,1037306,1037994,1038544,1038879,1038981,1038982,1039348,1039349,1039354,1039456,1039721,1039882,1039883,1039885,1040069,1041431,1041958,1044125,1045327,1045487,1045922,1046107,1047408,1048275,1049645,1049882,1052593,1053148,1053152,1056588,1056982,1057179,1058038,1058410,1058507,1058524,1062520,1063667,1064388,938162,975596,977417,984779,985562,990682
CVE References: CVE-2015-9004,CVE-2016-10229,CVE-2016-9604,CVE-2017-1000363,CVE-2017-1000365,CVE-2017-1000380,CVE-2017-10661,CVE-2017-11176,CVE-2017-12153,CVE-2017-12154,CVE-2017-12762,CVE-2017-13080,CVE-2017-14051,CVE-2017-14106,CVE-2017-14140,CVE-2017-15265,CVE-2017-15274,CVE-2017-15649,CVE-2017-2647,CVE-2017-6951,CVE-2017-7482,CVE-2017-7487,CVE-2017-7518,CVE-2017-7541,CVE-2017-7542,CVE-2017-7889,CVE-2017-8106,CVE-2017-8831,CVE-2017-8890,CVE-2017-8924,CVE-2017-8925,CVE-2017-9074,CVE-2017-9075,CVE-2017-9076,CVE-2017-9077,CVE-2017-9242
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.101.1, kernel-source-3.12.61-52.101.1, kernel-syms-3.12.61-52.101.1, kernel-xen-3.12.61-52.101.1, kgraft-patch-SLE12_Update_28-1-8.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.101.1