Bug 1082962 – VUL-0: CVE-2018-7492: kernel: Null pointer dereference in _rds_rdma_map() allows local attackers to cause denial-of-service

Bug 1082962 - (CVE-2018-7492) VUL-0: CVE-2018-7492: kernel: Null pointer dereference in _rds_rdma_map() allows local attackers to cause denial-of-service

(CVE-2018-7492)
Summary:	VUL-0: CVE-2018-7492: kernel: Null pointer dereference in _rds_rdma_map() all...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/200869/
Whiteboard:	CVSSv2:NVD:CVE-2018-7492:4.9:(AV:L/AC...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2018-02-27 07:23 UTC by Johannes Segitz
Modified:	2019-08-28 08:55 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Johannes Segitz 2018-02-27 07:23:38 UTC

rh#1527393

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map()
function in the Linux kernel before 4.14.7 allowing local attackers to cause a
system panic and a denial-of-service, related to RDS_GET_MR and
RDS_GET_MR_FOR_DEST.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1527393
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7492
http://www.cvedetails.com/cve/CVE-2018-7492/
https://patchwork.kernel.org/patch/10096441/
https://github.com/torvalds/linux/commit/f3069c6d33f6ae63a1668737bc78aaaa51bff7ca
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.7
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3069c6d33f6ae63a1668737bc78aaaa51bff7ca
https://xorl.wordpress.com/2017/12/18/linux-kernel-rdma-null-pointer-dereference/

Comment 1 Michal Kubeček 2018-05-02 11:13:06 UTC

  introduced              eff5f53bef75    v2.6.30-rc1
  fixed                   f3069c6d33f6    v4.15-rc3

Branch stable is already past 4.15 and SLE12-SP2-LTSS and SLE12-SP3 received
the fix via 4.4.106 stable update. Backport is needed for SLE15, cve/linux-3.12,
cve/linux-3.0 and cve/linux-2.6.32.

Comment 2 Michal Kubeček 2018-05-17 07:19:22 UTC

The fix is now present in or submitted to (*) all relevant branches:

  stable                  4.15
  SLE15-UPDATE            23bba588a173
  SLE12-SP3               4.4.106
  SLE12-SP2-LTSS          4.4.106
  cve/linux-3.12          70375ad0dc87
  cve/linux-3.0           b57e6f5ee6a4 *
  cve/linux-2.6.32        3dfe2e8243bc *

Reassigning back to security team.

Comment 3 Swamp Workflow Management 2018-05-23 05:57:05 UTC

SUSE-SU-2018:1366-1: An update that solves 9 vulnerabilities and has 71 fixes is now available.

Category: security (important)
Bug References: 1005778,1005780,1005781,1009062,1012382,1015336,1015337,1015340,1015342,1015343,1022604,1022743,1024296,1031492,1036215,1043598,1044596,1056415,1056427,1060799,1068032,1075087,1075091,1075994,1076263,1080157,1082153,1082299,1082485,1082962,1083125,1083635,1083650,1083900,1084721,1085058,1085185,1085511,1085958,1087082,1088242,1088865,1089023,1089115,1089198,1089393,1089608,1089644,1089752,1089895,1089925,1090225,1090643,1090658,1090663,1090708,1090718,1090734,1090953,1091041,1091325,1091728,1091925,1091960,1092289,1092497,1092566,1092904,1093008,1093144,1093215,1094019,802154,966170,966172,966186,966191,969476,969477,981348
CVE References: CVE-2018-1000199,CVE-2018-10087,CVE-2018-10124,CVE-2018-1065,CVE-2018-1130,CVE-2018-3639,CVE-2018-5803,CVE-2018-7492,CVE-2018-8781
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP3 (src):    kernel-default-4.4.131-94.29.1
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    kernel-docs-4.4.131-94.29.1, kernel-obs-build-4.4.131-94.29.1
SUSE Linux Enterprise Server 12-SP3 (src):    kernel-default-4.4.131-94.29.1, kernel-source-4.4.131-94.29.1, kernel-syms-4.4.131-94.29.1
SUSE Linux Enterprise Live Patching 12-SP3 (src):    kgraft-patch-SLE12-SP3_Update_12-1-4.5.2
SUSE Linux Enterprise High Availability 12-SP3 (src):    kernel-default-4.4.131-94.29.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    kernel-default-4.4.131-94.29.1, kernel-source-4.4.131-94.29.1, kernel-syms-4.4.131-94.29.1
SUSE CaaS Platform ALL (src):    kernel-default-4.4.131-94.29.1

Comment 4 Swamp Workflow Management 2018-05-24 19:15:00 UTC

openSUSE-SU-2018:1418-1: An update that solves 11 vulnerabilities and has 93 fixes is now available.

