Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2017:2131-1 Final 1 1 2017-08-11T00:30:49Z current 2017-08-11T00:30:49Z 2017-08-11T00:30:49Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 12 SP2 kernel was updated to 4.4.74 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000111: fix race condition in net-packet code that could be exploited to cause out-of-bounds memory access (bsc#1052365). - CVE-2017-1000112: fix race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bsc#1052311). The following non-security bugs were fixed: - powerpc/numa: fix regression that could cause kernel panics during installation (bsc#1048914). - bcache: force trigger gc (bsc#1038078). - bcache: only recovery I/O error for writethrough mode (bsc#1043652). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-CAASP-ALL-2017-1319,SUSE-OpenStack-Cloud-Magnum-Orchestration-7-2017-1319,SUSE-SLE-DESKTOP-12-SP2-2017-1319,SUSE-SLE-HA-12-SP2-2017-1319,SUSE-SLE-Live-Patching-12-2017-1319,SUSE-SLE-RPI-12-SP2-2017-1319,SUSE-SLE-SDK-12-SP2-2017-1319,SUSE-SLE-SERVER-12-SP2-2017-1319,SUSE-SLE-WE-12-SP2-2017-1319 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2017/suse-su-20172131-1/ Link for SUSE-SU-2017:2131-1 https://lists.suse.com/pipermail/sle-security-updates/2017-August/003129.html E-Mail link for SUSE-SU-2017:2131-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1038078 SUSE Bug 1038078 https://bugzilla.suse.com/1043652 SUSE Bug 1043652 https://bugzilla.suse.com/1048914 SUSE Bug 1048914 https://bugzilla.suse.com/1052311 SUSE Bug 1052311 https://bugzilla.suse.com/1052365 SUSE Bug 1052365 https://www.suse.com/security/cve/CVE-2017-1000111/ SUSE CVE CVE-2017-1000111 page https://www.suse.com/security/cve/CVE-2017-1000112/ SUSE CVE CVE-2017-1000112 page SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise High Availability Extension 12 SP2 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 SUSE Linux Enterprise Server for SAP Applications 12 SP2 SUSE Linux Enterprise Software Development Kit 12 SP2 SUSE Linux Enterprise Workstation Extension 12 SP2 kernel-default-4.4.74-92.35.1 kernel-default-devel-4.4.74-92.35.1 kernel-default-extra-4.4.74-92.35.1 kernel-devel-4.4.74-92.35.1 kernel-macros-4.4.74-92.35.1 kernel-source-4.4.74-92.35.1 kernel-syms-4.4.74-92.35.1 cluster-md-kmp-default-4.4.74-92.35.1 cluster-network-kmp-default-4.4.74-92.35.1 dlm-kmp-default-4.4.74-92.35.1 gfs2-kmp-default-4.4.74-92.35.1 ocfs2-kmp-default-4.4.74-92.35.1 kgraft-patch-4_4_74-92_35-default-1-2.1 kernel-default-base-4.4.74-92.35.1 kernel-docs-4.4.74-92.35.3 kernel-obs-build-4.4.74-92.35.1 kernel-default-man-4.4.74-92.35.1 kernel-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 kernel-default-devel-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 kernel-default-extra-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 kernel-devel-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 kernel-macros-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 kernel-source-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 kernel-syms-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Desktop 12 SP2 cluster-md-kmp-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 cluster-network-kmp-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 dlm-kmp-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 gfs2-kmp-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 ocfs2-kmp-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise High Availability Extension 12 SP2 kgraft-patch-4_4_74-92_35-default-1-2.1 as a component of SUSE Linux Enterprise Live Patching 12 kernel-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server 12 SP2 kernel-default-base-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server 12 SP2 kernel-default-devel-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server 12 SP2 kernel-default-man-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server 12 SP2 kernel-devel-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server 12 SP2 kernel-macros-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server 12 SP2 kernel-source-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server 12 SP2 kernel-syms-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server 12 SP2 kernel-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 kernel-default-base-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 kernel-default-devel-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 kernel-devel-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 kernel-macros-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 kernel-source-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 kernel-syms-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 kernel-default-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-default-base-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-default-devel-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-default-man-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-devel-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-macros-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-source-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-syms-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP2 kernel-docs-4.4.74-92.35.3 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 kernel-obs-build-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Software Development Kit 12 SP2 kernel-default-extra-4.4.74-92.35.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP2 Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW. CVE-2017-1000111 SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_74-92_35-default-1-2.1 SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.74-92.35.1 SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.74-92.35.3 SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.74-92.35.1 SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.74-92.35.1 important 6.2 AV:L/AC:H/Au:N/C:C/I:C/A:C 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20172131-1/ https://www.suse.com/security/cve/CVE-2017-1000111.html CVE-2017-1000111 https://bugzilla.suse.com/1052365 SUSE Bug 1052365 https://bugzilla.suse.com/1052367 SUSE Bug 1052367 Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb->len becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev->len - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 ("[IPv4/IPv6]: UFO Scatter-gather approach") on Oct 18 2005. CVE-2017-1000112 SUSE Linux Enterprise Desktop 12 SP2:kernel-default-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-default-devel-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-default-extra-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-devel-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-macros-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-source-4.4.74-92.35.1 SUSE Linux Enterprise Desktop 12 SP2:kernel-syms-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-md-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:cluster-network-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:dlm-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:gfs2-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise High Availability Extension 12 SP2:ocfs2-kmp-default-4.4.74-92.35.1 SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_74-92_35-default-1-2.1 SUSE Linux Enterprise Server 12 SP2:kernel-default-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-default-base-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-default-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-default-man-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-macros-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-source-4.4.74-92.35.1 SUSE Linux Enterprise Server 12 SP2:kernel-syms-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-base-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-default-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-macros-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-source-4.4.74-92.35.1 SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:kernel-syms-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-base-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-default-man-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-devel-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-macros-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-source-4.4.74-92.35.1 SUSE Linux Enterprise Server for SAP Applications 12 SP2:kernel-syms-4.4.74-92.35.1 SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-docs-4.4.74-92.35.3 SUSE Linux Enterprise Software Development Kit 12 SP2:kernel-obs-build-4.4.74-92.35.1 SUSE Linux Enterprise Workstation Extension 12 SP2:kernel-default-extra-4.4.74-92.35.1 important 6.2 AV:L/AC:H/Au:N/C:C/I:C/A:C 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2017/suse-su-20172131-1/ https://www.suse.com/security/cve/CVE-2017-1000112.html CVE-2017-1000112 https://bugzilla.suse.com/1052311 SUSE Bug 1052311 https://bugzilla.suse.com/1052365 SUSE Bug 1052365 https://bugzilla.suse.com/1052368 SUSE Bug 1052368 https://bugzilla.suse.com/1072117 SUSE Bug 1072117 https://bugzilla.suse.com/1072162 SUSE Bug 1072162 https://bugzilla.suse.com/1115893 SUSE Bug 1115893