drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Linux
Name: |
Zwei Probleme in Linux |
|
ID: |
SUSE-SU-2019:0801-1 |
|
Distribution: |
SUSE |
|
Plattformen: |
SUSE Linux Enterprise Desktop 12-SP3, SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Workstation Extension 12-SP3, SUSE Linux Enterprise Software Development Kit 12-SP3, SUSE Linux Enterprise Live Patching 12-SP3, SUSE Linux Enterprise High Availability 12-SP3, SUSE CaaS Platform ALL, SUSE CaaS Platform 3.0 |
|
Datum: |
Fr, 29. März 2019, 12:48 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9213
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2024 |
|
Applikationen: |
Linux |
|
Originalnachricht |
SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________
Announcement ID: SUSE-SU-2019:0801-1 Rating: important References: #1012382 #1020413 #1065600 #1070767 #1075697 #1082943 #1087092 #1090435 #1102959 #1103429 #1106929 #1109137 #1109248 #1119019 #1119843 #1120691 #1120902 #1121713 #1121805 #1124235 #1125315 #1125446 #1126389 #1126772 #1126773 #1126805 #1127082 #1127155 #1127561 #1127725 #1127731 #1127961 #1128166 #1128452 #1128565 #1128696 #1128756 #1128893 #1129080 #1129179 #1129237 #1129238 #1129239 #1129240 #1129241 #1129413 #1129414 #1129415 #1129416 #1129417 #1129418 #1129419 #1129581 #1129770 #1129923 Cross-References: CVE-2019-2024 CVE-2019-9213 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Live Patching 12-SP3 SUSE Linux Enterprise High Availability 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 SUSE CaaS Platform ALL SUSE CaaS Platform 3.0 ______________________________________________________________________________
An update that solves two vulnerabilities and has 53 fixes is now available.
Description:
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.176 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap minimum address, which made it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task (bnc#1128166). - CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc#1129179).
The following non-security bugs were fixed:
- ax25: fix possible use-after-free (bnc#1012382). - block_dev: fix crash on chained bios with O_DIRECT (bsc#1090435). - block: do not use bio->bi_vcnt to figure out segment number (bsc#1128893). - bnxt_re: Fix couple of memory leaks that could lead to IOMMU call traces (bsc#1020413). - bpf: fix replace_map_fd_with_map_ptr's ldimm64 second imm field (bsc#1012382). - btrfs: ensure that a DUP or RAID1 block group has exactly two stripes (bsc#1128452). - ceph: avoid repeatedly adding inode to mdsc->snap_flush_list (bsc#1126773). - ch: add missing mutex_lock()/mutex_unlock() in ch_release() (bsc#1124235). - ch: fixup refcounting imbalance for SCSI devices (bsc#1124235). - copy_mount_string: Limit string length to PATH_MAX (bsc#1082943). - device property: Fix the length used in PROPERTY_ENTRY_STRING() (bsc#1129770). - drivers: hv: vmbus: Check for ring when getting debug info (bsc#1126389). - drm: Fix error handling in drm_legacy_addctx (bsc#1106929) - drm/nouveau/bios/ramcfg: fix missing parentheses when calculating RON (bsc#1106929) - drm/nouveau/pmu: do not print reply values if exec is false (bsc#1106929) - drm/radeon/evergreen_cs: fix missing break in switch statement (bsc#1106929) - drm/vmwgfx: Do not double-free the