Category: security (important)
Bug References: 1005778,1005780,1005781,1009062,1012382,1015336,1015337,1015340,1015342,1015343,1022604,1022743,1024296,1031492,1036215,1043598,1044596,1056415,1056427,1060799,1066223,1068032,1070404,1073059,1075087,1075091,1075994,1076263,1076805,1080157,1081599,1082153,1082299,1082485,1082962,1083125,1083635,1083650,1083900,1084610,1084699,1084721,1085058,1085185,1085511,1085679,1085958,1086162,1087082,1087274,1088050,1088242,1088267,1088313,1088600,1088684,1088810,1088865,1088871,1089023,1089115,1089198,1089393,1089608,1089644,1089752,1089895,1089925,1090225,1090643,1090658,1090663,1090708,1090718,1090734,1090953,1091041,1091325,1091728,1091960,1092289,1092497,1092566,1092772,1092888,1092904,1092975,1093008,1093035,1093144,1093215,1093990,1094019,1094033,1094059,802154,966170,966172,966186,966191,969476,969477,981348,993388
CVE References: CVE-2017-18257,CVE-2018-1000199,CVE-2018-10087,CVE-2018-10124,CVE-2018-1065,CVE-2018-1130,CVE-2018-3639,CVE-2018-5803,CVE-2018-7492,CVE-2018-8781,CVE-2018-8822
Sources used:
openSUSE Leap 42.3 (src):    kernel-debug-4.4.132-53.1, kernel-default-4.4.132-53.1, kernel-docs-4.4.132-53.1, kernel-obs-build-4.4.132-53.1, kernel-obs-qa-4.4.132-53.1, kernel-source-4.4.132-53.1, kernel-syms-4.4.132-53.1, kernel-vanilla-4.4.132-53.1

Comment 5 Swamp Workflow Management 2018-06-20 13:10:27 UTC

SUSE-SU-2018:1761-1: An update that solves 10 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 1038553,1046610,1079152,1082962,1083382,1083900,1087007,1087012,1087082,1087086,1087095,1092813,1092904,1094033,1094353,1094823,1096140,1096242,1096281,1096480,1096728,1097356
CVE References: CVE-2017-13305,CVE-2018-1000204,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492
Sources used:
SUSE Linux Enterprise Server for SAP 12-SP1 (src):    kernel-default-3.12.74-60.64.96.1, kernel-source-3.12.74-60.64.96.1, kernel-syms-3.12.74-60.64.96.1, kernel-xen-3.12.74-60.64.96.1, kgraft-patch-SLE12-SP1_Update_29-1-2.3.1
SUSE Linux Enterprise Server 12-SP1-LTSS (src):    kernel-default-3.12.74-60.64.96.1, kernel-source-3.12.74-60.64.96.1, kernel-syms-3.12.74-60.64.96.1, kernel-xen-3.12.74-60.64.96.1, kgraft-patch-SLE12-SP1_Update_29-1-2.3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.74-60.64.96.1

Comment 6 Swamp Workflow Management 2018-06-20 13:15:23 UTC

SUSE-SU-2018:1762-1: An update that solves 10 vulnerabilities and has 11 fixes is now available.

Category: security (important)
Bug References: 1046610,1079152,1082962,1083900,1087007,1087012,1087082,1087086,1087095,1092552,1092813,1092904,1094033,1094353,1094823,1096140,1096242,1096281,1096480,1096728,1097356
CVE References: CVE-2017-13305,CVE-2018-1000204,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    kernel-default-3.12.61-52.136.1, kernel-source-3.12.61-52.136.1, kernel-syms-3.12.61-52.136.1, kernel-xen-3.12.61-52.136.1, kgraft-patch-SLE12_Update_36-1-1.3.1
SUSE Linux Enterprise Module for Public Cloud 12 (src):    kernel-ec2-3.12.61-52.136.1

Comment 9 Swamp Workflow Management 2018-06-26 16:17:22 UTC

SUSE-SU-2018:1816-1: An update that solves 17 vulnerabilities and has 109 fixes is now available.

