Security update for the Linux Kernel SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2018:2062-1 Final 1 1 2018-07-26T06:53:29Z current 2018-07-26T06:53:29Z 2018-07-26T06:53:29Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for the Linux Kernel The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2014-3688: The SCTP implementation allowed remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue (bsc#902351). The following non-security bugs were fixed: - ALSA: hda/ca0132: fix build failure when a local macro is defined (bsc#1045538). - ALSA: seq: Do not allow resizing pool in use (bsc#1045538). - Delete patches.fixes/0001-ipc-shm-Fix-shmat-mmap-nil-page-protection.patch (bsc# 1090078) - IB/mlx4: fix sprintf format warning (bnc#786036). - RDMA/mlx4: Discard unknown SQP work requests (bnc#786036). - USB: uss720: fix NULL-deref at probe (bnc#1047487). - bna: integer overflow bug in debugfs (bnc#780242). - e1000e: Ignore TSYNCRXCTL when getting I219 clock attributes (bug#923242). - e1000e: Undo e1000e_pm_freeze if __e1000_shutdown fails (bug#909495). - fix a leak in /proc/schedstats (bsc#1094876). - ixgbe: Initialize 64-bit stats seqcounts (bnc#795301). - mm: fix the NULL mapping case in __isolate_lru_page() (git-fixes). - module/retpoline: Warn about missing retpoline in module (bnc#1099177). - net/mlx4_core: Fix error handling in mlx4_init_port_info (bnc#786036). - net/mlx4_en: Change default QoS settings (bnc#786036 ). - net/mlx4_en: Use __force to fix a sparse warning in TX datapath (bug#925105). - netxen: fix incorrect loop counter decrement (bnc#784815). - powerpc: Machine check interrupt is a non-maskable interrupt (bsc#1094244). - s390/qdio: do not merge ERROR output buffers (bnc#1099709). - s390/qeth: do not dump control cmd twice (bnc#1099709). - s390/qeth: fix SETIP command handling (bnc#1099709). - s390/qeth: free netdevice when removing a card (bnc#1099709). - s390/qeth: lock read device while queueing next buffer (bnc#1099709). - s390/qeth: when thread completes, wake up all waiters (bnc#1099709). - sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089). - scsi: sg: mitigate read/write abuse (bsc#1101296). - tg3: do not clear stats while tg3_close (bnc#790588). - video/stifb: Return -ENOMEM after a failed kzalloc() in stifb_init_fb() (bnc#1099966). - vmxnet3: use correct flag to indicate LRO feature (bsc#936423). - x86-32/kaiser: Add CPL check for CR3 switch before iret (bsc#1098408). - x86-non-upstream-eager-fpu 32bit fix (bnc#1087086, bnc#1100091, bnc#1099598). - x86/cpu/bugs: Make retpoline module warning conditional (bnc#1099177). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sdksp4-kernel-source-13702,slessp4-kernel-source-13702,slexsp3-kernel-source-13702 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2018/suse-su-20182062-1/ Link for SUSE-SU-2018:2062-1 https://lists.suse.com/pipermail/sle-security-updates/2018-July/004309.html E-Mail link for SUSE-SU-2018:2062-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1045538 SUSE Bug 1045538 https://bugzilla.suse.com/1047487 SUSE Bug 1047487 https://bugzilla.suse.com/1087086 SUSE Bug 1087086 https://bugzilla.suse.com/1090078 SUSE Bug 1090078 https://bugzilla.suse.com/1094244 SUSE Bug 1094244 https://bugzilla.suse.com/1094876 SUSE Bug 1094876 https://bugzilla.suse.com/1098408 SUSE Bug 1098408 https://bugzilla.suse.com/1099177 SUSE Bug 1099177 https://bugzilla.suse.com/1099598 SUSE Bug 1099598 https://bugzilla.suse.com/1099709 SUSE Bug 1099709 https://bugzilla.suse.com/1099966 SUSE Bug 1099966 https://bugzilla.suse.com/1100089 SUSE Bug 1100089 https://bugzilla.suse.com/1100091 SUSE Bug 1100091 https://bugzilla.suse.com/1101296 SUSE Bug 1101296 https://bugzilla.suse.com/780242 SUSE Bug 780242 https://bugzilla.suse.com/784815 SUSE Bug 784815 https://bugzilla.suse.com/786036 SUSE Bug 786036 https://bugzilla.suse.com/790588 SUSE Bug 790588 https://bugzilla.suse.com/795301 SUSE Bug 795301 https://bugzilla.suse.com/902351 SUSE Bug 902351 https://bugzilla.suse.com/909495 SUSE Bug 909495 https://bugzilla.suse.com/923242 SUSE Bug 923242 https://bugzilla.suse.com/925105 SUSE Bug 925105 https://bugzilla.suse.com/936423 SUSE Bug 936423 https://www.suse.com/security/cve/CVE-2014-3688/ SUSE CVE CVE-2014-3688 page SUSE Linux Enterprise Server 11 SP4 SUSE Linux Enterprise Server for SAP Applications 11 SP4 SUSE Linux Enterprise Software Development Kit 11 SP4 kernel-docs-3.0.101-108.60.1 kernel-bigmem-3.0.101-108.60.1 kernel-bigmem-base-3.0.101-108.60.1 kernel-bigmem-devel-3.0.101-108.60.1 kernel-default-3.0.101-108.60.1 kernel-default-base-3.0.101-108.60.1 kernel-default-devel-3.0.101-108.60.1 kernel-default-man-3.0.101-108.60.1 kernel-ec2-3.0.101-108.60.1 kernel-ec2-base-3.0.101-108.60.1 kernel-ec2-devel-3.0.101-108.60.1 kernel-pae-3.0.101-108.60.1 kernel-pae-base-3.0.101-108.60.1 kernel-pae-devel-3.0.101-108.60.1 kernel-ppc64-3.0.101-108.60.1 kernel-ppc64-base-3.0.101-108.60.1 kernel-ppc64-devel-3.0.101-108.60.1 kernel-source-3.0.101-108.60.1 kernel-syms-3.0.101-108.60.1 kernel-trace-3.0.101-108.60.1 kernel-trace-base-3.0.101-108.60.1 kernel-trace-devel-3.0.101-108.60.1 kernel-xen-3.0.101-108.60.1 kernel-xen-base-3.0.101-108.60.1 kernel-xen-devel-3.0.101-108.60.1 kernel-bigmem-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-bigmem-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-bigmem-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-default-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-default-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-default-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-default-man-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ec2-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ec2-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ec2-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-pae-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-pae-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-pae-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ppc64-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ppc64-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-ppc64-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-source-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-syms-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-trace-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-trace-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-trace-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-xen-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-xen-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-xen-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server 11 SP4 kernel-bigmem-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-bigmem-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-bigmem-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-default-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-default-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-default-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-default-man-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ec2-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ec2-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ec2-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-pae-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-pae-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-pae-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ppc64-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ppc64-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-ppc64-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-source-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-syms-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-trace-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-trace-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-trace-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-xen-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-xen-base-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-xen-devel-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Server for SAP Applications 11 SP4 kernel-docs-3.0.101-108.60.1 as a component of SUSE Linux Enterprise Software Development Kit 11 SP4 The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c. CVE-2014-3688 SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.60.1 SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.60.1 SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.60.1 SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.60.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2018/suse-su-20182062-1/ https://www.suse.com/security/cve/CVE-2014-3688.html CVE-2014-3688 https://bugzilla.suse.com/902351 SUSE Bug 902351