mode stored in par->set_mode (bsc#1103429) - enic: add wq clean up budget (bsc#1075697, bsc#1120691. bsc#1102959). - enic: do not overwrite error code (bnc#1012382). - fbdev: chipsfb: remove set but not used variable 'size' (bsc#1106929) - ibmvnic: Report actual backing device speed and duplex values (bsc#1129923). - ibmvscsi: Fix empty event pool access during host removal (bsc#1119019). - input: mms114 - fix license module information (bsc#1087092). - iommu/dmar: Fix buffer overflow during PCI bus notification (bsc#1129237). - iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables (bsc#1129238). - iommu/vt-d: Check identity map for hot-added devices (bsc#1129239). - iommu/vt-d: Fix NULL pointer reference in intel_svm_bind_mm() (bsc#1129240). - ixgbe: fix crash in build_skb Rx code path (git-fixes). - kabi: protect struct inet_peer (kabi). - kallsyms: Handle too long symbols in kallsyms.c (bsc#1126805). - KMPs: obsolete older KMPs of the same flavour (bsc#1127155, bsc#1109137). - kvm: arm/arm64: vgic-its: Check CBASER/BASER validity before enabling the ITS (bsc#1109248). - kvm: arm/arm64: vgic-its: Check GITS_BASER Valid bit before saving tables (bsc#1109248). - kvm: arm/arm64: vgic-its: Fix return value for device table restore (bsc#1109248). - kvm: arm/arm64: vgic-its: Fix vgic_its_restore_collection_table returned value (bsc#1109248). - kvm: nVMX: Do not halt vcpu when L1 is injecting events to L2 (bsc#1129413). - kvm: nVMX: Free the VMREAD/VMWRITE bitmaps if alloc_kvm_area() fails (bsc#1129414). - kvm: nVMX: NMI-window and interrupt-window exiting should wake L2 from HLT (bsc#1129415). - kvm: nVMX: Set VM instruction error for VMPTRLD of unbacked page (bsc#1129416). - kvm: VMX: Do not allow reexecute_instruction() when skipping MMIO instr (bsc#1129417). - kvm: vmx: Set IA32_TSC_AUX for legacy mode guests (bsc#1129418). - kvm: x86: Add AMD's EX_CFG to the list of ignored MSRs (bsc#1127082). - kvm: x86: IA32_ARCH_CAPABILITIES is always supported (bsc#1129419). - libceph: handle an empty authorize reply (bsc#1126772). - mdio_bus: Fix use-after-free on device_register fails (git-fixes). - mfd: as3722: Handle interrupts on suspend (bnc#1012382). - mfd: as3722: Mark PM functions as __maybe_unused (bnc#1012382). - mISDN: fix a race in dev_expire_timer() (bnc#1012382). - mlxsw: pci: Correctly determine if descriptor queue is full (git-fixes). - mlxsw: reg: Use correct offset in field definiton (git-fixes). - mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL (bnc#1012382). - mm,memory_hotplug: fix scan_movable_pages() for gigantic hugepages (bsc#1127731). - net: Add header for usage of fls64() (bnc#1012382). - net: Do not allocate page fragments that are not skb aligned (bnc#1012382). - net: dsa: bcm_sf2: Do not assume DSA master supports WoL (git-fixes). - net: dsa: mv88e6xxx: fix port VLAN maps (git-fixes). - net: Fix for_each_netdev_feature on Big endian (bnc#1012382). - net: fix IPv6 prefix route residue (bnc#1012382). - net/hamradio/6pack: Convert timers to use timer_setup() (git-fixes). - net/hamradio/6pack: use mod_timer() to rearm timers (git-fixes). - net: ipv4: use a dedicated counter for icmp_v4 redirect packets (bnc#1012382). - net: lan78xx: Fix race in tx pending skb size calculation (git-fixes). - net/mlx4_core: drop useless LIST_HEAD (git-fixes). - net/mlx4_core: Fix qp mtt size calculation (git-fixes). - net/mlx4_core: Fix reset flow when in command polling mode (git-fixes). - net/mlx4: Fix endianness issue in qp context params (git-fixes). - net/mlx5: Continue driver initialization despite debugfs failure (git-fixes). - net/mlx5e: Fix TCP checksum in LRO buffers (git-fixes). - net/mlx5: Fix driver load bad flow when having fw initializing timeout (git-fixes). - net/mlx5: fix uaccess beyond "count" in debugfs read/write handlers (git-fixes). - net/mlx5: Fix use-after-free in self-healing flow (git-fixes). - net/mlx5: Return success for PAGE_FAULT_RESUME in internal error state (git-fixes). - net: mv643xx_eth: fix packet corruption with TSO and tiny unaligned packets (git-fixes). - net: phy: Avoid polling PHY with PHY_IGNORE_INTERRUPTS (git-fixes). - net: phy: bcm7xxx: Fix shadow mode 2 disabling (git-fixes). - net: qca_spi: Fix race condition in spi transfers (git-fixes). - net: stmmac: Fix a race in EEE enable callback (bnc#1012382). - net: stmmac: Fix a race in EEE enable callback (git-fixes). - net: thunderx: set tso_hdrs pointer to NULL in nicvf_free_snd_queue (git-fixes). - net/x25: do not hold the cpu too long in x25_new_lci() (bnc#1012382). - PCI/PME: Fix hotplug/sysfs remove deadlock in pcie_pme_remove() (bsc#1129241). - perf/x86: Add sysfs entry to freeze counters on SMI (bsc#1121805). - perf/x86/intel: Delay memory deallocation until x86_pmu_dead_cpu() (bsc#1121805). - perf/x86/intel: Do not enable freeze-on-smi for PerfMon V1 (bsc#1121805). - perf/x86/intel: Fix memory corruption (bsc#1121805). - perf/x86/intel: Generalize dynamic constraint creation (bsc#1121805). - perf/x86/intel: Implement support for TSX Force Abort (bsc#1121805). - perf/x86/intel: Make cpuc allocations consistent (bsc#1121805). - phy: micrel: Ensure interrupts are reenabled on resume (git-fixes). - powerpc/pseries: Add CPU dlpar remove functionality (bsc#1128756). - powerpc/pseries: Consolidate CPU hotplug code to hotplug-cpu.c (bsc#1128756). - powerpc/pseries: Factor out common cpu hotplug code (bsc#1128756). - powerpc/pseries: Perform full re-add of CPU for topology update post-migration (bsc#1128756). - pppoe: fix reception of frames with no mac header (git-fixes). - pptp: dst_release sk_dst_cache in pptp_sock_destruct (git-fixes). - pseries/energy: Use OF accessor function to read ibm,drc-indexes (bsc#1129080). - rdma/bnxt_re: Synchronize destroy_qp with poll_cq (bsc#1125446). - Revert "mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL" (bnc#1012382). - Revert "x86/platform/UV: Use efi_runtime_lock to serialise BIOS calls" (bsc#1128565). - s390/qeth: cancel close_dev work before removing a card (LTC#175898, bsc#1127561). - scsi: aacraid: Fix missing break in switch statement (bsc#1128696). - scsi: ibmvscsi: Fix empty event pool access during host removal (bsc#1119019). - scsi: lpfc: do not set queue->page_count to 0 if pc_sli4_params.wqpcnt is invalid (bsc#1127725). - scsi: qla2xxx: Fix early srb free on abort (bsc#1121713). - scsi: qla2xxx: Fix for double free of SRB structure (bsc#1121713). - scsi: qla2xxx: Increase abort timeout value (bsc#1121713). - scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (bsc#1121713). - scsi: qla2xxx: Return switch command on a timeout (bsc#1121713). - scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (bsc#1121713). - scsi: qla2xxx: Use correct qpair for ABTS/CMD (bsc#1121713). - scsi: sym53c8xx: fix NULL pointer dereference panic in sym_int_sir() (bsc#1125315). - sky2: Increase D3 delay again (bnc#1012382). - tcp: clear icsk_backoff in tcp_write_queue_purge() (bnc#1012382). - tcp: tcp_v4_err() should be more careful (bnc#1012382). - team: avoid complex list operations in team_nl_cmd_options_set() (bnc#1012382). - team: Free BPF filter when unregistering netdev (git-fixes). - tracing: Do not free iter->trace in fail path of tracing_open_pipe() (bsc#1129581). - vsock: cope with memory allocation failure at socket creation time (bnc#1012382). - vxlan: test dev->flags & IFF_UP before calling netif_rx() (bnc#1012382). - wireless: airo: potential buffer overflow in sprintf() (bsc#1120902). - x86: Add TSX Force Abort CPUID/MSR (bsc#1121805). - x86: Fix incorrect value for X86_FEATURE_TSX_FORCE_ABORT - x86: livepatch: Treat R_X86_64_PLT32 as R_X86_64_PC32 (bnc#1012382). - xen, cpu_hotplug: Prevent an out of bounds access (bsc#1065600). - xen: remove pre-xen3 fallback handlers (bsc#1065600). - xfs: remove filestream item xfs_inode reference (bsc#1127961).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Workstation Extension 12-SP3:
zypper in -t patch SUSE-SLE-WE-12-SP3-2019-801=1
- SUSE Linux Enterprise Software Development Kit 12-SP3:
zypper in -t patch SUSE-SLE-SDK-12-SP3-2019-801=1
- SUSE Linux Enterprise Server 12-SP3:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-801=1
- SUSE Linux Enterprise Live Patching 12-SP3:
zypper in -t patch SUSE-SLE-Live-Patching-12-SP3-2019-801=1
- SUSE Linux Enterprise High Availability 12-SP3:
zypper in -t patch SUSE-SLE-HA-12-SP3-2019-801=1
- SUSE Linux Enterprise Desktop 12-SP3:
zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2019-801=1
- SUSE CaaS Platform ALL:
To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.
- SUSE CaaS Platform 3.0:
To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way.
Package List:
- SUSE Linux Enterprise Workstation Extension 12-SP3 (x86_64):
kernel-default-debuginfo-4.4.176-94.88.1 kernel-default-debugsource-4.4.176-94.88.1 kernel-default-extra-4.4.176-94.88.1 kernel-default-extra-debuginfo-4.4.176-94.88.1
- SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64):
kernel-obs-build-4.4.176-94.88.1 kernel-obs-build-debugsource-4.4.176-94.88.1
- SUSE Linux Enterprise Software Development Kit 12-SP3 (noarch):
kernel-docs-4.4.176-94.88.1
- SUSE Linux Enterprise Server 12-SP3 (aarch64 ppc64le s390x x86_64):
kernel-default-4.4.176-94.88.1 kernel-default-base-4.4.176-94.88.1 kernel-default-base-debuginfo-4.4.176-94.88.1 kernel-default-debuginfo-4.4.176-94.88.1 kernel-default-debugsource-4.4.176-94.88.1 kernel-default-devel-4.4.176-94.88.1 kernel-syms-4.4.176-94.88.1
- SUSE Linux Enterprise Server 12-SP3 (noarch):
kernel-devel-4.4.176-94.88.1 kernel-macros-4.4.176-94.88.1 kernel-source-4.4.176-94.88.1
- SUSE Linux Enterprise Server 12-SP3 (s390x):
kernel-default-man-4.4.176-94.88.1
- SUSE Linux Enterprise Live Patching 12-SP3 (ppc64le x86_64):
kgraft-patch-4_4_176-94_88-default-1-4.9.1 kgraft-patch-4_4_176-94_88-default-debuginfo-1-4.9.1
- SUSE Linux Enterprise High Availability 12-SP3 (ppc64le s390x x86_64):
