Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

SUSE: 2018:3923-1 Moderate: dpdk Memory Corruption Issue

suse
Calendar Grey November 27, 2018
Dist Suse Esm H88
SUSE Security Update 2021:4523-2 for kernel addresses a critical vulnerability related to denial of service and privilege escalation.
An update that solves one vulnerability and has three fixes is now available

Summary

This update for dpdk to version 16.11.8 provides the following security fix: - CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host application (ovs-dpdk) memory which could have lead all VM to lose connectivity (bsc#1089638) and following non-security fixes: - Enable the broadcom chipset family Broadcom NetXtreme II BCM57810 (bsc#1073363) - Fix a latency problem by using cond_resched rather than schedule_timeout_interruptible (bsc#1069601) - Fix a syntax error affecting csh environment configuration (bsc#1102310) - Fixes in net/bnxt: * Fix HW Tx checksum offload check * Fix incorrect IO address handling in Tx * Fix Rx ring count limitation * Check access denied for HWRM commands * Fix RETA size * Fix close operation - Fixes in eal/linux: * Fix an invalid syntax in interrupts

References

#1069601 #1073363 #1089638 #1102310

Cross- CVE-2018-1059

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP3

SUSE Linux Enterprise Server 12-SP3

https://www.suse.com/security/cve/CVE-2018-1059.html

https://bugzilla.suse.com/1069601

https://bugzilla.suse.com/1073363

https://bugzilla.suse.com/1089638

https://bugzilla.suse.com/1102310

Announcement ID: SUSE-SU-2018:3923-1
Rating: moderate

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.