Category: security (important)
Bug References: 1009062,1012382,1019695,1019699,1022604,1022607,1022743,1024718,1031717,1035432,1036215,1041740,1043598,1044596,1045330,1056415,1056427,1060799,1066223,1068032,1068054,1068951,1070404,1073059,1073311,1075087,1075428,1076049,1076263,1076805,1078583,1079152,1080157,1080542,1080656,1081500,1081514,1081599,1082153,1082299,1082485,1082504,1082962,1082979,1083635,1083650,1083900,1084721,1085185,1085308,1086400,1086716,1087007,1087012,1087036,1087082,1087086,1087095,1088810,1088871,1089023,1089115,1089393,1089895,1090225,1090435,1090534,1090643,1090658,1090663,1090708,1090718,1090734,1090953,1090955,1091041,1091325,1091594,1091728,1091960,1092289,1092497,1092552,1092566,1092772,1092813,1092888,1092904,1092975,1093008,1093035,1093144,1093215,1093533,1093904,1093990,1094019,1094033,1094059,1094177,1094268,1094353,1094356,1094405,1094466,1094532,1094823,1094840,1095042,1095147,1096037,1096140,1096214,1096242,1096281,1096751,1096982,1097234,1097356,1098009,1098012,919144,971975,973378,978907,993388
CVE References: CVE-2017-13305,CVE-2017-17741,CVE-2017-18241,CVE-2017-18249,CVE-2018-1000199,CVE-2018-1065,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-12233,CVE-2018-3639,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492,CVE-2018-8781
Sources used:
SUSE Linux Enterprise Real Time Extension 12-SP3 (src):    kernel-rt-4.4.138-3.14.1, kernel-rt_debug-4.4.138-3.14.1, kernel-source-rt-4.4.138-3.14.1, kernel-syms-rt-4.4.138-3.14.1

Comment 10 Swamp Workflow Management 2018-06-29 19:16:35 UTC

SUSE-SU-2018:1855-1: An update that solves 14 vulnerabilities and has 15 fixes is now available.

Category: security (important)
Bug References: 1068032,1079152,1082962,1083650,1083900,1085185,1086400,1087007,1087012,1087036,1087086,1087095,1089895,1090534,1090955,1092497,1092552,1092813,1092904,1094033,1094353,1094823,1095042,1096140,1096242,1096281,1096728,1097356,973378
CVE References: CVE-2017-13305,CVE-2017-18241,CVE-2017-18249,CVE-2018-1000199,CVE-2018-1000204,CVE-2018-1065,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492
Sources used:
SUSE OpenStack Cloud 7 (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1
SUSE Linux Enterprise Server for SAP 12-SP2 (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1
SUSE Linux Enterprise Server 12-SP2-LTSS (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1
SUSE Enterprise Storage 4 (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1
OpenStack Cloud Magnum Orchestration 7 (src):    kernel-default-4.4.121-92.85.1

Comment 16 Swamp Workflow Management 2018-07-18 06:08:04 UTC

This is an autogenerated message for OBS integration:
This bug (1082962) was mentioned in
https://build.opensuse.org/request/show/623532 15.0 / kernel-source

Comment 17 Swamp Workflow Management 2018-07-27 17:59:34 UTC

SUSE-SU-2018:2092-1: An update that solves 22 vulnerabilities and has 246 fixes is now available.

