Bugzilla – Bug 1073311
VUL-0: CVE-2017-17741: kernel: Out-of-bounds stack read problem in KVM kernel module
Last modified: 2020-06-09 11:39:08 UTC
CVE-2017-17741 The KVM implementation in the Linux kernel through 4.14.7 allows attackers to cause a denial of service (write_mmio stack-based out-of-bounds read) or possibly have unspecified other impact, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17741 https://www.spinics.net/lists/kvm/msg160710.html
This CVE is not about a DoS issue, it is just an out-of-bounds stack read issue.
Upstream fix is: commit e39d200fa5bf5b94a0948db0dae44c1b73b84a56 Author: Wanpeng Li <wanpeng.li@hotmail.com> Date: Thu Dec 14 17:40:50 2017 -0800 KVM: Fix stack-out-of-bounds read in write_mmio Status of our supported kernel branches: SLE15: fix backported, pushed and merged. SLE12-SP2: Already merged through stable updates cve/linux-3.12: Fix backported and pushed cve/linux-3.0: Fix backported and pushed cve/linux-2.6.32: Not affected, no trace_kvm_mmio() cve/linux-2.6.16: Not affected, no KVM
SUSE-SU-2018:0437-1: An update that solves 8 vulnerabilities and has 13 fixes is now available. Category: security (important) Bug References: 1012382,1047626,1068032,1070623,1073311,1073792,1073874,1075091,1075908,1075994,1076017,1076110,1076154,1076278,1077355,1077560,1077922,893777,893949,902893,951638 CVE References: CVE-2015-1142857,CVE-2017-13215,CVE-2017-17741,CVE-2017-17805,CVE-2017-17806,CVE-2017-18079,CVE-2017-5715,CVE-2018-1000004 Sources used: SUSE Linux Enterprise Server 12-LTSS (src): kernel-default-3.12.61-52.119.1, kernel-source-3.12.61-52.119.1, kernel-syms-3.12.61-52.119.1, kernel-xen-3.12.61-52.119.1, kgraft-patch-SLE12_Update_31-1-1.7.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.61-52.119.1
SUSE-SU-2018:0525-1: An update that solves 8 vulnerabilities and has 19 fixes is now available. Category: security (important) Bug References: 1012382,1047118,1047626,1068032,1070623,1073246,1073311,1073792,1073874,1074709,1075091,1075411,1075908,1075994,1076017,1076110,1076154,1076278,1077182,1077355,1077560,1077922,1081317,893777,893949,902893,951638 CVE References: CVE-2015-1142857,CVE-2017-13215,CVE-2017-17741,CVE-2017-17805,CVE-2017-17806,CVE-2017-18079,CVE-2017-5715,CVE-2018-1000004 Sources used: SUSE OpenStack Cloud 6 (src): kernel-default-3.12.74-60.64.82.1, kernel-source-3.12.74-60.64.82.1, kernel-syms-3.12.74-60.64.82.1, kernel-xen-3.12.74-60.64.82.1, kgraft-patch-SLE12-SP1_Update_25-1-2.9.1 SUSE Linux Enterprise Server for SAP 12-SP1 (src): kernel-default-3.12.74-60.64.82.1, kernel-source-3.12.74-60.64.82.1, kernel-syms-3.12.74-60.64.82.1, kernel-xen-3.12.74-60.64.82.1, kgraft-patch-SLE12-SP1_Update_25-1-2.9.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): kernel-default-3.12.74-60.64.82.1, kernel-source-3.12.74-60.64.82.1, kernel-syms-3.12.74-60.64.82.1, kernel-xen-3.12.74-60.64.82.1, kgraft-patch-SLE12-SP1_Update_25-1-2.9.1 SUSE Linux Enterprise Module for Public Cloud 12 (src): kernel-ec2-3.12.74-60.64.82.1
SUSE-SU-2018:0555-1: An update that solves 9 vulnerabilities and has 40 fixes is now available. Category: security (important) Bug References: 1012382,1045538,1048585,1050431,1054305,1059174,1060279,1060682,1063544,1064861,1068032,1068984,1069508,1070623,1070781,1073311,1074488,1074621,1074880,1075088,1075091,1075410,1075617,1075621,1075908,1075994,1076017,1076154,1076278,1076437,1076849,1077191,1077355,1077406,1077487,1077560,1077922,1078875,1079917,1080133,1080359,1080363,1080372,1080579,1080685,1080774,1081500,936530,962257 CVE References: CVE-2015-1142857,CVE-2017-13215,CVE-2017-17741,CVE-2017-18017,CVE-2017-18079,CVE-2017-5715,CVE-2018-1000004,CVE-2018-5332,CVE-2018-5333 Sources used: SUSE Linux Enterprise Software Development Kit 11-SP4 (src): kernel-docs-3.0.101-108.35.1 SUSE Linux Enterprise Server 11-SP4 (src): kernel-bigmem-3.0.101-108.35.1, kernel-default-3.0.101-108.35.1, kernel-ec2-3.0.101-108.35.1, kernel-pae-3.0.101-108.35.1, kernel-ppc64-3.0.101-108.35.1, kernel-source-3.0.101-108.35.1, kernel-syms-3.0.101-108.35.1, kernel-trace-3.0.101-108.35.1, kernel-xen-3.0.101-108.35.