SUSE Security Update: Security update for the Linux Kernel
______________________________________________________________________________
Announcement ID: SUSE-SU-2018:3100-1
Rating: important
References: #1108399 #1109967
Cross-References: CVE-2018-17182
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-EXTRA
SUSE Linux Enterprise Debuginfo 11-SP4
______________________________________________________________________________
An update that solves one vulnerability and has one errata
is now available.
Description:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various
security and bugfixes.
The following security bugs were fixed:
- CVE-2018-17182: An issue was discovered in the Linux kernel The
vmacache_flush_all function in mm/vmacache.c mishandled sequence number
overflows. An attacker can trigger a use-after-free (and possibly gain
privileges) via certain thread creation, map, unmap, invalidation, and
dereference operations (bnc#1108399).
The following non-security bugs were fixed:
- x86/fpu: Do not do __thread_fpu_end() if use_eager_fpu() (bnc#1109967).
Special Instructions and Notes:
Please reboot the system after installing this update.
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- SUSE Linux Enterprise Software Development Kit 11-SP4:
zypper in -t patch sdksp4-kernel-20181003-13812=1
- SUSE Linux Enterprise Server 11-SP4:
zypper in -t patch slessp4-kernel-20181003-13812=1
- SUSE Linux Enterprise Server 11-EXTRA:
zypper in -t patch slexsp3-kernel-20181003-13812=1
- SUSE Linux Enterprise Debuginfo 11-SP4:
zypper in -t patch dbgsp4-kernel-20181003-13812=1
Package List:
- SUSE Linux Enterprise Software Development Kit 11-SP4 (noarch):
kernel-docs-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-SP4 (i586 ia64 ppc64 s390x x86_64):
kernel-default-3.0.101-108.77.1
kernel-default-base-3.0.101-108.77.1
kernel-default-devel-3.0.101-108.77.1
kernel-source-3.0.101-108.77.1
kernel-syms-3.0.101-108.77.1
kernel-trace-3.0.101-108.77.1
kernel-trace-base-3.0.101-108.77.1
kernel-trace-devel-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-SP4 (i586 x86_64):
kernel-ec2-3.0.101-108.77.1
kernel-ec2-base-3.0.101-108.77.1
kernel-ec2-devel-3.0.101-108.77.1
kernel-xen-3.0.101-108.77.1
kernel-xen-base-3.0.101-108.77.1
kernel-xen-devel-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-SP4 (ppc64):
kernel-bigmem-3.0.101-108.77.1
kernel-bigmem-base-3.0.101-108.77.1
kernel-bigmem-devel-3.0.101-108.77.1
kernel-ppc64-3.0.101-108.77.1
kernel-ppc64-base-3.0.101-108.77.1
kernel-ppc64-devel-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-SP4 (s390x):
kernel-default-man-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-SP4 (i586):
kernel-pae-3.0.101-108.77.1
kernel-pae-base-3.0.101-108.77.1
kernel-pae-devel-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-EXTRA (i586 ia64 ppc64 s390x x86_64):
kernel-default-extra-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-EXTRA (i586 x86_64):
kernel-xen-extra-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-EXTRA (x86_64):
kernel-trace-extra-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-EXTRA (ppc64):
kernel-ppc64-extra-3.0.101-108.77.1
- SUSE Linux Enterprise Server 11-EXTRA (i586):
kernel-pae-extra-3.0.101-108.77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64):
kernel-default-debuginfo-3.0.101-108.77.1
kernel-default-debugsource-3.0.101-108.77.1
kernel-trace-debuginfo-3.0.101-108.77.1
kernel-trace-debugsource-3.0.101-108.77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 s390x x86_64):
kernel-default-devel-debuginfo-3.0.101-108.77.1
kernel-trace-devel-debuginfo-3.0.101-108.77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586 x86_64):
kernel-ec2-debuginfo-3.0.101-108.77.1
kernel-ec2-debugsource-3.0.101-108.77.1
kernel-xen-debuginfo-3.0.101-108.77.1
kernel-xen-debugsource-3.0.101-108.77.1
kernel-xen-devel-debuginfo-3.0.101-108.77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (ppc64):
kernel-bigmem-debuginfo-3.0.101-108.77.1
kernel-bigmem-debugsource-3.0.101-108.77.1
kernel-ppc64-debuginfo-3.0.101-108.77.1
kernel-ppc64-debugsource-3.0.101-108.77.1
- SUSE Linux Enterprise Debuginfo 11-SP4 (i586):
kernel-pae-debuginfo-3.0.101-108.77.1
kernel-pae-debugsource-3.0.101-108.77.1
kernel-pae-devel-debuginfo-3.0.101-108.77.1
References:
https://www.suse.com/security/cve/CVE-2018-17182.html
https://bugzilla.suse.com/1108399
https://bugzilla.suse.com/1109967
_______________________________________________
sle-security-updates mailing list
sle-security-updates@lists.suse.com
http://lists.suse.com/mailman/listinfo/sle-security-updates
SUSE: 2018:3100-1 important: the Linux Kernel
October 11, 2018
An update that solves one vulnerability and has one errata is now available
Summary
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-17182: An issue was discovered in the Linux kernel The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399). The following non-security bugs were fixed: - x86/fpu: Do not do __thread_fpu_end() if use_eager_fpu() (bnc#1109967).
References
#1108399 #1109967
Cross- CVE-2018-17182
Affected Products:
SUSE Linux Enterprise Software Development Kit 11-SP4
SUSE Linux Enterprise Server 11-SP4
SUSE Linux Enterprise Server 11-EXTRA
SUSE Linux Enterprise Debuginfo 11-SP4
https://www.suse.com/security/cve/CVE-2018-17182.html
https://bugzilla.suse.com/1108399
https://bugzilla.suse.com/1109967
Severity
Announcement ID: SUSE-SU-2018:3100-1
Rating: important
News
HOWTOs
Features
About Us
Powered By