Category: security (important)
Bug References: 1046303,1046305,1046306,1046307,1046540,1046542,1046543,1048129,1050242,1050252,1050529,1050536,1050538,1050545,1050549,1050662,1051510,1052766,1055968,1056427,1056643,1056651,1056653,1056657,1056658,1056662,1056686,1056787,1058115,1058513,1058659,1058717,1060463,1061024,1061840,1062897,1064802,1065600,1066110,1066129,1068032,1068054,1071218,1071995,1072829,1072856,1073513,1073765,1073960,1074562,1074578,1074701,1074741,1074873,1074919,1075006,1075007,1075262,1075419,1075748,1075876,1076049,1076115,1076372,1076830,1077338,1078248,1078353,1079152,1079747,1080039,1080542,1081599,1082485,1082504,1082869,1082962,1083647,1083900,1084001,1084570,1085308,1085539,1085626,1085933,1085936,1085937,1085938,1085939,1085941,1086282,1086283,1086286,1086288,1086319,1086323,1086400,1086652,1086739,1087078,1087082,1087084,1087092,1087205,1087210,1087213,1087214,1087284,1087405,1087458,1087939,1087978,1088354,1088690,1088704,1088722,1088796,1088804,1088821,1088866,1089115,1089268,1089467,1089608,1089663,1089664,1089667,1089669,1089752,1089753,1089878,1090150,1090457,1090605,1090643,1090646,1090658,1090734,1090888,1090953,1091158,1091171,1091424,1091594,1091666,1091678,1091686,1091781,1091782,1091815,1091860,1091960,1092100,1092472,1092710,1092772,1092888,1092904,1092975,1093023,1093027,1093035,1093118,1093148,1093158,1093184,1093205,1093273,1093290,1093604,1093641,1093649,1093653,1093655,1093657,1093663,1093721,1093728,1093904,1093990,1094244,1094356,1094420,1094541,1094575,1094751,1094825,1094840,1094912,1094978,1095042,1095094,1095115,1095155,1095265,1095321,1095337,1095467,1095573,1095735,1095893,1096065,1096480,1096529,1096696,1096705,1096728,1096753,1096790,1096793,1097034,1097105,1097234,1097356,1097373,1097439,1097465,1097468,1097470,1097471,1097472,1097551,1097780,1097796,1097800,1097941,1097961,1098016,1098043,1098050,1098174,1098176,1098236,1098401,1098425,1098435,1098599,1098626,1098706,1098983,1098995,1099029,1099041,1099109,1099142,1099183,1099715,1099792,1099918,1099924,1099966,1100132,1100209,1100340,1100362,1100382,1100394,1100416,1100418,1100491,1100602,1100633,1100843,1101296,1101315,1101324,971975,975772
CVE References: CVE-2017-5715,CVE-2017-5753,CVE-2018-1000200,CVE-2018-1000204,CVE-2018-10087,CVE-2018-10124,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1118,CVE-2018-1120,CVE-2018-1130,CVE-2018-12233,CVE-2018-13053,CVE-2018-13405,CVE-2018-13406,CVE-2018-3639,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492,CVE-2018-8781,CVE-2018-9385
Sources used:
SUSE Linux Enterprise Workstation Extension 15 (src):    kernel-default-4.12.14-25.3.1
SUSE Linux Enterprise Module for Live Patching 15 (src):    kernel-default-4.12.14-25.3.1, kernel-livepatch-SLE15_Update_1-1-1.3.1
SUSE Linux Enterprise Module for Legacy Software 15 (src):    kernel-default-4.12.14-25.3.1
SUSE Linux Enterprise Module for Development Tools 15 (src):    kernel-docs-4.12.14-25.3.1, kernel-obs-build-4.12.14-25.3.1, kernel-source-4.12.14-25.3.1, kernel-syms-4.12.14-25.3.1, kernel-vanilla-4.12.14-25.3.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    kernel-default-4.12.14-25.3.1, kernel-source-4.12.14-25.3.1, kernel-zfcpdump-4.12.14-25.3.1
SUSE Linux Enterprise High Availability 15 (src):    kernel-default-4.12.14-25.3.1

Comment 18 Swamp Workflow Management 2018-07-28 13:30:42 UTC

openSUSE-SU-2018:2119-1: An update that solves 23 vulnerabilities and has 283 fixes is now available.