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-default-3.0.101-108.35.1, kernel-pae-3.0.101-108.35.1, kernel-ppc64-3.0.101-108.35.1, kernel-trace-3.0.101-108.35.1, kernel-xen-3.0.101-108.35.1 SUSE Linux Enterprise Real Time Extension 11-SP4 (src): cluster-network-1.4-2.32.4.6, drbd-kmp-8.4.4-0.27.4.6, gfs2-2-0.24.4.6, ocfs2-1.6-0.28.5.6 SUSE Linux Enterprise High Availability Extension 11-SP4 (src): cluster-network-1.4-2.32.4.6, drbd-8.4.4-0.27.4.2, drbd-kmp-8.4.4-0.27.4.6, gfs2-2-0.24.4.6, ocfs2-1.6-0.28.5.6 SUSE Linux Enterprise Debuginfo 11-SP4 (src): drbd-8.4.4-0.27.4.2, kernel-bigmem-3.0.101-108.35.1, kernel-default-3.0.101-108.35.1, kernel-ec2-3.0.101-108.35.1, kernel-pae-3.0.101-108.35.1, kernel-ppc64-3.0.101-108.35.1, kernel-trace-3.0.101-108.35.1, kernel-xen-3.0.101-108.35.1
SUSE-SU-2018:0660-1: An update that solves 8 vulnerabilities and has 14 fixes is now available. Category: security (important) Bug References: 1012382,1054305,1060279,1068032,1068984,1070781,1073311,1074488,1074621,1075091,1075410,1075617,1075621,1075908,1075994,1076017,1076154,1076278,1076849,1077406,1077560,1077922 CVE References: CVE-2017-13215,CVE-2017-17741,CVE-2017-18017,CVE-2017-18079,CVE-2017-5715,CVE-2018-1000004,CVE-2018-5332,CVE-2018-5333 Sources used: SUSE Linux Enterprise Server 11-SP3-LTSS (src): kernel-bigsmp-3.0.101-0.47.106.19.1, kernel-default-3.0.101-0.47.106.19.1, kernel-ec2-3.0.101-0.47.106.19.1, kernel-pae-3.0.101-0.47.106.19.1, kernel-source-3.0.101-0.47.106.19.1, kernel-syms-3.0.101-0.47.106.19.1, kernel-trace-3.0.101-0.47.106.19.1, kernel-xen-3.0.101-0.47.106.19.1 SUSE Linux Enterprise Server 11-EXTRA (src): kernel-bigsmp-3.0.101-0.47.106.19.1, kernel-default-3.0.101-0.47.106.19.1, kernel-pae-3.0.101-0.47.106.19.1, kernel-ppc64-3.0.101-0.47.106.19.1, kernel-trace-3.0.101-0.47.106.19.1, kernel-xen-3.0.101-0.47.106.19.1 SUSE Linux Enterprise Point of Sale 11-SP3 (src): kernel-default-3.0.101-0.47.106.19.1, kernel-ec2-3.0.101-0.47.106.19.1, kernel-pae-3.0.101-0.47.106.19.1, kernel-source-3.0.101-0.47.106.19.1, kernel-syms-3.0.101-0.47.106.19.1, kernel-trace-3.0.101-0.47.106.19.1, kernel-xen-3.0.101-0.47.106.19.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): kernel-bigsmp-3.0.101-0.47.106.19.1, kernel-default-3.0.101-0.47.106.19.1, kernel-ec2-3.0.101-0.47.106.19.1, kernel-pae-3.0.101-0.47.106.19.1, kernel-trace-3.0.101-0.47.106.19.1, kernel-xen-3.0.101-0.47.106.19.1
SUSE-SU-2018:0841-1: An update that solves 9 vulnerabilities and has 41 fixes is now available. Category: security (important) Bug References: 1012382,1045538,1048585,1049128,1050431,1054305,1059174,1060279,1060682,1063544,1064861,1068032,1068984,1069508,1070623,1070781,1073311,1074488,1074621,1074880,1075088,1075091,1075410,1075617,1075621,1075908,1075994,1076017,1076154,1076278,1076437,1076849,1077191,1077355,1077406,1077487,1077560,1077922,1078875,1079917,1080133,1080359,1080363,1080372,1080579,1080685,1080774,1081500,936530,962257 CVE References: CVE-2015-1142857,CVE-2017-13215,CVE-2017-17741,CVE-2017-18017,CVE-2017-18079,CVE-2017-5715,CVE-2018-1000004,CVE-2018-5332,CVE-2018-5333 Sources used: SUSE Linux Enterprise Real Time Extension 11-SP4 (src): kernel-rt-3.0.101.rt130-69.21.1, kernel-rt_trace-3.0.101.rt130-69.21.1, kernel-source-rt-3.0.101.rt130-69.21.1, kernel-syms-rt-3.0.101.rt130-69.21.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): kernel-rt-3.0.101.rt130-69.21.1, kernel-rt_debug-3.0.101.rt130-69.21.1, kernel-rt_trace-3.0.101.rt130-69.21.1
Note that the patch was never marked with there bnc and CVE ids in SLE12-SP2 & SP3 and the patch was reverted from SP3 due to ABI breakage (see bug 1083635).