cluster-md-kmp-default-4.4.176-94.88.1 cluster-md-kmp-default-debuginfo-4.4.176-94.88.1 dlm-kmp-default-4.4.176-94.88.1 dlm-kmp-default-debuginfo-4.4.176-94.88.1 gfs2-kmp-default-4.4.176-94.88.1 gfs2-kmp-default-debuginfo-4.4.176-94.88.1 kernel-default-debuginfo-4.4.176-94.88.1 kernel-default-debugsource-4.4.176-94.88.1 ocfs2-kmp-default-4.4.176-94.88.1 ocfs2-kmp-default-debuginfo-4.4.176-94.88.1
- SUSE Linux Enterprise Desktop 12-SP3 (noarch):
kernel-devel-4.4.176-94.88.1 kernel-macros-4.4.176-94.88.1 kernel-source-4.4.176-94.88.1
- SUSE Linux Enterprise Desktop 12-SP3 (x86_64):
kernel-default-4.4.176-94.88.1 kernel-default-debuginfo-4.4.176-94.88.1 kernel-default-debugsource-4.4.176-94.88.1 kernel-default-devel-4.4.176-94.88.1 kernel-default-extra-4.4.176-94.88.1 kernel-default-extra-debuginfo-4.4.176-94.88.1 kernel-syms-4.4.176-94.88.1
- SUSE CaaS Platform ALL (x86_64):
kernel-default-4.4.176-94.88.1 kernel-default-debuginfo-4.4.176-94.88.1 kernel-default-debugsource-4.4.176-94.88.1
- SUSE CaaS Platform 3.0 (x86_64):
kernel-default-4.4.176-94.88.1 kernel-default-debuginfo-4.4.176-94.88.1 kernel-default-debugsource-4.4.176-94.88.1
References:
https://www.suse.com/security/cve/CVE-2019-2024.html https://www.suse.com/security/cve/CVE-2019-9213.html https://bugzilla.suse.com/1012382 https://bugzilla.suse.com/1020413 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1070767 https://bugzilla.suse.com/1075697 https://bugzilla.suse.com/1082943 https://bugzilla.suse.com/1087092 https://bugzilla.suse.com/1090435 https://bugzilla.suse.com/1102959 https://bugzilla.suse.com/1103429 https://bugzilla.suse.com/1106929 https://bugzilla.suse.com/1109137 https://bugzilla.suse.com/1109248 https://bugzilla.suse.com/1119019 https://bugzilla.suse.com/1119843 https://bugzilla.suse.com/1120691 https://bugzilla.suse.com/1120902 https://bugzilla.suse.com/1121713 https://bugzilla.suse.com/1121805 https://bugzilla.suse.com/1124235 https://bugzilla.suse.com/1125315 https://bugzilla.suse.com/1125446 https://bugzilla.suse.com/1126389 https://bugzilla.suse.com/1126772 https://bugzilla.suse.com/1126773 https://bugzilla.suse.com/1126805 https://bugzilla.suse.com/1127082 https://bugzilla.suse.com/1127155 https://bugzilla.suse.com/1127561 https://bugzilla.suse.com/1127725 https://bugzilla.suse.com/1127731 https://bugzilla.suse.com/1127961 https://bugzilla.suse.com/1128166 https://bugzilla.suse.com/1128452 https://bugzilla.suse.com/1128565 https://bugzilla.suse.com/1128696 https://bugzilla.suse.com/1128756 https://bugzilla.suse.com/1128893 https://bugzilla.suse.com/1129080 https://bugzilla.suse.com/1129179 https://bugzilla.suse.com/1129237 https://bugzilla.suse.com/1129238 https://bugzilla.suse.com/1129239 https://bugzilla.suse.com/1129240 https://bugzilla.suse.com/1129241 https://bugzilla.suse.com/1129413 https://bugzilla.suse.com/1129414 https://bugzilla.suse.com/1129415 https://bugzilla.suse.com/1129416 https://bugzilla.suse.com/1129417 https://bugzilla.suse.com/1129418 https://bugzilla.suse.com/1129419 https://bugzilla.suse.com/1129581 https://bugzilla.suse.com/1129770 https://bugzilla.suse.com/1129923
_______________________________________________ sle-security-updates mailing list sle-security-updates@lists.suse.com http://lists.suse.com/mailman/listinfo/sle-security-updates
|
|
|
|