Category: security (important)
Bug References: 1022476,1046303,1046305,1046306,1046307,1046540,1046542,1046543,1048129,1050242,1050252,1050529,1050536,1050538,1050545,1050549,1050662,1051510,1052766,1055117,1055186,1055968,1056427,1056643,1056651,1056653,1056657,1056658,1056662,1056686,1056787,1058115,1058513,1058659,1058717,1059336,1060463,1061024,1061840,1062897,1064802,1065600,1065729,1066110,1066129,1068032,1068054,1068546,1071218,1071995,1072829,1072856,1073513,1073765,1073960,1074562,1074578,1074701,1074741,1074873,1074919,1074984,1075006,1075007,1075262,1075419,1075748,1075876,1076049,1076115,1076372,1076830,1077338,1078248,1078353,1079152,1079747,1080039,1080157,1080542,1081599,1082485,1082504,1082869,1082962,1083647,1083684,1083900,1084001,1084570,1084721,1085308,1085341,1085400,1085539,1085626,1085933,1085936,1085937,1085938,1085939,1085941,1086224,1086282,1086283,1086286,1086288,1086319,1086323,1086400,1086467,1086652,1086739,1087084,1087088,1087092,1087205,1087210,1087213,1087214,1087284,1087405,1087458,1087939,1087978,1088273,1088354,1088374,1088690,1088704,1088713,1088722,1088796,1088804,1088821,1088866,1088872,1089074,1089086,1089115,1089141,1089198,1089268,1089271,1089467,1089608,1089644,1089663,1089664,1089667,1089669,1089752,1089753,1089762,1089878,1089889,1089977,1090098,1090150,1090457,1090522,1090534,1090535,1090605,1090643,1090646,1090658,1090717,1090734,1090818,1090888,1090953,1091101,1091158,1091171,1091264,1091424,1091532,1091543,1091594,1091666,1091678,1091686,1091781,1091782,1091815,1091860,1091960,1092100,1092289,1092472,1092566,1092710,1092772,1092888,1092904,1092975,1093023,1093027,1093035,1093118,1093148,1093158,1093184,1093205,1093273,1093290,1093604,1093641,1093649,1093653,1093655,1093657,1093663,1093721,1093728,1093904,1093990,1094244,1094356,1094420,1094541,1094575,1094751,1094825,1094840,1094978,1095042,1095094,1095104,1095115,1095155,1095265,1095321,1095337,1095467,1095573,1095735,1095893,1096065,1096480,1096529,1096696,1096705,1096728,1096753,1096790,1096793,1097034,1097105,1097234,1097356,1097373,1097439,1097465,1097468,1097470,1097471,1097472,1097551,1097780,1097796,1097800,1097941,1097961,1098016,1098043,1098050,1098174,1098176,1098236,1098401,1098425,1098435,1098599,1098626,1098706,1098983,1098995,1099029,1099041,1099109,1099142,1099183,1099715,1099792,1099918,1099924,1099966,1100132,1100209,1100340,1100362,1100382,1100416,1100418,1100491,1100602,1100633,1100734,1100843,1101296,1101315,1101324,971975,975772
CVE References: CVE-2017-5715,CVE-2017-5753,CVE-2018-1000200,CVE-2018-1000204,CVE-2018-10087,CVE-2018-10124,CVE-2018-10323,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1108,CVE-2018-1118,CVE-2018-1120,CVE-2018-1130,CVE-2018-12233,CVE-2018-13053,CVE-2018-13405,CVE-2018-13406,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492,CVE-2018-8781,CVE-2018-9385
Sources used:
openSUSE Leap 15.0 (src):    kernel-debug-4.12.14-lp150.12.7.1, kernel-default-4.12.14-lp150.12.7.1, kernel-docs-4.12.14-lp150.12.7.1, kernel-kvmsmall-4.12.14-lp150.12.7.1, kernel-obs-build-4.12.14-lp150.12.7.1, kernel-obs-qa-4.12.14-lp150.12.7.1, kernel-source-4.12.14-lp150.12.7.1, kernel-syms-4.12.14-lp150.12.7.1, kernel-vanilla-4.12.14-lp150.12.7.1

Comment 23 Swamp Workflow Management 2018-08-16 10:38:03 UTC

SUSE-SU-2018:2366-1: An update that solves 13 vulnerabilities and has four fixes is now available.