(In reply to Jiri Slaby from comment #9) > Note that the patch was never marked with there bnc and CVE ids in SLE12-SP2 > & SP3 and the patch was reverted from SP3 due to ABI breakage (see bug > 1083635). SLE12-SP2 got the fix via stable updates which didn't carry the CVE and bnc information. I'll look into a way to fix that for SLE12-SP3 and make lttng happy.
Pushed a new backport for SLE12-SP3 that does not change change the signature of the trace-point.
Fix merged again to SLE12-SP3, assigning back.
SUSE-SU-2018:1772-1: An update that solves 6 vulnerabilities and has 47 fixes is now available. Category: security (important) Bug References: 1012382,1024718,1031717,1035432,1041740,1045330,1056415,1066223,1068032,1068054,1068951,1070404,1073311,1075428,1076049,1078583,1079152,1080542,1080656,1081500,1081514,1082153,1082504,1082979,1085185,1085308,1086400,1086716,1087036,1087086,1088871,1090435,1090534,1090734,1090955,1091594,1094532,1095042,1095147,1096037,1096140,1096214,1096242,1096281,1096751,1096982,1097234,1097356,1098009,1098012,971975,973378,978907 CVE References: CVE-2017-17741,CVE-2017-18241,CVE-2017-18249,CVE-2018-12233,CVE-2018-3665,CVE-2018-5848 Sources used: SUSE Linux Enterprise Workstation Extension 12-SP3 (src): kernel-default-4.4.138-94.39.1 SUSE Linux Enterprise Software Development Kit 12-SP3 (src): kernel-docs-4.4.138-94.39.1, kernel-obs-build-4.4.138-94.39.1 SUSE Linux Enterprise Server 12-SP3 (src): kernel-default-4.4.138-94.39.1, kernel-source-4.4.138-94.39.1, kernel-syms-4.4.138-94.39.1 SUSE Linux Enterprise Live Patching 12-SP3 (src): kgraft-patch-SLE12-SP3_Update_14-1-4.5.1 SUSE Linux Enterprise High Availability 12-SP3 (src): kernel-default-4.4.138-94.39.1 SUSE Linux Enterprise Desktop 12-SP3 (src): kernel-default-4.4.138-94.39.1, kernel-source-4.4.138-94.39.1, kernel-syms-4.4.138-94.39.1 SUSE CaaS Platform ALL (src): kernel-default-4.4.138-94.39.1
openSUSE-SU-2018:1773-1: An update that solves 11 vulnerabilities and has 66 fixes is now available. Category: security (important) Bug References: 1012382,1019695,1019699,1022604,1022607,1022743,1024718,1031492,1031717,1035432,1036215,1041740,1045330,1056415,1066223,1068032,1068054,1068951,1070404,1073311,1075428,1076049,1078583,1079152,1080542,1080656,1081500,1081514,1082153,1082504,1082979,1085308,1086400,1086716,1087007,1087012,1087036,1087082,1087086,1087095,1088871,1090435,1090534,1090734,1090955,1091594,1091815,1092552,1092813,1092903,1093533,1093904,1094177,1094268,1094353,1094356,1094405,1094466,1094532,1094823,1094840,1095042,1095147,1096037,1096140,1096214,1096242,1096281,1096751,1096982,1097234,1097356,1098009,1098012,971975,973378,978907 CVE References: CVE-2017-13305,CVE-2017-17741,CVE-2017-18241,CVE-2017-18249,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-12233,CVE-2018-3639,CVE-2018-3665,CVE-2018-5848 Sources used: openSUSE Leap 42.3 (src): kernel-debug-4.4.138-59.1, kernel-default-4.4.138-59.1, kernel-docs-4.4.138-59.1, kernel-obs-build-4.4.138-59.1, kernel-obs-qa-4.4.138-59.1, kernel-source-4.4.138-59.1, kernel-syms-4.4.138-59.1, kernel-vanilla-4.4.138-59.1
