Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

openSUSE 42.3: 2018:2118-1 Important: Kernel Security Issues Resolved

opensuse
Calendar Grey July 28, 2018
Dist Opensuse Esm H88
Security patch released for openSUSE kernel addresses four critical vulnerabilities, providing significant enhancements and fixes for users.
An update that solves four vulnerabilities and has 44 fixes is now available.

Description

The openSUSE 42.3 was updated to 4.4.140 to receive various security and

bugfixes.

The following security bugs were fixed:

- CVE-2018-13053: The alarm_timer_nsleep function had an integer overflow

via a large relative timeout because ktime_add_safe was not used

(bnc#1099924).

- CVE-2018-9385: Prevent overread of the "driver_override" buffer

(bsc#1100491).

- CVE-2018-13405: The inode_init_owner function allowed local users to

create files with an unintended group ownership allowing attackers to

escalate privileges by making a plain file executable and SGID

(bnc#1100416).

- CVE-2018-13406: An integer overflow in the uvesafb_setcmap function

could have result in local attackers being able to crash the kernel or

potentially elevate privileges because kmalloc_array is not used

(bnc#1100418).

The following non-security bugs were fixed:

- 1wire: family module autoload fails because of upper/lower case mismatch

...

Read the Full Advisory

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 42.3:

zypper in -t patch openSUSE-2018-764=1

Package List

- openSUSE Leap 42.3 (noarch):

kernel-devel-4.4.140-62.2

kernel-docs-4.4.140-62.2

kernel-docs-html-4.4.140-62.2

kernel-docs-pdf-4.4.140-62.2

kernel-macros-4.4.140-62.2

kernel-source-4.4.140-62.2

kernel-source-vanilla-4.4.140-62.2

- openSUSE Leap 42.3 (x86_64):

kernel-debug-4.4.140-62.2

kernel-debug-base-4.4.140-62.2

kernel-debug-base-debuginfo-4.4.140-62.2

kernel-debug-debuginfo-4.4.140-62.2

kernel-debug-debugsource-4.4.140-62.2

kernel-debug-devel-4.4.140-62.2

kernel-debug-devel-debuginfo-4.4.140-62.2

kernel-default-4.4.140-62.2

kernel-default-base-4.4.140-62.2

kernel-default-base-debuginfo-4.4.140-62.2

kernel-default-debuginfo-4.4.140-62.2

kernel-default-debugsource-4.4.140-62.2

kernel-default-devel-4.4.140-62.2

kernel-obs-build-4.4.140-62.3

kernel-obs-build-debugsource-4.4.140-62.3

kernel-obs-qa-4.4.140-62.1

kernel-syms-4.4.140-62.1

kernel-vanilla-4.4.140-62.2

kernel-vanilla-base-4.4.140-62.2

kernel-vanilla-base-debuginfo-4.4.140-62.2

kernel-vanilla-debuginfo-4.4.140-62.2

kernel-vanilla-debugsource-4.4.140-62.2

ke...

Read the Full Advisory

References

https://www.suse.com/security/cve/CVE-2018-13053.html

https://www.suse.com/security/cve/CVE-2018-13405.html

https://www.suse.com/security/cve/CVE-2018-13406.html

https://www.suse.com/security/cve/CVE-2018-9385.html

https://bugzilla.suse.com/1012382

https://bugzilla.suse.com/1064232

https://bugzilla.suse.com/1075876

https://bugzilla.suse.com/1076110

https://bugzilla.suse.com/1085185

https://bugzilla.suse.com/1085657

https://bugzilla.suse.com/1089525

https://bugzilla.suse.com/1090435

https://bugzilla.suse.com/1090888

https://bugzilla.suse.com/1091171

https://bugzilla.suse.com/1092207

https://bugzilla.suse.com/1094244

https://bugzilla.suse.com/1094248

https://bugzilla.suse.com/1094643

https://bugzilla.suse.com/1095453

https://bugzilla.suse.com/1096790

https://bugzilla.suse.com/1097034

https://bugzilla.suse.com/1097140

https://bugzilla.suse.com/1097492

https://bugzilla.suse.com/1097501

https://bugzilla.suse.com/1097551

https://bugzilla.suse.com/1097808

https://bugzilla.suse.com/1097931

https://bugzilla.suse.com/1097...

Read the Full Advisory

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2018:2118-1
Rating: important
Affected Products: openSUSE Leap 42.3 le.

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here