Category: security (important)
Bug References: 1082962,1083900,1085107,1087081,1089343,1092904,1094353,1096480,1096728,1097234,1098016,1099924,1099942,1100418,1104475,1104684,909361
CVE References: CVE-2016-8405,CVE-2017-13305,CVE-2018-1000204,CVE-2018-1068,CVE-2018-1130,CVE-2018-12233,CVE-2018-13053,CVE-2018-13406,CVE-2018-3620,CVE-2018-3646,CVE-2018-5803,CVE-2018-5814,CVE-2018-7492
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    kernel-bigsmp-3.0.101-0.47.106.43.1, kernel-default-3.0.101-0.47.106.43.1, kernel-ec2-3.0.101-0.47.106.43.1, kernel-pae-3.0.101-0.47.106.43.1, kernel-source-3.0.101-0.47.106.43.1, kernel-syms-3.0.101-0.47.106.43.1, kernel-trace-3.0.101-0.47.106.43.1, kernel-xen-3.0.101-0.47.106.43.1
SUSE Linux Enterprise Server 11-EXTRA (src):    kernel-bigsmp-3.0.101-0.47.106.43.1, kernel-default-3.0.101-0.47.106.43.1, kernel-pae-3.0.101-0.47.106.43.1, kernel-ppc64-3.0.101-0.47.106.43.1, kernel-trace-3.0.101-0.47.106.43.1, kernel-xen-3.0.101-0.47.106.43.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    kernel-default-3.0.101-0.47.106.43.1, kernel-ec2-3.0.101-0.47.106.43.1, kernel-pae-3.0.101-0.47.106.43.1, kernel-source-3.0.101-0.47.106.43.1, kernel-syms-3.0.101-0.47.106.43.1, kernel-trace-3.0.101-0.47.106.43.1, kernel-xen-3.0.101-0.47.106.43.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    kernel-bigsmp-3.0.101-0.47.106.43.1, kernel-default-3.0.101-0.47.106.43.1, kernel-ec2-3.0.101-0.47.106.43.1, kernel-pae-3.0.101-0.47.106.43.1, kernel-trace-3.0.101-0.47.106.43.1, kernel-xen-3.0.101-0.47.106.43.1

Comment 24 Swamp Workflow Management 2018-08-16 14:03:56 UTC

An update workflow for this issue was started.
This issue was rated as moderate.
Please submit fixed packages until 2018-08-30.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/64114

Comment 26 Marcus Meissner 2018-08-29 09:59:50 UTC

released

Comment 27 Swamp Workflow Management 2018-09-06 16:08:50 UTC

SUSE-SU-2018:2637-1: An update that solves 13 vulnerabilities and has 18 fixes is now available.

Category: security (important)
Bug References: 1015828,1037441,1047487,1082962,1083900,1085107,1087081,1089343,1092904,1093183,1094353,1096480,1096728,1097125,1097234,1097562,1098016,1098658,1099709,1099924,1099942,1100091,1100132,1100418,1102087,1103884,1103909,1104365,1104475,1104684,909361
CVE References: CVE-2016-8405,CVE-2017-13305,CVE-2018-1000204,CVE-2018-1068,CVE-2018-1130,CVE-2018-12233,CVE-2018-13053,CVE-2018-13406,CVE-2018-3620,CVE-2018-3646,CVE-2018-5803,CVE-2018-5814,CVE-2018-7492
Sources used:
SUSE Linux Enterprise Real Time Extension 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.33.1, kernel-rt_trace-3.0.101.rt130-69.33.1, kernel-source-rt-3.0.101.rt130-69.33.1, kernel-syms-rt-3.0.101.rt130-69.33.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    kernel-rt-3.0.101.rt130-69.33.1, kernel-rt_debug-3.0.101.rt130-69.33.1, kernel-rt_trace-3.0.101.rt130-69.33.1

Comment 28 Swamp Workflow Management 2018-10-18 16:45:08 UTC

SUSE-SU-2018:1855-2: An update that solves 14 vulnerabilities and has 15 fixes is now available.

Category: security (important)
Bug References: 1068032,1079152,1082962,1083650,1083900,1085185,1086400,1087007,1087012,1087036,1087086,1087095,1089895,1090534,1090955,1092497,1092552,1092813,1092904,1094033,1094353,1094823,1095042,1096140,1096242,1096281,1096728,1097356,973378
CVE References: CVE-2017-13305,CVE-2017-18241,CVE-2017-18249,CVE-2018-1000199,CVE-2018-1000204,CVE-2018-1065,CVE-2018-1092,CVE-2018-1093,CVE-2018-1094,CVE-2018-1130,CVE-2018-3665,CVE-2018-5803,CVE-2018-5848,CVE-2018-7492
Sources used:
SUSE Linux Enterprise Server 12-SP2-BCL (src):    kernel-default-4.4.121-92.85.1, kernel-source-4.4.121-92.85.1, kernel-syms-4.4.121-92.85.1, kgraft-patch-SLE12-SP2_Update_23-1-3.5.1