SUSE-SU-2018:1816-1: An update that solves 17 vulnerabilities and has 109 fixes is now available. Category: security (important) Bug References: 1009062,1012382,1019695,1019699,1022604,1022607,1022743,1024718,1031717,1035432,1036215,1041740,1043598,1044596,1045330,1056415,1056427,1060799,1066223,1068032,1068054,1068951,1070404,1073059,1073311,1075087,1075428,1076049,1076263,1076805,1078583,1079152,1080157,1080542,1080656,1081500,1081514,1081599,1082153,1082299,1082485,1082504,1082962,1082979,1083635,1083650,1083900,1084721,1085185,1085308,1086400,1086716,1087007,1087012,1087036,1087082,1087086,1087095,1088810,1088871,1089023,1089115,1089393,1089895,1090225,1090435,1090534,1090643,1090658,1090663,1090708,1090718,1090734,1090953,1090955,1091041,1091325,1091594,1091728,1091960,1092289,1092497,1092552,1092566,1092772,1092813,1092888,1092904,1092975,1093008,1093035,1093144,1093215,1093533,1093904,1093990,1094019,1094033,1094059,1094177,1094268,1094353,1094356,1094405,1094466,1094532,1094823,1094840,1095042,1095147,1096037,1096140,1096214,1096242,1096281,1096751,1096982,1097234,1097356,1098009,1098012,919144,971975,973378,978907,993388 CVE References: CVE-2017-13305,CVE-2017-17741,CVE-2017-18241,CVE-2017-18249,CVE-2018-1000199,CVE-2018-1065,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-12233,CVE-2018-3639,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492,CVE-2018-8781 Sources used: SUSE Linux Enterprise Real Time Extension 12-SP3 (src): kernel-rt-4.4.138-3.14.1, kernel-rt_debug-4.4.138-3.14.1, kernel-source-rt-4.4.138-3.14.1, kernel-syms-rt-4.4.138-3.14.1
released
SUSE-SU-2019:1287-1: An update that solves 16 vulnerabilities and has 19 fixes is now available. Category: security (important) Bug References: 1012382,1024908,1034113,1043485,1068032,1073311,1080157,1080533,1082632,1087231,1087659,1087906,1093158,1094268,1096748,1100152,1103186,1106913,1109772,1111331,1112178,1113399,1116841,1118338,1119019,1122822,1124832,1125580,1129279,1131416,1131427,1131587,1132673,1132828,1133188 CVE References: CVE-2016-8636,CVE-2017-17741,CVE-2017-18174,CVE-2018-1091,CVE-2018-1120,CVE-2018-1128,CVE-2018-1129,CVE-2018-12126,CVE-2018-12127,CVE-2018-12130,CVE-2018-19407,CVE-2019-11091,CVE-2019-11486,CVE-2019-3882,CVE-2019-8564,CVE-2019-9503 Sources used: SUSE OpenStack Cloud 7 (src): kernel-default-4.4.121-92.109.2, kernel-source-4.4.121-92.109.2, kernel-syms-4.4.121-92.109.2, kgraft-patch-SLE12-SP2_Update_29-1-3.5.2 SUSE Linux Enterprise Server for SAP 12-SP2 (src): kernel-default-4.4.121-92.109.2, kernel-source-4.4.121-92.109.2, kernel-syms-4.4.121-92.109.2, kgraft-patch-SLE12-SP2_Update_29-1-3.5.2 SUSE Linux Enterprise Server 12-SP2-LTSS (src): kernel-default-4.4.121-92.109.2, kernel-source-4.4.121-92.109.2, kernel-syms-4.4.121-92.109.2, kgraft-patch-SLE12-SP2_Update_29-1-3.5.2 SUSE Linux Enterprise Server 12-SP2-BCL (src): kernel-default-4.4.121-92.109.2, kernel-source-4.4.121-92.109.2, kernel-syms-4.4.121-92.109.2 SUSE Linux Enterprise High Availability 12-SP2 (src): kernel-default-4.4.121-92.109.2 SUSE Enterprise Storage 4 (src): kernel-default-4.4.121-92.109.2, kernel-source-4.4.121-92.109.2, kernel-syms-4.4.121-92.109.2, kgraft-patch-SLE12-SP2_Update_29-1-3.5.2 OpenStack Cloud Magnum Orchestration 7 (src): kernel-default-4.4.121-92.109.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.